Vercel just got breached through a random AI productivity tool one employee installed. Context.ai got compromised first, the attacker rode its Google Workspace OAuth scopes into Vercel’s internal systems, and walked out with every environment variable not marked “sensitive.” A threat actor using the ShinyHunters name is selling the data for $2 million.
The attack vector wasn’t Vercel’s code. It was a third-party AI chat tool with broad OAuth permissions. If you deploy on Vercel, check your env vars now.
In today’s indie hacker news:
- Vercel breached through Context.ai OAuth, non-sensitive env vars exposed
- Gemini surfaced a $292M crypto hack, then called itself a liar
- DDR5 prices 7x’d in six months, relief not until 2030
- 78K tech jobs cut in Q1, CFOs project 9x AI-layoff wave
- llama.cpp merged a free 2.7x coding speedup
TOP STORIES
YOUR AI TOOL IS THE BACKDOOR
Vercel breached through Context.ai, non-sensitive env vars exposed, $2M ransom demanded
The story: An attacker compromised Context.ai, a third-party AI productivity tool used by a Vercel employee. They pivoted through its Google Workspace OAuth access into Vercel’s internal systems and accessed every env var not marked “sensitive.” Those are stored unencrypted at rest.
@rauchg confirmed on X: “We do have a capability to designate environment variables as ‘non-sensitive.’ Unfortunately, the attacker got further access through their enumeration.”
The details:
- 580 employee records leaked: names, emails, account status, timestamps
- $2M ransom demanded by threat actor claiming ShinyHunters affiliation. Real ShinyHunters denied involvement.
- Crypto developers scrambling. Many store RPC and wallet signing keys as non-sensitive Vercel env vars.
- Next.js, Turbopack, and all open-source projects confirmed safe
Why builders care: The default for most Vercel developers is “non-sensitive,” stored unencrypted at rest. Rotate anything that’s actually a secret. Bigger picture: every AI tool you grant Google Workspace OAuth to is an attack surface for your entire deployment stack.
Work from any WiFi like it's your home network. NordVPN's Meshnet runs a free private mesh between your laptop, dev box, and home server. SSH from a café without exposing a port, the way you'd use Tailscale. The paid VPN on top lets you test geo-fenced Stripe checkouts or feature flags from any country.
We get a cut if you sign up. Only added for tools we use ourselves.
AI GASLIT ITSELF
Gemini surfaced a $292M crypto hack before the news indexed it, then retracted it as a hallucination
The story: A user asked Gemini about a suspicious AAVE price drop. Gemini said everything was fine, then mid-conversation flipped to “EMERGENCY CORRECTION” citing a breaking $280M KelpDAO exploit. The user couldn’t find it anywhere. Under pushback, Gemini retracted, calling it a “massive AI hallucination.” Then it reversed again: the exploit was real. KelpDAO’s rsETH bridge had been drained of $292M on April 18 (largest DeFi exploit of 2026), ZachXBT posted to Telegram first, and mainstream coverage hadn’t indexed yet.
The details:
- Attacker forged a LayerZero cross-chain message to release rsETH without collateral
- 46-minute emergency multisig freeze. ~$236M bad debt across Aave, Compound, and Euler.
- Full chat log is public: g.co/gemini/share/0cb9f054ca58
- Community calls it “preference collapse under user pressure,” an RLHF failure mode where the model treats disagreement as proof it was wrong
Why builders care: AI with real-time search can surface information from channels Google hasn’t indexed (Telegram, Discord, forums). But it’ll retract correct answers under pushback. Never treat a retraction as proof the original was wrong. The retraction is social behavior, not a factual update.
AI ATE YOUR RAM
DDR5 prices 7x’d in six months. SK Hynix’s chairman says relief by 2030.
The story: DDR5 32GB kits went from ~$80 in July 2025 to $350-600 by January 2026. Memory makers will meet only 60% of DRAM demand through 2027. New fabs are being built, but almost all target high-bandwidth memory for AI datacenters, not consumer DRAM.
SK Group Chairman Chey Tae-won at Nvidia GTC: “The current shortage could continue until 2030. We need at least four to five years to build up more wafers.”
The details:
- Production needs 12% annual growth to close the gap. Only 7.5% is planned.
- Memory is now 40% of low-end smartphone costs, up from 20%
- Top 8 hyperscalers projecting $600B+ capex in 2026, up 40% YoY, driving HBM demand over consumer DRAM
Why builders care: Every HBM wafer for a datacenter is one fewer DDR5 stick for your workstation. Bootstrapped founders running local AI setups are squeezed hardest. Counterpoint says Q4 2027 is the earliest price inflection.
