We’ve iden­ti­fied a se­cu­rity in­ci­dent that in­volved unau­tho­rized ac­cess to cer­tain in­ter­nal Vercel sys­tems. We are ac­tively in­ves­ti­gat­ing, and we have en­gaged in­ci­dent re­sponse ex­perts to help in­ves­ti­gate and re­me­di­ate. We have no­ti­fied law en­force­ment and will up­date this page as the in­ves­ti­ga­tion pro­gresses.

At this time, we have iden­ti­fied a lim­ited sub­set of cus­tomers that were im­pacted and are en­gag­ing with them di­rectly.

Our ser­vices re­main op­er­a­tional, and we will con­tinue to up­date this page with new in­for­ma­tion.

We are tak­ing ac­tions to pro­tect Vercel sys­tems and cus­tomers.

Our in­ves­ti­ga­tion is on­go­ing. In the mean­time, here are best prac­tices you can fol­low for peace of mind:

* Review the ac­tiv­ity log for your ac­count and en­vi­ron­ments for sus­pi­cious ac­tiv­ity.

* Review and ro­tate en­vi­ron­ment vari­ables. Environment vari­ables marked as “sensitive” in Vercel are stored in a man­ner that pre­vents them from be­ing read, and we cur­rently do not have ev­i­dence that those val­ues were ac­cessed. However, if any of your en­vi­ron­ment vari­ables con­tain se­crets (API keys, to­kens, data­base cre­den­tials, sign­ing keys) that were not marked as sen­si­tive, those val­ues should be treated as po­ten­tially ex­posed and ro­tated as a pri­or­ity.

* Take ad­van­tage of the sen­si­tive en­vi­ron­ment vari­ables fea­ture go­ing for­ward, so that se­cret val­ues are pro­tected from be­ing read in the fu­ture.

For sup­port ro­tat­ing your se­crets or other tech­ni­cal sup­port, con­tact us through ver­cel.com/​help.

Our in­ves­ti­ga­tion has re­vealed that the in­ci­dent orig­i­nated from a third-party AI tool whose Google Workspace OAuth app was the sub­ject of a broader com­pro­mise, po­ten­tially af­fect­ing hun­dreds of its users across many or­ga­ni­za­tions.

We are pub­lish­ing the fol­low­ing IOC to sup­port the wider com­mu­nity in the in­ves­ti­ga­tion and vet­ting of po­ten­tial ma­li­cious ac­tiv­ity in their en­vi­ron­ments. We rec­om­mend that Google Workspace Administrators and Google Account own­ers check for us­age of this app im­me­di­ately.

UPDATE–Vercel, a widely used cloud plat­form for de­vel­op­ing and de­ploy­ing apps, has dis­closed a breach of its in­ter­nal sys­tems, and says a “limited sub­set of cus­tomers” is af­fected.

The in­ci­dent came to light on Sunday and the com­pany says it has brought in an in­ci­dent re­sponse provider to in­ves­ti­gate the in­tru­sion. The com­pany rec­om­mends that cus­tomers check ac­tiv­ity logs for sus­pi­cious ac­tiv­ity and also ro­tate en­vi­ron­men­tal vari­ables as a pre­cau­tion. Vercek also sug­gests that cus­tomers use its sen­si­tive en­vi­ron­men­tal vari­ables fea­ture to mark things such as API keys as sen­si­tive, which then causes Vercel to store them in an un­read­able for­mat.

Vercel said the in­tru­sion was re­lated to the com­pro­mise of a third-party app.

“Our in­ves­ti­ga­tion has re­vealed that the in­ci­dent orig­i­nated from a third-party AI tool whose Google Workspace OAuth app was the sub­ject of a broader com­pro­mise, po­ten­tially af­fect­ing hun­dreds of its users across many or­ga­ni­za­tions,” the com­pany said.

Vercel did not iden­tify the app but in­cluded IOCs the iden­ti­fier for it. Given that the in­tru­sion orig­i­nated with a third-party app, there may well be other re­lated in­ci­dents emerg­ing in the com­ing hours or days.

“We’ve iden­ti­fied a se­cu­rity in­ci­dent that in­volved unau­tho­rized ac­cess to cer­tain in­ter­nal Vercel sys­tems. We are ac­tively in­ves­ti­gat­ing, and we have en­gaged in­ci­dent re­sponse ex­perts to help in­ves­ti­gate and re­me­di­ate. We have no­ti­fied law en­force­ment and will up­date this page as the in­ves­ti­ga­tion pro­gresses,” the com­pany said in a state­ment.

“At this time, we have iden­ti­fied a lim­ited sub­set of cus­tomers that were im­pacted and are en­gag­ing with them di­rectly.”

Vercel pro­vides a wide range of ser­vices for de­vel­op­ers and en­ter­prises, and has a num­ber of of­fer­ings that are fo­cused on agen­tic AI work­loads.

Vercel did not spec­ify which of its sys­tems were com­pro­mised or how many of its cus­tomers are af­fected.

This story was up­dated on April 19 to add in­for­ma­tion about the source of the in­tru­sion.

I spend a lot of time ne­go­ti­at­ing this in the soft­ware world:

And if you’re won­der­ing why this hap­pens, it’s nor­mally be­cause:

So lots of de­sign­ers and prod­uct peo­ple have leapt onto 1, ba­si­cally try­ing to turn talk­ing to peo­ple into terms en­gi­neer­ing peo­ple find more cud­dly. Like “framework”. Or “system”. Or even that term that’s in vogue, so­cio-tech­ni­cal sys­tem.

Stop. The prob­lem is­n’t that you need a bet­ter sys­tem. The prob­lem is you’re avoid­ing do­ing the work.

The prob­lem is, 2 is much harder than 1. So how do you lis­ten to peo­ple?

Listening is not the same as just do­ing what some­one tells you they want

Tonnes of frame­works around this con­cept, so I won’t re­peat what oth­ers have done de­cently al­ready. Jobs To Be Done, Outcome Driven Innovation, and in the UX camp, em­pa­thy map­ping.

You un­der­es­ti­mate the spe­cial­ism ef­fect on your own world­view

You spend so long learn­ing a sub­ject but a spe­cific set of “surely they know this?!”. It can even be an area that the per­son is an ex­pert in! Well, no, they don’t. They know other things in­stead. You need to un­der­stand more about what they know to be able to lis­ten prop­erly.

