In this edition you learn how an AI coding agent almost wiped the computers of 1M users and how to design in the browser!

WeAreDevelopers Dev Digest

View in browser

Issue 179: NPM hacks, design tools in the browser and AI coding agent fails.

WeAreDevelopers World Congress 8-11/7/26 - get 15% off using code "devdigest"

Hello fellow developer, AI agents get a lot of power these days. They can run CLI commands, call tools and create and delete files for us. In one case, this almost meant that 1M users of one of them would have ended up with a bricked machine. And if that's not enough, NPM "is" was malware caused by phishing and supply chain attacks. On the plus side, check out what creative folk can do in 1k of JavaScript and learn from the amazing Elena how Penpot makes browsers react swiftly to people working together. 

Elena Torró of Penpot talking about how to render collaborative design software in the browser

On this episode of Coffee with Developers we welcome Elena Torró, Software Engineer at Penpot, to discuss the challenges faced by their team of engineers building complex design and development prototype software for the browser and a whole lot more. If you wonder how to speed up rendering whilst staying accessible, check out the recording.

What's happening in AI

  • RateMyPrompt - discover the best AI prompts
  • AI Coding Agents remove code language barriers
  • AI is eating the Internet - an exploration of the Internet to come
  • GitHub Spark turns free language to apps and you can reverse engineer it with itself!
  • Google Opal offers the same idea. Everybody is riding the vibe coding train.

Security and Privacy

  • AI and Secure Code Generation
  • NPM issues: Supply chain attack, ‘is’ Package Hijacked, Stylus package removed.
  • Amazon AI coding agent hacked to wipe data exposing 1M users!
  • Your body can be fingerprinted and tracked by Wi-Fi signals
  • Replit AI Agent Deletes Sensitive Data Despite Explicit Instructions

Software Development

  • State of HTML 2025 now open
  • How to Make Websites That Will Require Lots of Your Time and Energy
  • Frontend Performance Checklist
  • How To Create An NPM Package
  • Revisiting My 2010 JavaScript Library - isIE = (!+"\v1") ? true : false; 
  • When Is WebAssembly Going to Get DOM Support?

Tips, Tricks and Tools

  • Simple live reload for developing static sites
  • MCP Boilerplate: Simple Setup Guide
  • copyparty - turn any device into a file server
  • GitMCP - stop vibe-hallucinating and start vibe-coding
  • Fake data generator

Procrastination corner and Wonderful Weird Web

  • EsJS is JavaScript in Spanish and you can try it in the ESJS playground
  • js1024 Annual JavaScript Golfing Competition - magic in 1k!
  • You can store data on a bird - meet the 2MB/s trained Starling.
  • The history behjnd Microsoft's ‘Eat your own dog food
  • Using Death Stranding’s photo mode for UK Reddit and Discord’s UK age verification 

Career and Culture:

  • The UK's age verification law results in a 1,400% spike in signups for ProtonVPN
  • Meta allows candidates to use AI in coding tests - so does Canva.
  • Celebrating 20 years of MDN
  • Axe-core at 3 billion: A milestone in the movement for digital accessibility
  • WCAG in Plain English
Are you looking for opportunities or fancy a change?

Companies to check:

  • Identity and Access Mngmt Coordinator at ALDI DX
  • Product Owner UI/UX+Scrum at NDT Global
  • Senior Data Engineer at BWI
  • Senior Frontend Engineer at Almedia
  • Senior Frontend Developer (Vue3 /CSS /GraphQL /Bootstrap) at basebox
  • Sunhat
  • qualitype
  • Finanz Informatik
  • PROSOZ Herten
  • VECTOR Informatik

More jobs here: Remote positions - Germany - Austria

WeAreDevelopers, Schottenfeldgasse 23, Vienna, Vienna 1070, Austria

Unsubscribe Manage preferences