Loading video...

Video Failed to Load

Go Home

💥 Your AI coding assistant might be stealing your SSH keys. 💥 Socket found an active Shai-Hulud style npm worm (SANDWORM_MODE) that hijacks CI workflows, spreads via stolen tokens, and injects rogue MCP servers to poison AI coding tools and steal secrets.

feross's profile picture

Feross

41,297 subscribers

15,147 views • 4 months ago •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

0 Comments

No comments available

Comments from the original post will appear here

Related Videos

Here’s how to build a Slack clone with Claude 3.7 Sonnet and Cursor Agent in v0.46. Perfect for *anyone* wanting to pick up AI coding tools. Learn how to build an app 100% from scratch with the newest AI coding workflows. Watch for 1hr+ of agentic coding.
1:12:45

Here’s how to build a Slack clone with Claude 3.7 Sonnet and Cursor Agent in v0.46. Perfect for *anyone* wanting to pick up AI coding tools. Learn how to build an app 100% from scratch with the newest AI coding workflows. Watch for 1hr+ of agentic coding.

Mckay Wrigley

212,403 views • 1 year ago

AI has completely changed coding. Bytedance has just launched an IDE called Trae AI, a powerful new AI coding assistant that helps you code faster and smarter. It's 100% free... 🤯 Here's how it works:
1:24

AI has completely changed coding. Bytedance has just launched an IDE called Trae AI, a powerful new AI coding assistant that helps you code faster and smarter. It's 100% free... 🤯 Here's how it works:

Angry Tom

297,480 views • 1 year ago

Tutorial: Make AI apps with Firebase to automate your creative workflows Firebase is GOAT in AI coding now. So far been way easier than Cursor or Windsurf (and free!). I made an app that searches through my Firefly prompts using Gemini. No coding experience needed. So cool.
1:55

Tutorial: Make AI apps with Firebase to automate your creative workflows Firebase is GOAT in AI coding now. So far been way easier than Cursor or Windsurf (and free!). I made an app that searches through my Firefly prompts using Gemini. No coding experience needed. So cool.

Kris Kashtanova

25,188 views • 1 year ago

AI is here, but the tools are still missing. That’s your opportunity. AI agents need web data extractors, automation workflows, MCP servers, and API wrappers. Build them. Publish on Apify. $1M Challenge prize pool. 🌄 Start building →
0:31

AI is here, but the tools are still missing. That’s your opportunity. AI agents need web data extractors, automation workflows, MCP servers, and API wrappers. Build them. Publish on Apify. $1M Challenge prize pool. 🌄 Start building →

Apify

14,083 views • 7 months ago

AI coding agents have access to your API keys, your codebase, your production environment. One prompt injection and they work for someone else. Gate AI sits inline on every request and stops it. Launching June 2026.
0:25

AI coding agents have access to your API keys, your codebase, your production environment. One prompt injection and they work for someone else. Gate AI sits inline on every request and stops it. Launching June 2026.

Constellation²

12,134,704 views • 25 days ago

7. Codefy A toolbox of useful coding widgets to help you speed up your coding workflow using AI. Write, explain, debug, compare, and translate code with 15+ helpful, customized tools.
1:18

7. Codefy A toolbox of useful coding widgets to help you speed up your coding workflow using AI. Write, explain, debug, compare, and translate code with 15+ helpful, customized tools.

Rowan Cheung

27,056 views • 3 years ago

A masterclass from Jeremy Howard on why AI coding tools can be a trap -- and what 45 years of programming taught him that most vibe coders will never learn. - AI coding tools exploit gambling psychology - The difference between typing code and software engineering - Enterprise coding AND prompt-only vibe coding are "inhumane" i.e. disconnecting humans from understanding-building - AI tools remove the "desirable difficulty" you need to build deep mental models. Out on MLST now!
7:21

A masterclass from Jeremy Howard on why AI coding tools can be a trap -- and what 45 years of programming taught him that most vibe coders will never learn. - AI coding tools exploit gambling psychology - The difference between typing code and software engineering - Enterprise coding AND prompt-only vibe coding are "inhumane" i.e. disconnecting humans from understanding-building - AI tools remove the "desirable difficulty" you need to build deep mental models. Out on MLST now!

Machine Learning Street Talk

169,783 views • 3 months ago

Transform AI agent workflows into MCP servers. MCP clients like Cursor and Windsurf can invoke and orchestrate agents the same way it does other MCP servers. 100% opensource.
2:05

Transform AI agent workflows into MCP servers. MCP clients like Cursor and Windsurf can invoke and orchestrate agents the same way it does other MCP servers. 100% opensource.

