TechTakes

2134 readers

263 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 2 years ago

MODERATORS

dgerard@awful.systems

172

Vibe-coded build system NX gets hacked, steals vibe-coders’ crypto (pivot-to-ai.com)

submitted 21 hours ago by dgerard@awful.systems to c/techtakes@awful.systems

21 comments fedilink hide all child comments

a clown car of clown cars that deploys another clown car, that explodes

https://www.youtube.com/watch?v=vnFKkBBzpVg&list=UU9rJrMVgcXTfa8xuMnbhAEA - video
https://pivottoai.libsyn.com/20250829-vibe-coded-build-system-nx-steals-vibe-coders-crypto - podcast

you are viewing a single comment's thread
view the rest of the comments

[–] gerikson@awful.systems 21 points 21 hours ago (1 children)

Thanks for this write-up, I just saw the advisory and didn't realize just how dumb the entire thing was.

[–] dgerard@awful.systems 6 points 8 hours ago (1 children)

absolutely appalling figuring it out, it really was "it can't be this stupid, I must be understanding it wrong"

then I got to the bash injection

and the proud "Generated by Claude Code"

and welp

[–] HedyL@awful.systems 4 points 5 hours ago

More than two decades ago, I dabbled a bit in PHP, MySQL etc. for hobbyist purposes. Even back then, I would have taken stronger precautions, even for some silly database on hosted webspace. Apparently, some of those techbros live in a different universe.