Flux
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions

Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions

In May 2026, GitHub disclosed that attackers compromised an employee device through a poisoned third-party VS Code extension, allowing them to exfiltrate roughly 3,800 GitHub-internal repositories. The extension was Nx Console 18.95.0, a malicious release that reached both the Visual Studio Marketplace and Open VSX before removal. That incident should change how security teams think about editor extensions. Socket researchers have also documented repeated GlassWorm attacks across Open VSX,…

Socket
Quoting Charity Majors

Quoting Charity Majors

What happened in 2025 was this: the economics of code production were turned upside down. Instead of being very hard, time-consuming, and expensive to generate code, it became effectively free and instant. Lines of code went from being treasured, reused, cared for and carefully curated, to being disposable and regenerable, practically overnight. — Charity Majors, AI demands more engineering discipline. Not less Tags: charity-majors, ai-assisted-programming, generative-ai, ai, llms

Simon Willison's Weblog
Why skipping Eloquent doesn’t mean skipping SQL injection protection

Why skipping Eloquent doesn’t mean skipping SQL injection protection

Video version at: https://youtu.be/gAVfQhPw8Do A few weeks ago, I posted something on LinkedIn that ruffled some feathers. Here’s what I said: “Defaulting to the ORM for everything isn’t a best practice. It’s just the path of least resistance.” The replies came in fast, and a good chunk of them said the same thing: “That’s unsafe! […] The post Why skipping Eloquent doesn’t mean skipping SQL injection protection appeared first on PHP Architect.

PHP Architect
The Case Against Building Your Own Agent Platform

The Case Against Building Your Own Agent Platform

You know the meeting. The board wants an AI agent strategy by end of quarter. Someone on the leadership team has read a McKinsey report. You’ve been voluntold to build the platform. The slide deck says “AI-native.” The acceptance criteria are vague. Somebody mentions LangGraph, and somebody else says, “We’ll just wrap it ourselves.” You […]

O'Reilly Radar — AI/ML
140+ Mastra npm Packages Compromised in Coordinated Supply Chain Attack

140+ Mastra npm Packages Compromised in Coordinated Supply Chain Attack

Socket has detected a malicious npm supply chain campaign involving compromised @mastra/* packages published under the Mastra namespace. A single npm account (ehindero) mass-published more than 140 malicious packages across the Mastra scope within a short window on 2026-06-17. The compromised package versions themselves contain unmodified code; the attack is delivered through an injected dependency, a typosquatted package named easy-day-js added to each package's dependency list. easy-day-js…

Socket
<click-to-play> — a still that plays

<click-to-play> — a still that plays

Tool: &lt;click-to-play&gt; — a still that plays A progressive enchantment Web Component that turns this markup: &lt;click-to-play&gt; &lt;a href="URL to GIF"&gt; &lt;img src="URL to first frame" alt="..."&gt; &lt;/a&gt; &lt;/click-to-play&gt; Into a still frame with a click to play button which loads the GIF on demand. For when you don't want big GIFs to be loaded unless people want to play them. Here's an example that demonstrates the new row editing tools in Datasette - in fact I built this…

Simon Willison's Weblog
NetNewsWire Status

NetNewsWire Status

NetNewsWire Status I find this inspiring. Brent Simmons retired a year ago, and his retirement project is making one piece of software really, really good - free from any commercial pressure. The software is NetNewsWire, first released in 2002 and made open source in 2018. I've been using it on Mac and iPhone for several years now and I'm finding it indispensable. Via Lobste.rs Tags: brent-simmons, netnewswire, open-source

Simon Willison's Weblog
npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners

npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners

Last week, Socket Threat Research reported that newer Mini Shai-Hulud, Miasma, and Hades packages were embedding fake prompt-injection headers before obfuscated JavaScript payloads. Those comments did not affect runtime execution, but they appeared designed to interfere with AI-assisted malware review. Now we are seeing that same idea tested more directly in a package that appears designed to probe how AI-based scanners handle prompt injection, safety-triggering content, and context flooding.…

Socket
datasette 1.0a34

datasette 1.0a34

Release: datasette 1.0a34 Quoting the release notes: The big feature in this alpha is tools to insert, edit and delete rows within the Datasette interface. These features are available on table pages, and edit and delete are also available as action items on the row page. The inspiration for this feature - which is long overdue - was Datasette Agent. I added SQL write support to that the other day which highlighted how absurd it was that you could insert and edit ties via the chat interface but…

Simon Willison's Weblog