Shubham Saboo

16,340 views • 1 year ago

Introducing Duet (duet) - group chatgpt for work • chat with your team and the latest AI models together • connect your MCP tools • trigger workflows via agents • create a shared knowledge base for your entire team
1:48

Introducing Duet (duet) - group chatgpt for work • chat with your team and the latest AI models together • connect your MCP tools • trigger workflows via agents • create a shared knowledge base for your entire team

David

27,948 views • 6 months ago

Be among the first to try GPT-5 in JetBrains AI Assistant and the coding agent Junie! 👉
0:49

Be among the first to try GPT-5 in JetBrains AI Assistant and the coding agent Junie! 👉

JetBrains

371,998 views • 10 months ago

Introducing BLACKBOXAI - Your Friendly Cloud AI Coding Assistant! We’re excited to share a game-changing opportunity with you. Now, everyone can access a powerful AI coding assistant in the cloud. It's easy to get started! Give it a try here:
1:23

Introducing BLACKBOXAI - Your Friendly Cloud AI Coding Assistant! We’re excited to share a game-changing opportunity with you. Now, everyone can access a powerful AI coding assistant in the cloud. It's easy to get started! Give it a try here:

Jami

21,452 views • 1 year ago

Explore the dart_mcp package, a powerful framework for building Model Context Protocol (MCP) servers and clients in Dart, enabling you to connect AI models to resources, tools, and create custom workflows.
3:06

Explore the dart_mcp package, a powerful framework for building Model Context Protocol (MCP) servers and clients in Dart, enabling you to connect AI models to resources, tools, and create custom workflows.

Flutter

23,120 views • 1 month ago

The most underrated feature in AI coding tools isn't what you think. One simple rules file - supported by Visual Studio Code, Cursor and @windsurf - can massively increase the quality and reliability of your AI assistant Here's the secret sauce...
13:52

The most underrated feature in AI coding tools isn't what you think. One simple rules file - supported by Visual Studio Code, Cursor and @windsurf - can massively increase the quality and reliability of your AI assistant Here's the secret sauce...

Yifan

69,498 views • 1 year ago

A Crash Course on Building AI Agents! Here's what it covers: - What is an AI agent - Connecting agents to tools - Overview of MCP - Replacing tools with MCP servers - Setting up observability and tracing All with 100% open-source tools!
32:57

A Crash Course on Building AI Agents! Here's what it covers: - What is an AI agent - Connecting agents to tools - Overview of MCP - Replacing tools with MCP servers - Setting up observability and tracing All with 100% open-source tools!

Akshay 🚀

115,825 views • 11 months ago

🚨 BREAKING: This is literally your first AI coding agent Forget Cursor!! Clacky AI is an Agentic Coding Studio that actually builds software with you.. from task to implementation here's how:
0:54

🚨 BREAKING: This is literally your first AI coding agent Forget Cursor!! Clacky AI is an Agentic Coding Studio that actually builds software with you.. from task to implementation here's how:

Nelly;

44,196 views • 1 year ago

New course: MCP: Build Rich-Context AI Apps with Anthropic. Learn to build AI apps that access tools, data, and prompts using the Model Context Protocol in this short course, created in partnership with Anthropic Anthropic and taught by Elie Schoppik Elie Schoppik, its Head of Technical Education. Connecting AI applications to external systems that bring rich context to LLM-based applications has often meant writing custom integrations for each use case. MCP is an open protocol that standardizes how LLMs access tools, data, and prompts from external sources, and simplifies how you provide context to your LLM-based applications. For example, you can provide context via third-party tools that let your LLM make API calls to search the web, access data from local docs, retrieve code from a GitHub repo, and so on. MCP, developed by Anthropic, is based on a client-server architecture that defines the communication details between an MCP client, hosted inside the AI application, and an MCP server that exposes tools, resources, and prompt templates. The server can be a subprocess launched by the client that runs locally or an independent process running remotely. In this hands-on course, you'll learn the core architecture behind MCP. You’ll create an MCP-compatible chatbot, build and deploy an MCP server, and connect the chatbot to your MCP server and other open-source servers. Here’s what you’ll do: - Understand why MCP makes AI development less fragmented and standardizes connections between AI applications and external data sources - Learn the core components of the client-server architecture of MCP and the underlying communication mechanism - Build a chatbot with custom tools for searching academic papers, and transform it into an MCP-compatible application - Build a local MCP server that exposes tools, resources, and prompt templates using FastMCP, and test it using MCP Inspector - Create an MCP client inside your chatbot to dynamically connect to your server - Connect your chatbot to reference servers built by Anthropic’s MCP team, such as filesystem, which implements filesystem operations, and fetch, which extracts contents from the web as markdown - Configure Claude Desktop to connect to your server and others, and explore how it abstracts away the low-level logic of MCP clients - Deploy your MCP server remotely and test it with the Inspector or other MCP-compatible applications - Learn about the roadmap for future MCP development, such as multi-agent architecture, MCP registry API, server discovery, authorization, and authentication MCP is an exciting and important technology that lets you build rich-context AI applications that connect to a growing ecosystem of MCP servers, with minimal integration work. Please sign up here!
2:43