You as­sume “technical” is one thing

Such a com­mon pit­fall for soft­ware de­vel­op­ers. Technical is a whole het­eroge­nous beau­ti­ful spec­trum of knowl­edge ar­eas, and it’s not “exactly the knowl­edge I gained as a soft­ware de­vel­oper with the ex­act jobs I had”. If you are still think­ing of peo­ple with the bi­nary of “technical” and “non-technical”, you def­i­nitely will be miss­ing in­sights and most likely, you’re not lis­ten­ing prop­erly.

You as­sume every­one has the same re­sources as you

The same en­ergy, the same skills, etc. So maybe you have a health con­di­tion, and you man­age it a cer­tain way, but when you chat with some­one else with the same health con­di­tion, they just can’t do the things you do, or vice versa. Some peo­ple are great at maths. Some peo­ple are great at other things. Some peo­ple have less money or re­serves and act more risk averse. Some peo­ple don’t. And so on.

You as­sume that be­cause you met one per­son with one char­ac­ter­is­tic, that the rest will be like that.

See also: as­sum­ing older peo­ple don’t un­der­stand com­put­ers. Some don’t. Some do. Not every woman is your mother or daugh­ter.

On the macro level - per­son­al­i­ties change over time.

On the mi­cro level - work per­sonas are dif­fer­ent to peo­ple at home, judge­ment al­ters when things are stress­ful or when cer­tain sit­u­a­tions arise.

This is fun­da­men­tally why a “fixed” pro­ject man­age­ment just does­n’t work for mak­ing soft­ware. You set the re­quire­ments up front. People change in the in­terim. It comes out. At the very very best, it matches what was re­quested at the start. But it’s not what is wanted any­more. And peo­ple load in their own ex­pec­ta­tions, of­ten not ar­tic­u­lated, as they wait for The Thing and the re­al­ity never matches all of that.

You as­sume what they say is the same as what they are think­ing

Some peo­ple say what they mean. Some don’t. A lot of peo­ple say they say what they mean but ac­tu­ally aren’t do­ing that.

Yeah. I said it. Stop hat­ing or dis­miss­ing peo­ple for mis­un­der­stand­ing the thing you doc­u­mented badly. Stop as­sum­ing they are bad at their job or their lives.

If you’re dis­mis­sive of some­one, you are ex­tremely un­likely to be able to lis­ten to them prop­erly.

You as­sume 80 peo­ple are the same as 1 x 80 in­di­vid­u­als.

Turns out, B2B is more hu­man than B2C - all those messy re­la­tion­ships, dy­nam­ics, soft power vs org chart, and so on. Group dy­nam­ics add more here.

If you can’t lis­ten to them, then you’re gonna be miss­ing the juici­est stuff that’s gonna make you the most money, and steam you ahead of the com­peti­tors, and even, weirdly, help min­imise some sources of tech debt too - turns out every mis­un­der­stand­ing adds a new thing in the code you gotta work with later.

Hopefully, this will give a lit­tle clue for when we fall into not lis­ten­ing… so we can all lis­ten bet­ter.

Police lured the man to a meet­ing and ar­rested him af­ter ac­cess­ing a pri­vate WhatsApp group with col­leagues

Police lured the man to a meet­ing and ar­rested him af­ter ac­cess­ing a pri­vate WhatsApp group with col­leagues

Police ac­cessed the closed WhatsApp group chat, saved the ev­i­dence and told the man to come to a meet­ing be­fore ar­rest­ing him. The of­fend­ing im­age showed smoke ris­ing above a build­ing af­ter the March 2026 strikes and had only been shared in the pri­vate group chat. He re­mains in de­ten­tion on charges in­clud­ing pub­lish­ing in­for­ma­tion deemed harm­ful to state in­ter­ests, the max­i­mum sen­tence of which is two years. Read more: Dubai ’arrests sur­vivors of Iranian drone strike af­ter they sent im­ages of ex­plo­sion af­ter­math to loved ones’Read more: British hol­i­day­maker, 60, ar­rested in Dubai for ‘filming mis­siles’

Radha Stirling, chief ex­ec­u­tive of London-based ad­vo­cacy group Detained in Dubai, said Dubai po­lice had “explicitly con­firmed they are con­duct­ing elec­tronic sur­veil­lance op­er­a­tions ca­pa­ble of de­tect­ing pri­vate WhatsApp mes­sages.“She said peo­ple were be­ing tracked, iden­ti­fied, and ar­rested not for pub­lic state­ments, but for pri­vate ex­changes be­tween col­leagues.“’Com­pa­nies like WhatsApp must an­swer ur­gent ques­tions about user pri­vacy.” she added.

Ms Stirling con­tin­ued: “If pri­vate com­mu­ni­ca­tions can be de­tected and used as the ba­sis for ar­rest by over­reach­ing or hy­per­sen­si­tive states, users world­wide need clar­ity on how their data is be­ing ac­cessed.” The po­lice re­port said au­thor­i­ties learned of the ma­te­ri­al’s ex­is­tence “’through elec­tronic mon­i­tor­ing op­er­a­tions”.A spe­cial team from the Electronic and Cybercrime Department was told to find the ac­count holder who shared the video. The air­line worker was tracked down, lured to a meet­ing and ar­rested by po­lice.The case was then es­ca­lated to State Security Prosecution. He re­mains in de­ten­tion.

The UAE gov­ern­ment owns ma­jor­ity hold­ings in tele­com com­pa­nies Etisalat and Du. This gives se­cu­rity ser­vices the power to ob­serve all com­mu­ni­ca­tions on their net­works. The Arab state has also used the Israeli-developed soft­ware Pegasus which al­lows agents to lis­ten into pri­vate calls and read mes­sages, even if they are shared on en­crypted apps like WhatsApp,.The spy­ware can in­fect a de­vice even with­out the user ac­ti­vat­ing a link - such as via a WhatsApp call, even if it is­n’t an­swered.Once in­side, it can ac­cess all WhatsApp mes­sages, lo­gos and con­tacts.Ms Stirling said other tourists, air­line crew and res­i­dents have re­ported be­ing de­tained for send­ing, re­ceiv­ing or keep­ing con­tent even when they did not share it.

