993: It’s Been A Hell Of Week

993: It’s Been A Hell Of Week

From Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

April 6, 2026 · 38 min

About this episode

Scott and Wes discuss a chaotic week in development news, including significant security incidents and how to protect projects from similar issues.

Scott and Wes break down a chaotic week in dev news — the Claude Code source leak, a nasty Axios npm supply chain hack, and Railway’s private cache exposure — plus how to keep these nightmare scenarios from hitting your own projects. Show Notes 00:00 Welcome to Syntax! 00:55 Claude Code Leaked! Wes’ X Post Apple Source Code Video 05:42 Burning through Claude Code token limits. Reddit Thread 08:57 Axios hacked! Step Security pnpm Supply Chain Security pnpm minimumReleaseAge 16:13 Pretext blew up! Pretext.js Demos Wes’ Demo 27:24 Railway shared private cache. Railway Incident Report 31:54 Sick Picks & Shameless Plugs. Sick Picks Scott: Kindle Colorsoft Kids Wes: UGREEN 200W 8-Port GaN USB C Charger Block, Wyze Headphones Shameless Plugs Scott: Syntax on YouTube Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

People in this episode

Hosts: Scott Tolinski, Wes Bos

Topics covered

  • dev news
  • supply chain security
  • source code leak
  • npm hacks
  • project safety

Keywords

  • Claude Code
  • Axios hack
  • Railway cache exposure
  • supply chain security
  • dev news

Mentioned in this episode

Organizations: Axios, Railway, Claude Code

Products: Kindle Colorsoft Kids, UGREEN 200W 8-Port GaN USB C Charger Block, Wyze Headphones

More episodes of Syntax - Tasty Web Development Treats

Explore listener stats, chart rankings, contacts and more on the Syntax - Tasty Web Development Treats podcast page.