Notes - KeesTalksTech

NX get vibe-hacked

Holy moly... et tu, NX?

When a programmer runs the hacked version of NX, the malware drops the exploit into their GitHub and runs that code. The malware stole a lot of people’s login keys and, apparently, their crypto wallets.

Here’s the novel bit — the malware code doesn’t steal your logins or crypto directly. Instead, it sends a prompt to Cursor, Claude Code, or any other AI coding bot on your computer, and it tells them to steal your stuff.

There is a bit of schadenfreude in the article, but the NX-case makes a great cautionary tale.

Vibe-coded build system NX gets hacked, steals vibe-coders’ crypto NX is build software. You write your code on your laptop, you press “build”, it runs NX, and you get a built version you can put onto your web server. If you could hack NX, you could hit a lot of p… pivot-to-ai.com

2025-09-03 · #ai #programming

Vibe Coding without tech knowledge

Hahaha... Alberta makes an excellent point!

It all comes back to skill!

2025-08-12 · #ai #programming #programming-humor

LLMs as mirrors

Wow:

In my view, LLMs are essentially mirrors. They mirror the skill of the operator.

The article goes on to argue that using AI (correctly) is also a matter of skill.

LLMs are mirrors of operator skill This is a follow-up from my previous blog post: “deliberate intentional practice”. I didn’t want to get into the distinction between skilled and unskilled because people take offence to it, but AI is a matter of skill. Someone can be highly experienced as a software engineer in 2024, but that ghuntley.com

2025-07-16 · #ai #llm #programming

NASAs Coding Requirements Are Insane

A nice YouTube discussion about a coding standard paper that was written for Nasa/JPL:

If you don't like YouTube, here's the PDF:

The Power of Ten - Rules for Developing Safety Critical Code

2025-03-14 · #programming

How often do you read about somebody writing an RFC for the NPM CLI? This is a great write-up by Evan Hahn about an improvement he proposed and the process of evaluating such an RFC. Loved reading it!

My failed attempt to shrink all npm packages by 5% It seemed like a great idea at first. evanhahn.com

2025-01-27 · #programming

How a Single Line of Code Brought Down a Billion Dollar Rocket

This article shows 3 instances where a single line of code has a devastating impact. Programmers, be aware!

How a Single Line of Code Brought Down a Billion Dollar Rocket When we talk about software today, we should know that its importance is now at the very end of the spectrum of different technologies used. newsletter.techworld-with-milan.com

2025-01-27 · #programming

CI/CD Observability

What could OpenTelementry unlock when applied to our CI/CD? I might unlock an early warning system for problems that slip into your pipelines...

CI/CD Observability: A Rich New Opportunity for OpenTelemetry If we shift our observability focus to the left, we can address issues in CI/CD before they escalate, as described by two Grafana engineers. thenewstack.io

2024-04-30 · #programming

A Never Nester made a video

2023-05-23 · #programming

Just Calm Down About GPT-4 Already

Love the article about generative AI and where this is going. One quote really resonates:

But in that “Seven Deadly Sins” article, I said that one of the deadly sins was how we humans mistake performance for competence.

Just Calm Down About GPT-4 Already And stop confusing performance with competence, says Rodney Brooks spectrum.ieee.org

2023-05-22 · #ai

The source for a ChatGPT answer?

Would love to know the source for a ChatGPT answer. Wondering what this means for Google and StackOverflow. Would be great if we could discuss further on these answers to improve our collective understanding... 🤔

Screenshot of a question asked to ChatGPT, showing the work, but not the sources...

2022-12-08 · #ai