Vibe Coding Weekly #26
Vibe Coding Weekly is your definitive source for staying current with the latest trends, tools, and techniques that are transforming the development landscape.
Happy Monday!
Welcome to edition #26 of Vibe Coding Weekly.
🔦 If you only read one thing this week: Anthropic accidentally exposed a draft blog post about Claude Mythos — an unreleased model described as “a step change” above Opus 4.6 with dramatically higher coding and cybersecurity scores. The company confirmed the model is real, warned of unprecedented cybersecurity risks, and plans a security-first rollout before general availability. Read more →
This week in one satisfying refactor:
The Platform War: JetBrains launched Central, a full governance and orchestration layer for agentic software development — and simultaneously retired Code With Me, igniting developer backlash about trading human collaboration for agent coordination
The Security Wake-Up: A poisoned Trivy scanner leaked LiteLLM’s PyPI credentials, enabling a cascading supply chain attack that backdoored the world’s most widely used AI proxy library for three hours on March 24
The Data: AI-authored code now has 74 confirmed CVEs — Claude Code alone accounts for 49 — while the UK’s NCSC formally warned that vibe coding without oversight carries structural security risks
Free for subscribers!
Change Management in Agentic AI Adoption — A practical framework for making AI adoption actually work inside your team.
Plus every week: curated tools, articles, and insights on AI-powered software development.
Key Takeaways
Claude Mythos is real and already in testing: Anthropic’s accidental data leak revealed a new model above Opus 4.6 with “dramatically higher scores” on coding, reasoning, and cybersecurity — internally codenamed “Capybara.” The company confirmed it and warned of unprecedented cybersecurity risks, planning a security-first rollout before general availability
JetBrains is betting on agent governance, not pair programming: Central is JetBrains’ production platform for orchestrating AI agents across IDEs, with policy enforcement, cost attribution, and multi-agent workflows. The tradeoff: Code With Me, the peer collaboration tool, is being retired — provoking real backlash
Cursor self-hosted cloud agents solve enterprise compliance: Cursor’s full agent harness — isolated VMs, multi-model, plugins — can now run entirely on your own infrastructure, keeping code and tool execution inside your network. Target: security-sensitive enterprises like fintechs and enterprise SaaS teams
AI-authored code now has 74 confirmed CVEs: Georgia Tech’s tracker logs 74 CVEs attributed to AI-written code (Claude Code: 49, GitHub Copilot: 15), while only 30% of generated snippets pass security verification. The NCSC’s warning about vibe coding is backed by data, not just intuition
LiteLLM was backdoored via a poisoned security scanner: TeamPCP routed a supply chain attack through Trivy to steal LiteLLM’s PyPI credentials, publishing two malicious versions on March 24. The packages deployed credential harvesters, Kubernetes lateral movement, and a persistent backdoor — and were live for three hours
Claude can now use your computer: Computer use in Claude Code and Cowork gives Claude direct screen control on macOS for Pro and Max subscribers — opening files, running dev tools, navigating browsers — without setup, working alongside the new Dispatch recurring-task feature
📦 Releases & News
Anthropic ‘Mythos’ AI Model Representing ‘Step Change’ in Power Revealed in Data Leak
A CMS misconfiguration at Anthropic exposed ~3,000 internal documents, including a draft blog post about Claude Mythos — a new model the company describes as “the most capable we’ve built to date.” The model, also referenced internally as “Capybara,” achieves “dramatically higher scores” on software coding, academic reasoning, and cybersecurity tests compared to Claude Opus 4.6, sitting in a new tier above the existing Opus line. Anthropic confirmed the model is complete and in early-access testing — but the company is treating its own creation with unusual caution: it believes Mythos poses unprecedented cybersecurity risks due to its advanced vulnerability-exploitation capabilities, and plans to give security defenders early access to stress-test defenses before a wider rollout.