Six mil­lion fake stars, $0.06 per click, and a VC fund­ing pipeline that treats GitHub pop­u­lar­ity as proof of trac­tion. We ran our own analy­sis on 20 re­pos and found the fin­ger­prints.

Six mil­lion fake stars, $0.06 per click, and a VC fund­ing pipeline that treats GitHub pop­u­lar­ity as proof of trac­tion. We ran our own analy­sis on 20 re­pos and found the fin­ger­prints.

A GitHub star costs $0.06 at the low end. A seed round un­locks $1 mil­lion to $10 mil­lion. The math is ob­vi­ous, and thou­sands of repos­i­to­ries are ex­ploit­ing it.

This in­ves­ti­ga­tion maps the full ecosys­tem: from the peer-re­viewed re­search quan­ti­fy­ing the prob­lem, to the mar­ket­places sell­ing stars openly, to the ven­ture cap­i­tal pipeline that con­verts star counts into fund­ing de­ci­sions. We ran our own analy­sis on 20 repos­i­to­ries us­ing the GitHub API, sam­pling thou­sands of stargazer pro­files to in­de­pen­dently ver­ify which pro­jects show fin­ger­prints of ma­nip­u­la­tion - and which don’t.

The pic­ture that emerges is a ma­ture, pro­fes­sion­al­ized shadow econ­omy op­er­at­ing in plain sight.

The de­fin­i­tive ac­count comes from a peer-re­viewed study pre­sented at ICSE 2026 by re­searchers at Carnegie Mellon University, North Carolina State University, and Socket. Their tool, StarScout, an­a­lyzed 20 ter­abytes of GitHub meta­data - 6.7 bil­lion events and 326 mil­lion stars from 2019 to 2024 - and iden­ti­fied ap­prox­i­mately 6 mil­lion sus­pected fake stars dis­trib­uted across 18,617 repos­i­to­ries by roughly 301,000 ac­counts.

The prob­lem ac­cel­er­ated dra­mat­i­cally in 2024. By July, 16.66% of all repos­i­to­ries with 50 or more stars were in­volved in fake star cam­paigns - up from near-zero be­fore 2022. The re­searchers’ de­tec­tion proved ac­cu­rate: 90.42% of flagged repos­i­to­ries and 57.07% of flagged ac­counts had been deleted as of January 2025, con­firm­ing GitHub it­self rec­og­nized these as il­le­git­i­mate.

AI and LLM repos­i­to­ries emerged as the largest non-ma­li­cious cat­e­gory of fake-star re­cip­i­ents, ahead of blockchain/​cryp­tocur­rency pro­jects in ab­solute vol­ume at 177,000 fake stars. The study notes that “many of which are aca­d­e­mic pa­per repos­i­to­ries or LLM-related startup prod­ucts.” Critically, 78 repos­i­to­ries with de­tected fake star cam­paigns ap­peared on GitHub Trending, prov­ing that pur­chased stars suc­cess­fully game the plat­for­m’s dis­cov­ery al­go­rithm.

Earlier foun­da­tional work in­cludes Dagster’s March 2023 in­ves­ti­ga­tion, where en­gi­neers pur­chased stars from two ven­dors to study the phe­nom­e­non. They found ser­vices via ba­sic Google search. A pre­mium ven­dor - GitHub24, a reg­is­tered German com­pany (Moller und Ringauf GbR) - charged EUR 0.85 per star and de­liv­ered re­li­ably, with all 100 stars per­sist­ing af­ter one month. A bud­get ser­vice (Baddhi Shop) sold 1,000 stars for $64, though only 75% sur­vived.

The star-sell­ing ecosys­tem spans ded­i­cated web­sites, free­lance plat­forms, ex­change net­works, and un­der­ground chan­nels. At least a dozen ac­tive web­sites sell GitHub stars di­rectly, in­clud­ing SocialPlug.io, Buy.fans, Boost-Like.store, GitHubPromoter.com, Followdeh.com, and Vurike.com.

On Fiverr, 24 ac­tive gigs sell GitHub pro­mo­tion, with pack­ages from $5 for ba­sic stars and forks to $25+ for “organic pro­mo­tion.” Many use ob­fus­cated lan­guage to evade plat­form fil­ters. Star ex­change plat­forms like GithubStarMate.com and SafeStarExchange.com - both live and op­er­a­tional - en­able free mu­tual star­ring through credit-based sys­tems.

The in­fra­struc­ture ex­tends be­yond stars. At least seven open-source tools on GitHub (fake-git-history, com­mit-bot, Commiter, and oth­ers) ex­ist specif­i­cally to fab­ri­cate GitHub con­tri­bu­tion graphs. Pre-built GitHub pro­files with five-year com­mit his­to­ries and Arctic Code Vault Contributor badges sell for ap­prox­i­mately $5,000 on Telegram.

Some ven­dors of­fer re­place­ment guar­an­tees - Followdeh ad­ver­tises 30-day cov­er­age, and pre­mium ser­vices promise “non-drop” stars that sur­vive GitHub’s de­tec­tion sys­tems. SocialPlug claims 3.1 mil­lion stars de­liv­ered across 53,000+ clients and of­fers a for­mal API for pro­gram­matic pur­chas­ing.

A Tsinghua University study (ACSAC 2020) doc­u­mented Chinese QQ and WeChat pro­mo­tion groups with 1,020+ mem­bers pro­cess­ing roughly 20 re­pos per day, gen­er­at­ing an es­ti­mated $3.4 to $4.4 mil­lion an­nu­ally in pro­moter prof­its.

To move be­yond re­ported sta­tis­tics, we built a GitHub API analy­sis tool and ran it against 20 repos­i­to­ries: pro­jects flagged by StarScout, fast-grow­ing AI re­pos from the Runa Capital ROSS Index, and known or­ganic base­lines. For each repo, we sam­pled 150 stargazer pro­files and mea­sured ac­count age, pub­lic re­pos, fol­low­ers, and bio pres­ence.

The fin­ger­prints of ma­nip­u­la­tion are un­mis­tak­able once you know what to look for.

Organic repos­i­to­ries are starred by de­vel­op­ers who have been on GitHub for years, main­tain their own pro­jects, and fol­low other users. Ghost ac­counts - zero re­pos, zero fol­low­ers, no bio - make up about 1% of a healthy pro­jec­t’s stargazer base.

