frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

What rare disease AI teaches us about longitudinal health

https://myaether.live/blog/what-rare-disease-ai-teaches-us-about-longitudinal-health
1•takmak007•2m ago•0 comments

The Brand Savior Complex and the New Age of Self Censorship

https://thesocialjuice.substack.com/p/the-brand-savior-complex-and-the
1•jaskaransainiz•3m ago•0 comments

Show HN: A Prompting Framework for Non-Vibe-Coders

https://github.com/No3371/projex
1•3371•4m ago•0 comments

Kilroy is a local-first "software factory" CLI

https://github.com/danshapiro/kilroy
1•ukuina•14m ago•0 comments

Mathscapes – Jan 2026 [pdf]

https://momath.org/wp-content/uploads/2026/02/1.-Mathscapes-January-2026-with-Solution.pdf
1•vismit2000•16m ago•0 comments

80386 Barrel Shifter

https://nand2mario.github.io/posts/2026/80386_barrel_shifter/
2•jamesbowman•17m ago•0 comments

Training Foundation Models Directly on Human Brain Data

https://arxiv.org/abs/2601.12053
1•helloplanets•17m ago•0 comments

Web Speech API on HN Threads

https://toulas.ch/projects/hn-readaloud/
1•etoulas•20m ago•0 comments

ArtisanForge: Learn Laravel through a gamified RPG adventure – 100% free

https://artisanforge.online/
1•grazulex•20m ago•1 comments

Your phone edits all your photos with AI – is it changing your view of reality?

https://www.bbc.com/future/article/20260203-the-ai-that-quietly-edits-all-of-your-photos
1•breve•21m ago•0 comments

DStack, a small Bash tool for managing Docker Compose projects

https://github.com/KyanJeuring/dstack
1•kppjeuring•22m ago•1 comments

Hop – Fast SSH connection manager with TUI dashboard

https://github.com/danmartuszewski/hop
1•danmartuszewski•23m ago•1 comments

Turning books to courses using AI

https://www.book2course.org/
2•syukursyakir•24m ago•0 comments

Top #1 AI Video Agent: Free All in One AI Video and Image Agent by Vidzoo AI

https://vidzoo.ai
1•Evan233•24m ago•1 comments

Ask HN: How would you design an LLM-unfriendly language?

1•sph•26m ago•0 comments

Show HN: MuxPod – A mobile tmux client for monitoring AI agents on the go

https://github.com/moezakura/mux-pod
1•moezakura•27m ago•0 comments

March for Billionaires

https://marchforbillionaires.org/
1•gscott•27m ago•0 comments

Turn Claude Code/OpenClaw into Your Local Lovart – AI Design MCP Server

https://github.com/jau123/MeiGen-Art
1•jaujaujau•28m ago•0 comments

An Nginx Engineer Took over AI's Benchmark Tool

https://github.com/hongzhidao/jsbench/tree/main/docs
1•zhidao9•30m ago•0 comments

Use fn-keys as fn-keys for chosen apps in OS X

https://www.balanci.ng/tools/karabiner-function-key-generator.html
1•thelollies•30m ago•1 comments

Sir/SIEN: A communication protocol for production outages

https://getsimul.com/blog/communicate-outage-to-ceo
1•pingananth•31m ago•1 comments

Show HN: OpenCode for Meetings

https://getscripta.app
2•whitemyrat•32m ago•1 comments

The chaos in the US is affecting open source software and its developers

https://www.osnews.com/story/144348/the-chaos-in-the-us-is-affecting-open-source-software-and-its...
1•pjmlp•34m ago•0 comments

The world heard JD Vance being booed at the Olympics. Except for viewers in USA

https://www.theguardian.com/sport/2026/feb/07/jd-vance-boos-winter-olympics
67•treetalker•35m ago•14 comments

The original vi is a product of its time (and its time has passed)

https://utcc.utoronto.ca/~cks/space/blog/unix/ViIsAProductOfItsTime
1•ingve•43m ago•0 comments

Circumstantial Complexity, LLMs and Large Scale Architecture

https://www.datagubbe.se/aiarch/
1•ingve•50m ago•0 comments

Tech Bro Saga: big tech critique essay series

1•dikobraz•53m ago•0 comments

Show HN: A calculus course with an AI tutor watching the lectures with you

https://calculus.academa.ai/
1•apoogdk•56m ago•0 comments

Show HN: 83K lines of C++ – cryptocurrency written from scratch, not a fork

https://github.com/Kristian5013/flow-protocol
1•kristianXXI•1h ago•0 comments

Show HN: SAA – A minimal shell-as-chat agent using only Bash

https://github.com/moravy-mochi/saa
1•mrvmochi•1h ago•0 comments
Open in hackernews

Prettier NPM Packages Compromised in Supply Chain Attack

https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise
45•feross•6mo ago

Comments

tiagod•6mo ago
This is pretty bad.
gausswho•6mo ago
Only vulnerable on Windows machines?
nateb2022•6mo ago
Perhaps on macOS/Linux they didn't need to download a DLL to perform whatever hackery they did
acheong08•6mo ago
Anyone done reverse engineering on what the dll does? The advice of rolling back versions wouldn't be sufficient if it also exfiltrated ssh keys and such for pushing to git
warmedcookie•6mo ago
I was infected and it disables chrome security flags (you'll see a banner in Chrome indicating this) and probably a bunch of other nasty things. I unplugged my Ethernet, turned off the computer, bought a new SSD and installed fresh copy of windows on it. Deleted the boot files / renamed windows folder on infected SSD and slowly pull files over that I need.

I also deleted all SSH keys / changed passwords. Lessons learned? Disable scripts and run in a container.

Bright side? I now have a 4TB SSD instead of a 2TB SSD.

nateb2022•6mo ago
For what it's worth, both bun and deno disable lifecycle scripts by default (bun has a default allowlist of the top 500 npm packages with lifecycle scripts, however none of the affected packages are on that list: https://github.com/oven-sh/bun/blob/main/src/install/default...).

Switching to a secure-by-default package manager, I think, is something this type of event should make us all reconsider.

c-hendricks•6mo ago
eslint-config-prettier and eslint-plugin-prettier, not prettier proper.

https://news.ycombinator.com/item?id=44609732