This could have destroyed the entire web (the next one probably will)
Related videos
Did He Really Think No One Would Check?
Destiny
70.3k views
“This Could Destroy the Church” NEW Lost Ancient Text Discovered | Matt LaCroix
Danny Jones
13.0k views
This Will DESTROY Lord of the Rings
Nerdrotic
225.9k views
This Could Be The End Of Our Alliance With Israel...
Destiny
79.3k views
"The Gulf Fears Whoever Wins This War": U.S.-Israeli War on Iran Could Destabilize Entire Region
Democracy Now!
139.2k views
I can't believe nobody's done this before...
Theo - t3․gg
167.2k views
Cursor, Claude Code and Codex all have a BIG problem
Theo - t3․gg
134.9k views
Agentic Coding Has A HUGE Problem
Theo - t3․gg
95.7k views
AI mistakes you're probably making
Theo - t3․gg
135.1k views
Cloudflare takes on Next.js
Theo - t3․gg
98.5k views
Unlock all features
FREE: Get instant access to 10 AI summaries, chats, or transcripts per day.
Unlock all features
FREE: Get instant access to 10 AI summaries, chats, or transcripts per day.
Unlock all features
FREE: Get instant access to 10 AI summaries, chats, or transcripts per day.
Unlock all features
FREE: Get instant access to 10 AI summaries, chats, or transcripts per day.
Unlock all features
FREE: Get instant access to 10 AI summaries, chats, or transcripts per day.
Related videos
Did He Really Think No One Would Check?
Destiny
70.3k views
“This Could Destroy the Church” NEW Lost Ancient Text Discovered | Matt LaCroix
Danny Jones
13.0k views
This Will DESTROY Lord of the Rings
Nerdrotic
225.9k views
This Could Be The End Of Our Alliance With Israel...
Destiny
79.3k views
"The Gulf Fears Whoever Wins This War": U.S.-Israeli War on Iran Could Destabilize Entire Region
Democracy Now!
139.2k views
I can't believe nobody's done this before...
Theo - t3․gg
167.2k views
Cursor, Claude Code and Codex all have a BIG problem
Theo - t3․gg
134.9k views
Agentic Coding Has A HUGE Problem
Theo - t3․gg
95.7k views
AI mistakes you're probably making
Theo - t3․gg
135.1k views
Cloudflare takes on Next.js
Theo - t3․gg
98.5k views
Top Comments (10)
Hi Theo, I'd like to correct you on a point that is close to me. You seem to think all the devs watching this channel are great devs but as a terrible dev I'd like to fiercly oppose this framing. Could you please amend your statements going forwards so that devs that ship bloated and vulnerable code like myself feel more part of the community ? Thank you sincerely
Can't get enough of your content dude, great great stuff especially the content on startup investing.
"AI is incredible at writing annoying code." is my favourite quote from this, since it can be true in more than one way.
This has been npm hacked in 100 seconds
We got lucky again this time because the payload is so laughably specific (hooking onto the fetch in the same context and rewriting crypto transactions done through the fetch in the same context to go to the attacker's address instead). Given that the payload actually reached libraries used by terminal apps, _running in an unsandboxed environment_, this could've easily been a large scale ransomware attack.
Now imagine if someone took those "utility packages" and published a breaking change that warns the consumer they don't need this package and suggests how to use built-in APIs to achieve the same. We are discussing what is effectively an educational problem. Unless we educate developers, packages like "is-even" will exist forever.
A code preview right at the top with a copy button on NPM for any package that is small enough could also be good
I really like the sense of humor you have, good job as always man.
I didn't know Prime Theo gave Emo Theo a medal! Good job broken arm Emo Theo!
In all the videos that were made on this topic, this is the most useful
Unlock the Data Inside
Turn Videos into Knowledge
- Get FREE 10/day: transcripts, summaries, chats
- Chat with videos, export text & PDF
- $1 free API credit for RAG, chatbots & research
Free forever plan • All features unlocked
Top Comments (10)
Hi Theo, I'd like to correct you on a point that is close to me. You seem to think all the devs watching this channel are great devs but as a terrible dev I'd like to fiercly oppose this framing. Could you please amend your statements going forwards so that devs that ship bloated and vulnerable code like myself feel more part of the community ? Thank you sincerely
Can't get enough of your content dude, great great stuff especially the content on startup investing.
"AI is incredible at writing annoying code." is my favourite quote from this, since it can be true in more than one way.
This has been npm hacked in 100 seconds
We got lucky again this time because the payload is so laughably specific (hooking onto the fetch in the same context and rewriting crypto transactions done through the fetch in the same context to go to the attacker's address instead). Given that the payload actually reached libraries used by terminal apps, _running in an unsandboxed environment_, this could've easily been a large scale ransomware attack.
Now imagine if someone took those "utility packages" and published a breaking change that warns the consumer they don't need this package and suggests how to use built-in APIs to achieve the same. We are discussing what is effectively an educational problem. Unless we educate developers, packages like "is-even" will exist forever.
A code preview right at the top with a copy button on NPM for any package that is small enough could also be good
I really like the sense of humor you have, good job as always man.
I didn't know Prime Theo gave Emo Theo a medal! Good job broken arm Emo Theo!
In all the videos that were made on this topic, this is the most useful