In the blog post, the author mentioned that their AI agent found the malicious payload.
That reminded me of people writing malicious AI prompts. I find it shocking , that you really cannot trust 3rd party code and cannot safely use AI as a tool to quickly audit said code.
I wonder if interviewing will come full circle and we’ll go back to resumes, phone interview, then in-person interviews. Rather, than the whole “take home project” crap (well… at least I have another reason to opt of them).
Damn, I thought LinkedIn itself got hacked, but that’s just “recruiter” trying to get people to install malicious npm modules. 🥱
Good heads up tho, I periodically get folks trying some bullshit with me in there like “let’s talk on WhatsApp”.
Yikes, this is spooky stuff.
In the blog post, the author mentioned that their AI agent found the malicious payload.
That reminded me of people writing malicious AI prompts. I find it shocking , that you really cannot trust 3rd party code and cannot safely use AI as a tool to quickly audit said code.
I wonder if interviewing will come full circle and we’ll go back to resumes, phone interview, then in-person interviews. Rather, than the whole “take home project” crap (well… at least I have another reason to opt of them).