These re­pos share a dis­tinc­tive fin­ger­print. The ac­counts aren’t ob­vi­ously new - me­dian ages of 1,000+ days - so they pass sim­ple “young ac­count” fil­ters. But they’re empty: a third have zero re­pos, half to four-fifths have zero fol­low­ers, and a quar­ter are com­plete ghosts. These are aged ac­counts pur­chased or farmed specif­i­cally for star cam­paigns.

The fork-to-star ra­tio is the strongest sig­nal. Flask has 235 forks per 1,000 stars. Shardeum has 22. FreeDomain has 17. When no­body is fork­ing a 157,000-star repos­i­tory, no­body is us­ing it. The watcher-to-star ra­tio tells the same story: FreeDomain’s 0.001 means that for every 1,000 peo­ple who starred the repo, just one ac­tu­ally watches it for up­dates.

FreeDomain is worth iso­lat­ing: 157,000 stars, but only 168 watch­ers and 2,676 forks. That’s a watcher-to-star ra­tio 26x lower than Flask. 81.3% of sam­pled stargaz­ers have zero fol­low­ers. This is a repos­i­tory where al­most no­body who starred it has any vis­i­ble pres­ence on GitHub.

Union Labs is the most con­se­quen­tial case. It was ranked #1 on Runa Capital’s ROSS Index for Q2 2025 - a widely cited VC in­dus­try re­port iden­ti­fy­ing the “hottest open-source star­tups” - with 54.2x star growth and 74,300 stars. Our analy­sis found 32.7% zero-repo ac­counts, 52% zero-fol­lower ac­counts, and a fork-to-star ra­tio of 0.052. The StarScout analy­sis flagged it with 47.4% sus­pected fake stars. An in­flu­en­tial in­vest­ment-sourc­ing re­port that VCs rely on was topped by a pro­ject with nearly half its stars sus­pected as ar­ti­fi­cial.

RagaAI-Catalyst and ope­nai-fm show clear ma­nip­u­la­tion sig­nals. RagaAI has 76.2% zero-fol­lower ac­counts and 28% ghosts - nearly iden­ti­cal to the blockchain pat­tern. ope­nai-fm is the most ex­treme case in our dataset: 66% sus­pi­cious ac­counts, 36% ghosts, and a me­dian ac­count age of just 116 days. Two-thirds of its stargaz­ers are less than a year old with vir­tu­ally no GitHub ac­tiv­ity. (The StarScout analy­sis notes this is likely third-party bots, not OpenAI it­self.)

Langflow - flagged by StarScout at 47.9% fake - showed clean met­rics in our pro­file sam­ple, with a me­dian age of 2,859 days and low ghost rates. This likely re­flects im­proved ac­count qual­ity since the StarScout scan. The 0.060 fork-to-star ra­tio is still no­tably low - roughly a quar­ter of Flask’s - sug­gest­ing less gen­uine adop­tion rel­a­tive to star count.

For com­par­i­son, NousResearch’s her­mes-agent looks rel­a­tively or­ganic: me­dian age 8 years, 6% ghosts, fork-to-star ra­tio of 0.133. Despite Reddit ac­cu­sa­tions of as­tro­turf­ing, the stargazer pop­u­la­tion is mostly real de­vel­op­ers. The pro­jec­t’s crypto-ad­ja­cent au­di­ence in­cludes more ca­sual GitHub users, which ex­plains slightly el­e­vated zero-fol­lower rates, but the fun­da­men­tal en­gage­ment pat­tern is le­git­i­mate.

The con­nec­tion be­tween GitHub star counts and startup fund­ing is not spec­u­la­tive - it is ex­plic­itly doc­u­mented by the in­vestors them­selves.

Jordan Segall, Partner at Redpoint Ventures, pub­lished an analy­sis of 80 de­vel­oper tool com­pa­nies show­ing that the me­dian GitHub star count at seed fi­nanc­ing was 2,850 and at Series A was 4,980. He con­firmed: “Many VCs write in­ter­nal scrap­ing pro­grams to iden­tify fast grow­ing github pro­jects for sourc­ing, and the most com­mon met­ric they look to­ward is stars.”

Those num­bers set an im­plicit tar­get. For $85 to $285 in bud­get stars, a startup can man­u­fac­ture the 2,850-star seed me­dian. For $990 to $4,500, it can reach Series A ter­ri­tory. Against typ­i­cal seed rounds of $1-10 mil­lion, the ROI ranges from 3,500x to 117,000x.

Runa Capital pub­lishes the ROSS (Runa Open Source Startup) Index quar­terly, rank­ing the 20 fastest-grow­ing open-source star­tups by GitHub star growth rate. Per TechCrunch, 68% of ROSS Index star­tups that at­tracted in­vest­ment did so at seed stage, with $169 mil­lion raised across tracked rounds. GitHub it­self, through its GitHub Fund part­ner­ship with M12 (Microsoft’s VC arm), com­mits $10 mil­lion an­nu­ally to in­vest in 8-10 open-source com­pa­nies at pre-seed/​seed stages based partly on plat­form trac­tion.

* Lovable (formerly GPT Engineer): 50,000+ stars, $7.5M pre-seed, $200M Series A at $1.8 bil­lion val­u­a­tion with 45 em­ploy­ees

Dagster’s Fraser Marlow, who led the fake star in­ves­ti­ga­tion, ad­mit­ted di­rectly: “In the run-up to the fundrais­ing, I spent a fair amount of time pre­oc­cu­pied with GitHub stars.” An aca­d­e­mic pa­per in Organization Science pro­vided rig­or­ous sta­tis­ti­cal ev­i­dence that GitHub en­gage­ment cor­re­lates with startup fund­ing out­comes - star­tups ac­tive on GitHub are 15 per­cent­age points more likely to have raised a fi­nanc­ing round.

The in­cen­tive loop is self-re­in­forc­ing: VCs use stars as sourc­ing sig­nals, so star­tups ma­nip­u­late stars, so VCs see in­flated trac­tion, so more VCs adopt star-track­ing, so more star­tups ma­nip­u­late. Redpoint’s own pub­lished bench­marks give star­tups an ex­act tar­get to buy to­ward.

