So, about a week ago, we had our first serious malware attack using users' ability to write JavaScript code in the Snap! environment to present users with a fake version of the snap.berkeley.edu web site, with the goal both of collecting passwords and of potentially infecting users' computers.