Put Claude to Work on Your Computer
Anthropic added computer use to Claude Code and Cowork on March 23, available in research preview for Pro and Max subscribers on macOS. Claude can now open files, run dev tools, navigate browsers, and control the screen — no additional setup required. The system prioritizes connectors to services like Slack or Google Calendar when available, falling back to direct screen control when no connector exists. Alongside computer use, Anthropic launched Dispatch: a feature that lets you assign tasks to Claude from your phone and have them execute on your desktop, including recurring workflows like morning email checks or weekly metric pulls.
Cursor: Run Cloud Agents in Your Own Infrastructure
Cursor’s self-hosted cloud agents bring the full agent harness — isolated VMs, multi-model support (including Composer 2), plugins, hooks, and team permission controls — entirely inside your own network. Code, build artifacts, and tool execution never leave the customer environment. Agents connect outbound via HTTPS with no inbound port requirements and have access to internal caches, dependencies, and network endpoints. Brex, Money Forward, and Notion are among the initial enterprise adopters. For regulated industries where data cannot leave the perimeter, this removes the last major blocker to adopting Cursor’s agentic capabilities at scale.
Introducing JetBrains Central: An Open System for Agentic Software Development
JetBrains announced Central, a production-grade governance and orchestration layer for agentic software development. The platform provides three capabilities: governance (policy enforcement, identity and access management, cost attribution), cloud infrastructure (reliable agent execution runtimes), and optimization (semantic context sharing across repositories for system-level agent understanding). Developers can initiate workflows from any IDE or CLI, and agents from any ecosystem — Claude, Codex, Gemini CLI, or custom-built — can be orchestrated through Central. The Early Access Program launches Q2 2026. Notably, JetBrains announced that Code With Me, its remote pair programming feature, will be retired in 2026.1 and fully discontinued in Q1 2027.
GitHub Copilot for Jira — Public Preview Enhancements
GitHub updated the Copilot coding agent integration with Jira across four dimensions: clearer onboarding with improved error messages; model selection directly from Jira — mention @GitHub Copilot in a comment and specify the model you want; automatic Jira ticket traceability — the agent now includes the ticket number in PR titles and branch names; and Confluence integration via Atlassian MCP server, giving the agent access to design documents and specs when implementing issues. The traceability feature alone closes a gap that developers managing many parallel agent-opened PRs had been navigating manually.
Integrate Claude Code with Red Hat AI Inference Server on OpenShift
Red Hat published a practical tutorial for running Claude Code against a locally-hosted model on OpenShift with GPU support using Red Hat AI Inference Server (a downstream version of vLLM). The integration uses three environment variables — ANTHROPIC_BASE_URL, ANTHROPIC_API_KEY, and per-tier model name overrides — to redirect Claude Code’s Anthropic Messages API calls to an on-premises endpoint. All prompts and responses stay within the organization’s infrastructure. The guide targets enterprises with strict data residency requirements who want to retain Claude Code’s developer experience without sending code to Anthropic’s cloud.
Free for subscribers!
Change Management in Agentic AI Adoption — A practical framework for making AI adoption actually work inside your team.
Plus every week: curated tools, articles, and insights on AI-powered software development.
📚 Tutorials and Resources
Thoughts on Slowing the Fuck Down
Mario Zechner argues that the most dangerous thing about AI coding agents isn’t the code they write — it’s the speed at which errors compound before anyone reviews them. “A human is a bottleneck... there’s only so many booboos the human can introduce in a codebase per day.” With orchestrated agents, that rate ceiling disappears. Zechner’s prescription is counterintuitive: deliberately limit your daily code generation to match your review capacity, hand-write architectural decisions to preserve your own reasoning ability, and periodically ask whether the feature being generated is necessary at all. This is some of the most grounded practical advice for maintaining code health under agentic velocity.
A Quote from Matt Webb on Architecture and Vibe Coding
Matt Webb observes that the right response to AI agents’ ability to grind problems into dust isn’t better prompting — it’s better architecture. When you design excellent library interfaces that constrain the solution space, both agents and humans are guided toward correct implementations, regardless of who writes the code. Webb notes a shift in his own practice: “while I’m vibing... I am looking at lines of code less than ever before, and thinking about architecture more than ever.” A short read with structural implications: as code generation becomes cheap, the value of good interface design rises proportionally.