Our analy­sis re­vealed the fork-to-star ra­tio as the strongest sim­ple heuris­tic for iden­ti­fy­ing po­ten­tial ma­nip­u­la­tion. The logic is straight­for­ward: a star costs noth­ing and con­veys no com­mit­ment. A fork means some­one down­loaded the code to use or mod­ify it.

Any repos­i­tory with a fork-to-star ra­tio be­low 0.05 and more than 10,000 stars war­rants scrutiny. The watcher-to-star ra­tio is even more telling: or­ganic pro­jects av­er­age 0.005 to 0.030; FreeDomain reg­is­ters 0.001.

These ra­tios aren’t per­fect - ed­u­ca­tional re­pos and cu­rated lists nat­u­rally have low fork rates. But as a first-pass fil­ter, they catch the most egre­gious cases that raw star counts miss en­tirely.

The prob­lem ex­tends to every plat­form where pop­u­lar­ity met­rics in­flu­ence trust.

npm down­loads are triv­ially in­flat­able. Developer Andy Richardson demon­strated this by us­ing a sin­gle AWS Lambda func­tion (free tier) to push his pack­age is-in­tro­spec­tion-query to nearly 1 mil­lion down­loads per week - sur­pass­ing le­git­i­mate pack­ages like urql and mobx. Zero ac­tual users. The CMU study found that of re­pos with fake star cam­paigns, only 1.23% ap­peared in pack­age reg­istries, but of those 738 pack­ages, 70.46% had zero de­pen­dent pro­jects.

VS Code Marketplace ex­ten­sions are sim­i­larly vul­ner­a­ble. Researchers demon­strated 1,000+ in­stalls of a fake ex­ten­sion in 48 hours. AquaSec found 1,283 ex­ten­sions with known ma­li­cious de­pen­den­cies to­tal­ing 229 mil­lion in­stalls.

X/Twitter pro­mo­tion am­pli­fies ar­ti­fi­cial GitHub vi­ral­ity through en­gage­ment pods - pri­vate groups where mem­bers agree to like, re­post, and com­ment on each oth­er’s con­tent. Growth Terminal sells this as a prod­uct fea­ture. NBC News and Clemson University re­searchers iden­ti­fied a net­work of 686 X ac­counts that posted more than 130,000 times us­ing LLM-generated con­tent, some con­tain­ing tell­tale ar­ti­facts like “Dolphin here!” from the un­cen­sored Dolphin model they em­ployed.

The Higgsfield AI case doc­u­ments cross-plat­form as­tro­turf­ing at in­dus­trial scale: over 100 con­firmed spam posts across 60+ sub­red­dits, com­bined with mass tem­plate DMs to con­tent cre­ators of­fer­ing pay­ment for pro­mo­tion.

The FTC Consumer Review Rule, ef­fec­tive October 21, 2024, ex­plic­itly pro­hibits sell­ing or buy­ing “fake in­di­ca­tors of so­cial me­dia in­flu­ence” gen­er­ated by bots or fake ac­counts for com­mer­cial pur­poses. Penalties: up to $53,088 per vi­o­la­tion. The FTC is­sued its first warn­ing let­ters to 10 com­pa­nies in December 2025. A GitHub star pur­chased to pro­mote a com­mer­cial prod­uct fits this frame­work.

The SEC prece­dent is more di­rect. HeadSpin’s CEO was charged with wire fraud (maximum 20 years) and se­cu­ri­ties fraud for in­flat­ing met­rics to de­ceive in­vestors out of $80 mil­lion. ComplYant’s founder faced charges for claim­ing $250,000 monthly rev­enue when ac­tual rev­enue was $250.

The SEC’s mes­sage: “Startup fundrais­ers can­not use the ‘fake it un­til you make it’ ethos to white­wash ly­ing to in­vestors.”

If a startup buys fake GitHub stars to in­flate per­ceived trac­tion dur­ing a fundrais­ing round, and in­vestors rely on those met­rics to de­ploy cap­i­tal, the wire fraud frame­work ap­plies: us­ing elec­tronic com­mu­ni­ca­tions to mis­rep­re­sent ma­te­r­ial facts for fi­nan­cial gain. No one has been charged specif­i­cally for fake GitHub stars yet. Given the CMU re­search doc­u­ment­ing the prac­tice at scale and the FTC rule ex­plic­itly cov­er­ing fake so­cial in­flu­ence met­rics, it may only be a mat­ter of time.

GitHub’s Acceptable Use Policies ex­plic­itly pro­hibit “inauthentic in­ter­ac­tions, such as fake ac­counts and au­to­mated in­au­then­tic ac­tiv­ity,” “rank abuse, such as au­to­mated star­ring or fol­low­ing,” and “creation of or par­tic­i­pa­tion in sec­ondary mar­kets for the pur­pose of the pro­lif­er­a­tion of in­au­then­tic ac­tiv­ity.” The poli­cies even specif­i­cally pro­hibit star­ring in­cen­tivized by “cryptocurrency air­drops, to­kens, cred­its, gifts or other give-aways.”

Enforcement is re­ac­tive and asym­met­ric. GitHub re­moved 90.42% of repos­i­to­ries flagged by StarScout, but only 57.07% of the ac­counts that de­liv­ered those stars. The in­fra­struc­ture for fu­ture cam­paigns largely re­mains in­tact. When Dagster pub­lished its in­ves­ti­ga­tion, fake star pro­files were deleted within 48 hours - but only af­ter pub­lic em­bar­rass­ment, not proac­tive de­tec­tion.

GitHub has never pub­lished an en­gi­neer­ing blog post about its de­tec­tion meth­ods or en­force­ment sta­tis­tics. No trans­parency re­port ex­ists for star ma­nip­u­la­tion. The com­pa­ny’s VP of Security Operations told Wired only that they “disabled user ac­counts in ac­cor­dance with GitHub’s Acceptable Use Policies,” de­clin­ing to elab­o­rate - though that com­ment was specif­i­cally about the Stargazers Ghost Network mal­ware op­er­a­tion, not van­ity met­ric ma­nip­u­la­tion.

The CMU re­searchers rec­om­mended GitHub adopt a weighted pop­u­lar­ity met­ric based on net­work cen­tral­ity rather than raw star counts. A change that would struc­turally un­der­mine the fake star econ­omy. GitHub has not im­ple­mented it.

