OB
1.9K posts
Upgrades to our API
Chris Park@chrisparkX
We’ve made major upgrades to X API: • Pay-Per-Use now GA worldwide • XMCP Server + xurl for agents • Official Python & TypeScript XDKs • API Playground - free realistic simulations New releases coming will be a game changer. Start building → docs.x.com 🚢
English
Vibe coding pro tip:
Copy-paste this entire article into Cursor/Lovable and tell it to implement everything.
This is literally all you need to secure your MVP before it breaks at scale.
Most builders skip this and wonder why their app crashes at 100 users.
Prajwal Tomar@PrajwalTomar_
English
Great piece from @a16z. A few things I’d add from the front lines of detecting the Axios attack:
Socket detecting the attack 16 minutes before publication is worth dwelling on. We caught plain-crypto-js because its behavior was anomalous the moment it appeared on npm – postinstall script, network access, OS fingerprinting, binary download, self-deletion. No CVE needed. The package told us what it was by what it did.
The core issue is that AI agents treat npm install as a solved problem. It isn’t. Every dependency decision is a trust decision, and right now agents are making thousands of those decisions per day with zero security context. We need to give agents the same visibility into package behavior that we’d want a human developer to have – but at machine speed.
a16z@a16z
The software supply chain has become the most critical and least-defended attack surface in modern software development. This week, someone hijacked one of the most popular packages on the internet and used it to install a backdoor on every machine that ran npm install. a16z's @MaikaThoughts, @zanelackey, and Joel de la Garza on how @SocketSecurity detected the Axios attack within 6 minutes, why AI is compressing software supply chain attack timelines, and why defenders have to move at machine speed to save the agents: a16z.news/p/et-tu-agent-…
English
First the Claude Code leak and now this. In the same week. "AI safety" by way of "we'll lock it up" is just totally dead. Kaput. Pushing up daisies.
Garry Tan@garrytan
Wow. Incredible amount of SOTA training data now just available to China thanks to @mercor_ai leak. Every major lab. Billions and billions of value and a major national security issue.
English
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
English
@kayosports seriously? Every time you try and use the scrubbing function on your Apple TV app it shows an ad. EVERY TIME? I’m seriously done. Kiss my subscription goodbye. SO frustrating to use a service I pay for. You are actively killing your user base. Idiots
English
15 signs your AI-generated code is a TICKING BOMB in production :
1/ it works perfectly in development
> 90% of AI-generated bugs only show up under real traffic conditions
2/ the AI never asked about your database size
> a query that runs in 0.2s on 500 rows takes 45s on 500,000
3/ you havent tested what happens when a third party API goes down
> your whole app probably crashes instead of failing gracefully
4/ there are no loading states in the UI
> users click the button 6 times because nothing happened visually
5/ the AI wrote your auth flow in one shot and you didnt review it
> authentication is the single highest-risk part of any application
6/ file uploads have no size limit
> one user uploads a 2GB file and your server runs out of memory
7/ you have no staging environment
> you are testing in production and you dont even know it
8/ the AI used setTimeout to "fix" a timing issue
> that is not a fix. that is a bomb with a delay.
9/ there is no form of abuse detection
> bots will find your signup form before real users do
10/ your error messages tell users exactly what went wrong technically
> "PostgreSQL connection refused at port 5432" is a gift to attackers
11/ the AI picked a library that hasnt been updated in 2 years
> abandoned packages are one of the most common attack vectors
12/ you have no caching layer
> every page load hits your database directly, every single time
13/ mobile experience was never tested
> AI codes for desktop by default. most of your users are on phones.
14/ there is no user feedback mechanism
> your app is breaking for people right now and you have no way of knowing
15/ you have shipped but never done a security audit
> not even a basic one. not even running your code through a linter.
Bookmark this and make it into a skill
English
🦞 13,000+ skills in ClawHub… and 1 in every 8 can silently steal your API keys while you sleep.
Let’s be real: a vanilla OpenClaw agent without skills is just an overpriced chatbot. The magic happens when you give it actual skills to clear your inbox, scrape the web, or write code.