THE AI WASHING MACHINE
78,557 tech jobs gone in Q1. CFOs privately project a 9x AI-layoff wave.
The story: 78,557 tech workers were laid off in Q1 2026, per RationalFX data compiled by Nikkei Asia. 47.9% of cuts attributed to AI and automation. That’s a 136% increase over Q1 2025. Roles going fastest: QA testing (Atlassian says AI cut manual testing need by 60%), Tier 1 support, content moderation, data annotation.
Sam Altman: “There’s some AI washing where people are blaming AI for layoffs they would otherwise do.”
The details:
- Oracle: 25,000 cuts. Amazon: 16,000. Meta: 2,400.
- Duke CFO Survey (~750 CFOs): AI-attributed layoffs projected to grow 9x, from 55K in 2025 to ~502K in 2026
- Same survey found a “productivity paradox.” CFO expectations of AI gains exceed actual results. Many cuts are preemptive bets. Why builders care: 78,000 ex-tech-workers are potential indie hacker converts and talent supply for small teams. The CFO signal: enterprise spend is shifting toward AI tooling. That’s the market to build for.
FREE SPEED HACK
llama.cpp merged speculative checkpointing. 2.7x faster coding, no draft model needed.
The story: PR #19493 merged into llama.cpp on April 19. It adds speculative decoding using n-gram predictions from the prompt’s own text. No draft model. No extra VRAM. Just CLI flags. Author benchmarked Qwen3-Coder-Next: 72.4% draft acceptance rate, eval time dropped from 10.38 to 3.74 ms/token. Roughly 2.7x faster on coding tasks.
The details:
- Flags:
--spec-type ngram-mod --spec-ngram-size-n 24 --draft-min 48 --draft-max 64 - Community reports 0-50% speedup depending on code repetitiveness
- Runs on 6GB VRAM consumer GPUs with quantized Qwen3.6-35B
Why builders care: Free speed for local coding assistants. Code has repetitive n-gram patterns (variable names, boilerplate), exactly what this optimizes for. Flip it on today.
TRENDING TODAY
🔥 Vibe-coding backlash, round two. r/microsaas (264 ups): “Why would you pay $49/mo for a polished SaaS when you can spend $500/day building one yourself?” r/artificial (201 ups): “Reality of SaaS: The End of Software.” A former Base44/Lovable user posted they’re “preying on the uneducated.” The consensus forming: vibe coding works for the first 80%, but the last 20% still needs engineering. We covered the first wave in Edition #14. This is the economic reframe.
🔓 Open-source AI goes mainstream. WSJ’s editorial board published “To Beat China, Embrace Open-Source AI,” framing it as a national security imperative. Meanwhile on r/LocalLLaMA (245 ups), developers are documenting their switch from Opus 4.7 to Qwen-35B-A3B: Opus as architect, Qwen as implementation engine, cutting API costs 30x. We covered Qwen benchmarks in Edition #16. This is the behavioral shift.
FIRST DOLLAR
SLOW START, FAST LOOP
u/baskaro23 crossed $300 MRR with an SEO content automation SaaS, one month after launch. Growth came from content writing, outbound, and word-of-mouth referrals after dogfooding. They won’t name the product (fears mod removal for self-promotion). Community’s top comment: “The organic referral loop you’ve built is more valuable than the $300 MRR itself.” 97% upvote ratio and 112 comments on r/SaaS.
WEEK ONE, SEVENTEEN BUCKS
u/Jonathan_Geiger launched PostPeer, a unified social media API for developers. One API endpoint to post and schedule across X, Instagram, YouTube, TikTok, Threads, Pinterest, LinkedIn, and Bluesky. $17 MRR, 36 users, 1 week since quiet launch. TrustMRR-verified. Handles OAuth, token refresh, and platform approvals so you don’t have to.
STACK OF THE DAY
🛠️ Agentjail. Self-hosted alternative to Freestyle.sh. Open-source platform for deploying web apps, MIT license, free. If you want your own deployment platform without vendor lock-in, spin this up on your own server.
Not sponsored. We just feature tools builders would actually use.
BOOKMARKED TODAY
📊 Claude Token Counter, now with model comparisons. Simon Willison built a tool for comparing token costs across Claude models. Bookmark it if you’re optimizing API spend.
🎨 TRELLIS.2 image-to-3D on Mac Silicon. Image-to-3D generation running natively on Apple Silicon. No Nvidia GPU needed. Open-source. 85 HN points.
🔒 Claude Desktop installs undocumented browser extensions. Privacy analysis of what Chrome extensions Claude Desktop quietly installs. Worth reading if you run it.
Curated by AI, built by a human.