Bessemer Venture Partners calls stars “vanity met­rics” and in­stead tracks unique monthly con­trib­u­tor ac­tiv­ity - any­one who cre­ated an is­sue, com­ment, PR, or com­mit. Fewer than 5% of top 10,000 pro­jects ever ex­ceeded 250 monthly con­trib­u­tors; only 2% sus­tained it across six months.

Jono Bacon at StateShift rec­om­mends five met­rics that cor­re­late with real adop­tion: pack­age down­loads, is­sue qual­ity (production edge cases from real users), con­trib­u­tor re­ten­tion (time to sec­ond PR), com­mu­nity dis­cus­sion depth, and us­age teleme­try.

The fork-to-star ra­tio our analy­sis sur­faced is the sim­plest first-pass fil­ter. A healthy pro­ject has roughly 100-200 forks per 1,000 stars. Projects be­low 50 forks per 1,000 stars with high ab­solute counts de­serve a closer look.

As one com­menter put it: “You can fake a star count, but you can’t fake a bug fix that saves some­one’s week­end.”

First, the in­cen­tive loop. VCs use stars as sourc­ing sig­nals. Startups ma­nip­u­late stars. VCs see in­flated trac­tion. More VCs adopt star-track­ing. More star­tups ma­nip­u­late. Redpoint’s pub­lished bench­marks - 2,850 at seed, 4,980 at Series A - ef­fec­tively give star­tups a price list for how many stars to buy.

Second, the AI sec­tor’s spe­cific vul­ner­a­bil­ity. The com­bi­na­tion of ex­treme hype, crypto-ad­ja­cent fund­ing mod­els that re­ward to­ken price over prod­uct qual­ity, and a re­viewer ecosys­tem on X/Twitter pop­u­lated partly by fab­ri­cated per­sonas cre­ates a per­fect en­vi­ron­ment for man­u­fac­tured cred­i­bil­ity. Our analy­sis con­firmed this: the re­pos with the worst ma­nip­u­la­tion sig­nals were over­whelm­ingly blockchain and crypto-ad­ja­cent AI pro­jects.

Third, GitHub’s en­force­ment asym­me­try. Removing re­pos but leav­ing 57% of fake ac­counts in­tact pre­serves the la­bor force of the fake star econ­omy while do­ing lit­tle to de­ter re­peat of­fenses. Until GitHub im­ple­ments struc­tural changes - weighted pop­u­lar­ity met­rics, ac­count-level rep­u­ta­tion scor­ing, or trans­par­ent en­force­ment re­port­ing - the gap be­tween star counts and gen­uine de­vel­oper adop­tion will con­tinue to widen.

The star econ­omy is a $50 prob­lem with a $50 mil­lion con­se­quence. Until the plat­forms, in­vestors, and reg­u­la­tors catch up, the mar­ket will keep pay­ing the $50.

Five of those six users have placed no more bets since, but one of the ac­coun­t’s re­cent ac­tiv­ity shows it has sub­se­quently made $163,000 by cor­rectly bet­ting on a US-Iran cease­fire by 7 April, which was an­nounced by Washington and Tehran on that day.

Last week, pop­u­lar World of Warcraft pri­vate server Turtle WoW got hit with a cease and de­sist from Blizzard af­ter a judge ruled in the stu­dio’s fa­vor re­gard­ing a copy­right in­fringe­ment suit filed last September. Court doc­u­ments re­vealed that the two par­ties reached a set­tle­ment that hinged on “certain ac­tions that are re­quired to be taken by cer­tain par­ties,” and to­day, the other shoe dropped for any­one still play­ing the mod­ded MMO: a fo­rum post an­nounced a com­plete shut­down of the pro­ject.

“Working on Turtle WoW has been the high­light of our lives,” said Turtle WoW de­vel­oper Torta in the post. “The ad­ven­tures you had, the bat­tles you fought, and the friends you met are what made it all worth­while. We hope you will cher­ish those mo­ments. What we leave be­hind are fond mem­o­ries of an 8-year-long jour­ney, and we hope you’ll re­mem­ber it every now and then.”

The servers will close on May 14, and all servers have been shot for­ward to the fi­nal patch “for those who want to see the new raids be­fore the pro­jec­t’s sun­set.” All as­so­ci­ated so­cial me­dia chan­nels, in­clud­ing the fo­rum site, will close later this year on Oct. 16.

Fans of the server say­ing their farewells on the sub­red­dit and fo­rum. “Wish I ended up play­ing more and ding­ing 60 in the end, but the time I did spend was fun. Thanks for the game and wish­ing every­one all the best,” wrote fo­rum user Zeran. Reddit user ElChuppolaca wrote, “This is gen­uinely heart­break­ing but I fig­ured it would come see­ing as they de­layed any re­sponse for so long.”

If you’re un­fa­mil­iar with the server, it takes an Old School RuneScape ap­proach to World of Warcraft’s pre-ex­pan­sion era, back be­fore you could roll a pal­adin on the Horde or get an epic mount with­out grind­ing for hours. There are new raids, zones, playable races, and dun­geons, but noth­ing that raises the max level or in­cor­po­rates lore from re­cent story arcs.

The server aimed to de­liver the “Classic Plus” ex­pe­ri­ence fans of vanilla WoW have clam­ored for since of­fi­cial pre-ex­pan­sion servers landed, and with Blizzard teas­ing its own take on the idea fol­low­ing the end of the game’s Season of Discovery, it’s hard not to see par­al­lels with the shut­down of Nostalrius (which came just a year be­fore World of Warcraft Classic was an­nounced).

Regrettably, it seems that pub­lisher-ap­proved fan servers like EverQuest’s Project 1999 and City of Heroes’s Homecoming are the ex­cep­tion and not the rule, as in the end, the Turtle WoW team’s open plea for a fan server li­cens­ing frame­work proved fruit­less.

Posts from this au­thor will be added to your daily email di­gest and your home­page feed.

Posts from this au­thor will be added to your daily email di­gest and your home­page feed.