New course: MCP: Build Rich-Context AI Apps with Anthropic. Learn to build AI apps that access tools, data, and prompts using the Model Context Protocol in this short course, created in partnership with Anthropic Anthropic and taught by Elie Schoppik Elie Schoppik, its Head of Technical Education. Connecting AI applications to external systems that bring rich context to LLM-based applications has often meant writing custom integrations for each use case. MCP is an open protocol that standardizes how LLMs access tools, data, and prompts from external sources, and simplifies how you provide context to your LLM-based applications. For example, you can provide context via third-party tools that let your LLM make API calls to search the web, access data from local docs, retrieve code from a GitHub repo, and so on. MCP, developed by Anthropic, is based on a client-server architecture that defines the communication details between an MCP client, hosted inside the AI application, and an MCP server that exposes tools, resources, and prompt templates. The server can be a subprocess launched by the client that runs locally or an independent process running remotely. In this hands-on course, you'll learn the core architecture behind MCP. You’ll create an MCP-compatible chatbot, build and deploy an MCP server, and connect the chatbot to your MCP server and other open-source servers. Here’s what you’ll do: - Understand why MCP makes AI development less fragmented and standardizes connections between AI applications and external data sources - Learn the core components of the client-server architecture of MCP and the underlying communication mechanism - Build a chatbot with custom tools for searching academic papers, and transform it into an MCP-compatible application - Build a local MCP server that exposes tools, resources, and prompt templates using FastMCP, and test it using MCP Inspector - Create an MCP client inside your chatbot to dynamically connect to your server - Connect your chatbot to reference servers built by Anthropic’s MCP team, such as filesystem, which implements filesystem operations, and fetch, which extracts contents from the web as markdown - Configure Claude Desktop to connect to your server and others, and explore how it abstracts away the low-level logic of MCP clients - Deploy your MCP server remotely and test it with the Inspector or other MCP-compatible applications - Learn about the roadmap for future MCP development, such as multi-agent architecture, MCP registry API, server discovery, authorization, and authentication MCP is an exciting and important technology that lets you build rich-context AI applications that connect to a growing ecosystem of MCP servers, with minimal integration work. Please sign up here!

Andrew Ng

141,952 views • 1 year ago

People of pi. Welcome to the meta coding agent harness 0.50.0. npm install -g @mariozechner/pi-coding-agent - Bundle your extensions, skills, prompt templates, and skills as pi packages, distribute via NPM or git - Hot-reload everything via /reload A 🧵 of possibilities (1/x)
0:25

People of pi. Welcome to the meta coding agent harness 0.50.0. npm install -g @mariozechner/pi-coding-agent - Bundle your extensions, skills, prompt templates, and skills as pi packages, distribute via NPM or git - Hot-reload everything via /reload A 🧵 of possibilities (1/x)

Mario Zechner

36,105 views • 4 months ago

Exploring Andrej Karpathy Nanochat through a Knowledge Graph Love how this project combines simplicity with power. Want to navigate and understand the entire repo? Check it out here: Plus, you can connect it via MCP to any AI coding assistant and work directly on the repository. Powered by Deep Graph MCP AI at Meta and Groq Inc
0:23

Exploring Andrej Karpathy Nanochat through a Knowledge Graph Love how this project combines simplicity with power. Want to navigate and understand the entire repo? Check it out here: Plus, you can connect it via MCP to any AI coding assistant and work directly on the repository. Powered by Deep Graph MCP AI at Meta and Groq Inc

Daniel San

126,557 views • 8 months ago

AI tool goes rogue and destroys 'months of work in seconds' 🤖 #ai #replit #coding #news #pcgamer #pcgaming
0:54

AI tool goes rogue and destroys 'months of work in seconds' 🤖 #ai #replit #coding #news #pcgamer #pcgaming

PC Gamer

13,442 views • 11 months ago

We've raised $5M to launch the first coding agent that can continuously learn your coding taste. Introducing Command Code. $ npm i -g command-code Code 10x faster. Review 2x quicker. Bugs 5x slashed. Taste >>>> AI Slop.
3:56

We've raised $5M to launch the first coding agent that can continuously learn your coding taste. Introducing Command Code. $ npm i -g command-code Code 10x faster. Review 2x quicker. Bugs 5x slashed. Taste >>>> AI Slop.

Command Code

118,837 views • 3 months ago