But here is the scary part: ClawHub just hit 13,000+ skills, and a recent Snyk audit showed that roughly 13% of them contain critical vulnerabilities. We’re talking malware, stolen API keys, and prompt injections. I guess we didn't learn enough from the ClawHavoc mess earlier this year! 🤦♂️
I just came across a solid write up breaking down 30 actually safe, fully tested OpenClaw skills, and it’s a goldmine.
If you’re just getting started, here are the absolute must haves from the list:
- > Telegram / Wacli:
Texting your AI assistant to handle tasks while you’re out getting coffee? Literal game changer. Latency is surprisingly low.
- > Capability Evolver:
The most downloaded skill for a reason. Your agent uses ML to improve its own capabilities while you sleep.
- > GOG (Google Workspace):
Turns your agent into a personal secretary. It reads my Gmail and drops events into my Calendar so I don't have to.
- > Playwright / Agent Browser:
This isn't just reading the internet. It's clicking, filling forms, and acting on your behalf.
- > ClawStrike & Credential Manager:
Please, for the love of god, install these first. Protect your API keys.
Pro tip from the article: Treat SKILL.md files like shady browser extensions. If a weather skill is asking for wildcard shell permissions... run. 🚩
Always make it a habit to run:
"npx clawhub@latest inspect "
before you actually install anything.
The future of AI agents isn't just about bigger parameter models, it's about the tools we give them.
sopersone@sopersone
English
Introducing the world’s first penetration testing for vibe coding to Lovable.
You can now prove the security of your Lovable-built apps through a swarm of AI agents that run comprehensive tests, checking for OWASP Top 10 vulnerabilities, privilege escalation, and data exposure, powered by @AikidoSecurity.
This used to take weeks, require dedicated security teams, and cost $5k-$50k.
All findings are validated to eliminate false positives and sync back into Lovable as actionable issues. This generates a formal pentest report for SOC 2, ISO 27001, client security questionnaires, or even investor due diligence.
English
Software horror: litellm PyPI supply chain attack.
Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords.
LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm.
Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks.
Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages.
Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.
Daniel Hnyk@hnykda
LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate. link below
English
great 2 weeks to be an Australian if you use Claude Code 😂
Claude@claudeai
How it works: - 2x usage on weekdays outside 5–11am PT / 12–6pm GMT - 2x usage all day on weekends - Automatic, nothing to enable
English
What do you use to have Claude Code do a full security sweep of your codebase?
My go-to is “Run a deep OWASP security sweep of the full app, all APIs and any internal services. Report in descending severity and suggest solutions using the AskUserQuestion tool.” in plan mode.
English
someone published 314 skills on ClawHub. every single one was malicious. once installed, they read your MEMORY.md, SOUL.md, everything your agent remembers, leaked.
3 checks i run before installing any skill now:
1. source: who's the author, do they have other legit projects
2. code scan: search for curl, wget, exec, external URLs
3. permissions: does it need file system access? shell? why?
i checked my own 5 agents. clean. but honestly, cold sweat.
takes less than five minutes.
installing skills without these three checks is like signing a contract without reading it.
English
Ugh @AnthropicAI did you quantize Opus 4.6 across the board now? Definitely a step back in the last couple of days.
The pattern seems to be (for all players):
1. Release new model. It’s great and everyone hammers it - “prompt too long” (for example) issues where they run out of compute and memory for the new model demand. But, when it works it’s awesome.
2. Model use matures, they need to cost optimize; quantize and lobotomize the model.
English
Forget hiring a team.
Here's what you need to run a full SaaS solo:
- n8n — automation
- Supabase — backend
- Cursor — code
- Claude — thinking
- Vercel — deploy
- Stripe — payments
- Resend — emails
- Framer — landing page
- PostHog — analytics
- Cloudflare — security
$0/month until you're making money.
Like+comment " pdf" + repost
Follow me so that I can send you DM
English
Bookmark this ARTICLE by @WasimShips
covering the latest list of Security rules for VIBE CODERS !
Study this RIGHT NOW !
Wasim@WasimShips
English