All em­pires even­tu­ally fall, and it seems the cre­ative soft­ware in­dus­try has col­lec­tively de­cided that Adobe’s time has come. The Creative Cloud provider’s suite of de­sign tools have been con­sid­ered the in­dus­try stan­dard for decades — de­spite un­pop­u­lar de­ci­sions to fully em­brace gen­er­a­tive AI and aban­don soft­ware li­censes in fa­vor of ex­pen­sive, com­pli­cated sub­scrip­tions.

Pricing in par­tic­u­lar has given com­peti­tors an open­ing to at­tack. Some of the best al­ter­na­tives aren’t just un­der­cut­ting Adobe’s price — they’re avail­able for free. People love free.

One ex­am­ple that was an­nounced this week is Autograph, mo­tion de­sign soft­ware akin to Adobe After Effects. Autograph was ac­quired by Cinema 4D maker Maxon last year, and has now been re­launched with free ac­cess for in­di­vid­ual users. It ini­tially cost $1,795 for a per­ma­nent li­cense (or $59 per month on sub­scrip­tion) when it launched in 2023, which was a hard sell com­pared to the $34.49 per month stand­alone After Effects sub­scrip­tion that Adobe de­manded, and con­tin­ues to charge to­day. And while Autograph is­n’t di­rectly com­pa­ra­ble, it pro­vides a sim­i­lar suite of an­i­ma­tion and VFX tools and does­n’t charge a dime.

Perhaps co­in­ci­dently, Canva also dropped its own bomb on Adobe’s After Effects this week. Canva has made the full ver­sion of Cavalry avail­able for free in­stead of lock­ing the mo­tion graph­ics soft­ware be­hind its own user sub­scrip­tions, af­ter the de­sign plat­form ac­quired it back in February. If that sounds fa­mil­iar, it’s be­cause Canva did a sim­i­lar thing last year with Affinity — a trio of apps it ac­quired that pro­vide sim­i­lar fea­tures to Adobe’s Illustrator, Photoshop, and InDesign soft­ware. While Affinity Designer 2, Affinity Photo 2, and Affinity Publisher 2 were each a one-off $69.99 pay­ment be­fore (or $169.99 for all three), they’ve since been com­bined into a sin­gle, en­tirely free app.

Other Adobe apps also took a hit this week thanks to the lat­est DaVinci Resolve 21 up­date. The free mul­ti­pur­pose post-pro­duc­tion soft­ware — which is al­ready con­sid­ered a ri­val to Premiere Pro — now in­cludes photo edit­ing fea­tures like color-cor­rec­tion, mask­ing tools, and im­port sup­port for Apple Photos and Lightroom Catalog files. The up­date also adds sup­port for Affinity’s .af file for­mat, mak­ing it eas­ier to use an­other free app along­side DaVinci Resolve.

Even when the Adobe al­ter­na­tives aren’t free, they’re be­com­ing more at­trac­tively priced. Apple launched its Creator Studio suite in January, which in­cludes ac­cess to a whole host of edit­ing apps, in­clud­ing Final Cut Pro, Logic Pro, Pixelmator Pro, Motion, Compressor, and MainStage. The $12.99 monthly Creator Studio fee is more af­ford­able than Adobe’s $69.99 monthly Creative Cloud Pro sub­scrip­tion by com­par­i­son, and Apple is­n’t forc­ing users into a sub­scrip­tion plan. You can still buy one-time li­censes for in­di­vid­ual apps on Apple’s App Store. Take that Adobe.

When we cov­ered that an­nounce­ment, sev­eral themes ap­peared in our com­ment sec­tion. One was the col­lec­tive shock at how low Apple’s pric­ing was com­pared to Adobe’s de­spite be­ing, well, Apple. The other was that all the Creator Suite needed was a suit­able Lightroom al­ter­na­tive to seal the deal. Apple may yet find a way to make it hap­pen, but DaVinci has filled that gap in the mean­time.

When you pair these re­cent an­nounce­ments with cre­ative soft­ware that was al­ready free, or at least sub­scrip­tion free, then you have an in­dus­try move­ment that should give Adobe some­thing to worry about.

Freedom from Adobe’s app ecosys­tem is ac­tu­ally start­ing to look plau­si­ble. And mak­ing that free­dom in­creas­ingly free is the ic­ing on the cake.

The Swiss voice in the world since 1935

How Switzerland got caught in the Magnitsky case — again

Read more: How Switzerland got caught in the Magnitsky case — again

Read more: Millions of dol­lars linked to Magnitsky fraud case leave Switzerland

Read more: City of London urges Swiss air­ports to give UK trav­ellers e-gate ac­cess

Read more: Afghanistan’s Taliban tap Swiss, other trav­ellers for fly­over fees

Read more: Our newslet­ter on geopol­i­tics

How Switzerland got caught in the Magnitsky case — again

Read more: How Switzerland got caught in the Magnitsky case — again

When is a democ­racy no longer a democ­racy?

Read more: When is a democ­racy no longer a democ­racy?

Why Merantix founder Adrian Locher chose Berlin over Zurich for his AI start-up

Read more: Why Merantix founder Adrian Locher chose Berlin over Zurich for his AI start-up

How are you deal­ing with the ris­ing cost of fos­sil fu­els?

Read more: How are you deal­ing with the ris­ing cost of fos­sil fu­els?

The Swiss Connection Podcast: Hear Swiss sci­ence sto­ries for the world

Read more: The Swiss Connection Podcast: Hear Swiss sci­ence sto­ries for the world

A queer film­maker in Switzerland cap­tures the di­vide on her visit home to China

Read more: A queer film­maker in Switzerland cap­tures the di­vide on her visit home to China

The right to pri­vacy, ex­cept dur­ing wartime

Read more: The right to pri­vacy, ex­cept dur­ing wartime

At what point does some­one be­long in Switzerland?

Read more: At what point does some­one be­long in Switzerland?

Justice in sight for the Swiss con­victed for help­ing the Resistance

Read more: Justice in sight for the Swiss con­victed for help­ing the Resistance

To what ex­tent do you think as­sisted sui­cide should be a legally avail­able op­tion to those who want to end their lives?

Read more: To what ex­tent do you think as­sisted sui­cide should be a legally avail­able op­tion to those who want to end their lives?