💡 Others
Using AI to Code Does Not Mean Your Code Is More Secure
Georgia Tech researchers tracking CVEs in AI-authored code found 74 confirmed vulnerabilities as of March 20, 2026: Claude Code accounts for 49 (11 critical), GitHub Copilot for 15 (2 critical), and the remaining tools collectively for 10. Researcher Hanqing Zhao emphasized these numbers are a “lower bound” — Claude Code now appears in over 4% of public GitHub commits (15 million total), making the CVE ratio implausibly low. Georgetown University research found 48% of AI-generated code snippets contained bugs and only 30% passed security verification. The UK’s NCSC formally warned this month that “vibe coding” — deploying AI-written software with minimal human oversight — carries structural security risks. Adoption is outrunning auditing.
How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
Snyk’s analysis of the TeamPCP supply chain attack on March 24 lays out the full attack chain: Trivy’s GitHub Actions were compromised on March 19, extracting LiteLLM’s PyPI publishing credentials from its CI/CD pipeline. Using those credentials, TeamPCP published two malicious LiteLLM versions (1.82.7 and 1.82.8) deploying a three-stage payload: credential harvesting from cloud platforms and SSH keys, Kubernetes lateral movement, and a persistent backdoor for remote code execution. The packages were available for approximately three hours before PyPI quarantined them. The attack demonstrates that AI proxy infrastructure — which concentrates API keys and cloud credentials by design — is now a high-value supply chain target requiring the same scrutiny as any critical dependency.
Claude Code Users Report Rapid Rate Limit Drain
Starting March 23, Claude Code Max subscribers began reporting 5-hour session windows depleting in 1-2 hours. One Max 20x user watched usage jump from 21% to 100% on a single prompt. Anthropic confirmed the change was intentional: it adjusted how session limits are consumed during peak hours (5am–11am PT, weekdays) to manage GPU demand. Weekly limits remain unchanged, but ~7% of users will now hit session limits they previously wouldn’t have. The underlying cause is demand outrunning GPU capacity — a useful benchmark for understanding how seriously the market is using agentic workflows at scale. Anthropic’s recommendation: shift token-intensive tasks to off-peak hours.
JetBrains Shifts to Agentic Dev with Central, Retires Pair Programming
The Register covers the developer reaction to JetBrains’ Central announcement, focusing on the Code With Me retirement. JetBrains head of agentic platform Oleg Koverznev argued that “code generation is cheap and no longer a bottleneck” — the real challenge is managing the operational and economic complexity of agent-driven work. Developers pushed back in threads, noting that Code With Me solves problems Central doesn’t address: remote onboarding, distributed debugging, teaching, and the kind of synchronous human-to-human review that agents can’t replicate. The discussion surfaced a real tension in the IDE space: governance tooling for agents and collaboration tooling for humans serve different workflows, and retiring one to fund the other is a strategic bet on which workflow wins.
That’s a wrap for this week. Two stories defined the seven days: the accidental reveal of an AI model powerful enough to worry its own creators, and a supply chain attack that proved AI infrastructure is now worth targeting at the source. The tooling is scaling. The attack surface is scaling with it. And the developers who ship the most code with agents this week are the same ones being asked to audit what those agents built.
The discipline question is no longer theoretical.
Stay tuned for next week’s edition.
Vibe Coding Weekly is your definitive source for staying current with the latest trends, tools, and techniques that are transforming the development landscape.
In each update, you’ll receive:
Deep dives into new technologies and emerging frameworks
Optimized code patterns that enhance both efficiency and readability
Curated tools and resources that will supercharge your workflow
Community insights that are defining the future of development
Our goal is to provide you with concise, relevant, and actionable information that you can immediately apply to your projects.
Clean code and positive vibes,
The Vibe Coding Team
Awesome graphic here. the capaybara for the Capybara hah!
The CVE data is a strong signal. Adoption is clearly moving faster than proper validation and review.