Researchers have published a real-life example of a SHA1 collision, effectively proving that it is possible within a "reasonable" timeframe to produce a document that has been falsified. Cloud-computing at its best was able to create a document in a period of 3 months.
It goes a little further than that though. SHA-1 is used in quite a lot of applications and services; one of which is SVN. Without the use of SHA1-secure, you can pretty easily corrupt the contents of a repository. What dazzles me, is that people/companies are still using these kinds of encryption while being aware of the issue.