Leonard

Fwiw, I am impressed with how Vercel has handled this incident so far. They’re taking it seriously. Notifying affected parties within minutes of identification. Being realistic about what they do and don’t know. They’re clearly more worried about their customers than their reputation right now and I have a lot of respect for that.

Here's my update to the broader community about the ongoing incident investigation. I want to give you the rundown of the situation directly. A Vercel employee got compromised via the breach of an AI platform customer called Context.ai that he was using. The details are being fully investigated. Through a series of maneuvers that escalated from our colleague’s compromised Vercel Google Workspace account, the attacker got further access to Vercel environments. Vercel stores all customer environment variables fully encrypted at rest. We have numerous defense-in-depth mechanisms to protect core systems and customer data. We do have a capability however to designate environment variables as “non-sensitive”. Unfortunately, the attacker got further access through their enumeration. We believe the attacking group to be highly sophisticated and, I strongly suspect, significantly accelerated by AI. They moved with surprising velocity and in-depth understanding of Vercel. At the moment, we believe the number of customers with security impact to be quite limited. We’ve reached out with utmost priority to the ones we have concerns about. All of our focus right now is on investigation, communication to customers, enhancement of security measures, and sanitization of our environments. We’ve deployed extensive protection measures and monitoring. We’ve analyzed our supply chain, ensuring Next.js, Turbopack, and our many open source projects remain safe for our community. The recommendation for all Vercel customers is to follow the Security Bulletin closely (vercel.com/kb/bulletin/ve…). My advice to everyone is to follow the best practices of security response: secret rotation, monitoring access to your Vercel environments and linked services, and ensuring the proper use of the sensitive env variables feature. In response to this, and to aid in the improvement of all of our customers’ security postures, we’ve already rolled out new capabilities in the dashboard, including an overview page of environment variables, and a better user interface for sensitive env var creation and management. As always, I’m totally open to your feedback. We’re working with elite cybersecurity firms, industry peers, and law enforcement. We’ve reached out to Context to assist in understanding the full scale of the incident, in an effort to protect other organizations and the broader internet. I also want to thank the Google Mandiant team for their active engagement and assistance. It’s my mission to turn this attack into the most formidable security response imaginable. It’s always been a top priority for me. Vercel employs some of the most dedicated security researchers and security-minded engineers in the world. I commit to keeping you updated and rolling out extensive improvements and defenses so you, our customers and community, can have the peace of mind that Vercel always has your back.

The right move is straightforward: - rotate every env var and secret in the dashboard rn - regenerate connected GitHub tokens - check old build logs for cached values and - revoke any exposed API keys for external services. It’s essential hygiene, especially when running agentic setups that depend on persistent credentials.

@everestchris6 POOL

this OpenClaw bot finds $500k–$1.2M homes without pools, renders a pool into their backyard, and mails the owner a postcard showing the before/after, on autopilot... here's how pool builders can close $50k+ deals with this system: - scans satellite imagery for mid-market homes with empty backyards - filters by lot size, sun exposure & recent ownership change - pulls the homeowner direct from public records (not shared leads) - renders a luxury pool dropped into their actual yard - calculates build cost + home value lift for their specific zip - generates a cinematic video of their backyard with the new pool - prints a personalised postcard with the before/after + QR code - drops it in the mail + hits them with retargeting every step from sourcing to outreach is automated. reply "POOL" + RT and i'll send you the full breakdown so you can build this too (must be following so i can DM)

@drixares XD

J'ai lâché twitter aujourd'hui, je reviens dessus à 20h30 et je vois une codex security, claude marketplace et shadcn cli/v4. Peut-être que je pleure sur le poulet on sait pas

OpenAI released GPT-5.4 today. If you don't have access yet (still rolling out), you can test it right now on agentlab.cloud We integrated it day one. 🚀

@adityaxcodes Typescript

Pick ONE for the next 5 years 👇 A) JavaScript B) Python C) Java

@siezziee Grok

you have to delete one forever, which one is it?

@benln day 4 asking to have a Cafe Cursor in Paris

@Robert_Watkin_ 6

As a developer... How many coffees do you drink per day on average? 🤔 For me, it's between 3-6

@chesscom chess

everyone who replies "chess" will be in our new twitter header next week

@Om_Codes_ hi

Twitter is cool. But it’s 100x better when you connect with people who code daily If you’re into tech, AI, DSA, Web development, Web3 or programming, say hi

@ArbaaSaddam @X Hey, Full stack and AI dev here Lets connect

Hey @X 👋 I’m looking to #connect with people who are into: ✅ DSA 💻 Leetcode / CP 🎨 Frontend 💼 Backend ✨ Full Stack 🧑‍💻 DevOps 🧠 AI/ML 🧱 Web3 📊 Data Science 💸 Freelancing 🐍 Python 🫂 Networking 🏆 Product 🔨 Startups Let’s build, learn & grow together #LetsConnect

@Gosleepriya Taxes

What does your country famous for?

@_devJNS My own product

A full-time role where you earn $10k/month or your own product where you earn $5k/month which one are you going for?

What are you working on rn?

Try it making your own portfolio for free at linkfolio.net

The prompt VS the result Thank you @ryolu_ for the inspiration 😊

@CodeByNZ Swap Grok for Gemini and we are aligned And I think copilot should get the hell out of here

can we all agree?