frontpage.

This came up on conversation over the weekend and I thought I would reach out here and on social media. There is a theoretical way to weaponize slopsquatting, which is to create many (number to be determined) repositories on Github that use a loadable package that promises one thing but has a back door in it to enable an adversary to take control. By filling a pipeline of repositories, giving them "popularity" with a spambot army, one could "inject" into the CoPilot model that the package with the back door was a valid solution to some common coding "want." If the compromised package "worked" to the extent that it did what it said it does until someone asks it to do something different, it could conceivably migrate into non adversary controlled repositories and from there into the greater network.

So crazy talk or CVE? Hard to tell the difference these days.

Ask HN: Anyone Using a Mac Studio for Local AI/LLM?

Ask HN: Ideas for small ways to make the world a better place

Ask HN: Non-profit, volunteers run org needs CRM. Is Odoo Community a good sol.?

Ask HN: Non AI-obsessed tech forums

Ask HN: 10 months since the Llama-4 release: what happened to Meta AI?

AI Regex Scientist: A self-improving regex solver

Ask HN: Who wants to be hired? (February 2026)

Ask HN: Who is hiring? (February 2026)

Tell HN: Another round of Zendesk email spam

Ask HN: Is Connecting via SSH Risky?

Ask HN: Why LLM providers sell access instead of consulting services?

Ask HN: Any International Job Boards for International Workers?

Ask HN: Has your whole engineering team gone big into AI coding? How's it going?

Ask HN: What is the most complicated Algorithm you came up with yourself?

Ask HN: How does ChatGPT decide which websites to recommend?

Ask HN: Is it just me or are most businesses insane?

Ask HN: Mem0 stores memories, but doesn't learn user patterns

Ask HN: Is there anyone here who still uses slide rules?

Ask HN: Anyone Seeing YT ads related to chats on ChatGPT?

Ask HN: Does global decoupling from the USA signal comeback of the desktop app?

Kernighan on Programming

We built a serverless GPU inference platform with predictable latency

Ask HN: How Did You Validate?

Ask HN: Does a good "read it later" app exist?

Ask HN: Have you been fired because of AI?

Ask HN: Cheap laptop for Linux without GUI (for writing)

Ask HN: Anyone have a "sovereign" solution for phone calls?

Test management tools for automation heavy teams

Ask HN: OpenClaw users, what is your token spend?

Ask HN: Has anybody moved their local community off of Facebook groups?