From e-cig­a­rettes to lab de­vices: sur­pris­ing facts about Swiss patents

Read more: From e-cig­a­rettes to lab de­vices: sur­pris­ing facts about Swiss patents

Cured but unin­sur­able: the hid­den fi­nan­cial bur­den of sur­viv­ing can­cer in Switzerland

Read more: Cured but unin­sur­able: the hid­den fi­nan­cial bur­den of sur­viv­ing can­cer in Switzerland

How the war in Iran is af­fect­ing the Swiss food in­dus­try

Read more: How the war in Iran is af­fect­ing the Swiss food in­dus­try

Read more: A brain scan be­fore a pre­scrip­tion? Geneva’s bet on pre­ci­sion psy­chi­a­try

Reality hits: hard truths come to light in the fi­nal episode of ‘Lost Cells’

Read more: Reality hits: hard truths come to light in the fi­nal episode of ‘Lost Cells’

Read more: Swiss di­as­pora di­vided af­ter Orbán’s fall in Hungary elec­tion

Swiss vot­ers to de­cide on stricter rules for con­sci­en­tious ob­jec­tion

Read more: Swiss vot­ers to de­cide on stricter rules for con­sci­en­tious ob­jec­tion

Where cows com­pete to be­come queens

Read more: Where cows com­pete to be­come queens

The SWIplus app: your con­nec­tion to Switzerland

Read more: The SWIplus app: your con­nec­tion to Switzerland

Swiss au­thor­i­ties want to re­duce de­pen­dency on Microsoft

Copyright 2024 The Associated Press. All Rights Reserved

The Swiss gov­ern­ment is aim­ing to grad­u­ally shift away from a de­pen­dency on Microsoft prod­ucts, ac­cord­ing to the NZZ am Sonntag news­pa­per.

+Get the most im­por­tant news from Switzerland in your in­box

A spokesman for the Federal Chancellery told the news­pa­per that the fed­eral ad­min­is­tra­tion “aims to re­duce its de­pen­dency on Microsoft, step by step and in the long term”.

This comes as a sur­prise, as Microsoft 365 was re­cently in­stalled on some 54,000 ad­min­is­tra­tion work­sta­tions — de­spite con­cerns about data se­cu­rity. Calls for al­ter­na­tives pre­vi­ously met with in­ter­nal re­sis­tance and charges of “tinkering”, the NZZ am Sonntag writes.

‘Switzerland must not give in to the Big Tech nar­ra­tive’

This con­tent was pub­lished on

Switzerland can be more in­de­pen­dent from tech gi­ants like Microsoft when it comes to ar­ti­fi­cial in­tel­li­gence, says a lead­ing dig­i­tal sov­er­eignty ex­pert.

Read more: ‘Switzerland must not give in to the Big Tech nar­ra­tive’

However, for­mer army chief Thomas Süssli called for al­ter­na­tive so­lu­tions to be ex­am­ined more quickly. A fea­si­bil­ity study now shows that re­place­ment with open-source soft­ware is pos­si­ble. Germany serves as a ref­er­ence: there, work is un­der­way on an in­de­pen­dent open-source so­lu­tion in which Bern is also in­ter­ested.

The German state of Schleswig-Holstein has al­ready switched over its ad­min­is­tra­tion. Open-source soft­ware can be used freely, while it can also be fur­ther de­vel­oped in­de­pen­dently of cor­po­ra­tions.

Swiss au­thor­i­ties have spent a tidy amount on Microsoft soft­ware in re­cent years: an in­ves­ti­ga­tion by SRFExternal link last year showed that the fed­eral gov­ern­ment and can­tons spent over CHF1.1 bil­lion ($1.4 bil­lion) on li­cences with the tech gi­ant over the past ten years.

The Trump ad­min­is­tra­tion and its ap­proach to the rule of law are in­creas­ing con­cerns among users of US tech­nol­ogy. This is be­cause US law — thanks to the 2018 Cloud Act — al­lows the gov­ern­ment to ac­cess all data stored by US tech cor­po­ra­tions.

This means that if data is stored on servers or clouds of US firms such as Microsoft, Apple or Adobe — no mat­ter where in the world — US au­thor­i­ties may re­quest this data from the US cor­po­ra­tions. This could even be the case if the servers are in Switzerland. Users gen­er­ally have no idea which au­thor­ity is ac­cess­ing the data nor what is be­ing done with it.

We se­lect the most rel­e­vant news for an in­ter­na­tional au­di­ence and use au­to­matic trans­la­tion tools to trans­late them into English. A jour­nal­ist then re­views the trans­la­tion for clar­ity and ac­cu­racy be­fore pub­li­ca­tion.

Providing you with au­to­mat­i­cally trans­lated news gives us the time to write more in-depth ar­ti­cles. The news sto­ries we se­lect have been writ­ten and care­fully fact-checked by an ex­ter­nal ed­i­to­r­ial team from news agen­cies such as Bloomberg or Keystone.

If you have any ques­tions about how we work, write to us at eng­lish@swiss­info.ch

In com­pli­ance with the JTI stan­dards

More:

SWI swiss­info.ch cer­ti­fied by the Journalism Trust Initiative

⚠ This data may be out of date or in­cor­rect. A re­search pro­ject is on­go­ing to fur­ther de­velop such maps.

⚠ This data may be out of date or in­cor­rect. A re­search pro­ject is on­go­ing to fur­ther de­velop such maps.

A map of all ~2,100 Swiss mu­nic­i­pal­i­ties show­ing which provider han­dles their of­fi­cial email — grouped by ju­ris­dic­tion — based on pub­lic DNS records and other pub­lic net­work sig­nals.

Digital sov­er­eignty: US-based providers are sub­ject to the US CLOUD Act, which al­lows US au­thor­i­ties to re­quest stored data, re­gard­less of where it is phys­i­cally hosted. This map makes the cur­rent provider land­scape vis­i­ble.

Each mu­nic­i­pal­i­ty’s of­fi­cial do­main is checked via 11 sig­nals from DNS records, SMTP ban­ners, ASN lookups, and a pub­lic Microsoft API end­point, then clas­si­fied by provider type with con­fi­dence scor­ing.

Disclaimer: DNS records in­di­cate mail rout­ing and au­tho­rized senders, not nec­es­sar­ily where data is stored.

The code and data are on GitHub.

If you have no­ticed an er­ror, please sub­mit an is­sue.