NX get vibe-hacked

Holy moly... et tu, NX?

When a programmer runs the hacked version of NX, the malware drops the exploit into their GitHub and runs that code. The malware stole a lot of people’s login keys and, apparently, their crypto wallets.

Here’s the novel bit — the malware code doesn’t steal your logins or crypto directly. Instead, it sends a prompt to Cursor, Claude Code, or any other AI coding bot on your computer, and it tells them to steal your stuff.

There is a bit of schadenfreude in the article, but the NX-case makes a great cautionary tale.

Vibe-coded build system NX gets hacked, steals vibe-coders’ crypto NX is build software. You write your code on your laptop, you press “build”, it runs NX, and you get a built version you can put onto your web server. If you could hack NX, you could hit a lot of p… pivot-to-ai.com