news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Lightyear.fm – radio waves far from Earth

https://lightyear.fm/

1•memalign•41s ago•0 comments

Waze but Built for Tesla

https://old.reddit.com/r/TeslaLounge/comments/1p9x9zk/i_created_a_better_inbrowser_tesla_waze_map...

1•ryanvogel•42s ago•0 comments

Bryan Johnson taking magic mushrooms live right now

https://www.youtube.com/watch?v=64_ve0ToFrI

2•danielfalbo•9m ago•0 comments

Norway's $2T Wealth Fund Has Become an Election Football

https://www.bloomberg.com/news/articles/2025-09-04/norway-election-trump-ally-takes-on-world-s-bi...

1•alephnerd•12m ago•0 comments

Building the Perfect Linux PC with Linus Torvalds

https://youtu.be/mfv0V1SxbNA?si=ASyHL7YiMtdOCVen

6•tiernano•14m ago•0 comments

Hacking on the ReMarkable 2

https://sgt.hootr.club/blog/hacking-on-the-remarkable-2/

1•todsacerdoti•25m ago•0 comments

By my count, Linux has 11% of the desktop market. Here's how I got that number

https://www.zdnet.com/article/why-people-keep-flocking-to-linux-in-2025-and-its-not-just-to-escap...

4•breve•26m ago•0 comments

Subversion beats Perforce in handling large files, and it's not even close

https://www.liamfoot.com/subversion-beats-perforce-in-handling-large-files-and-its-not-even-close

2•prmph•30m ago•1 comments

Kv.js: Advanced in-memory caching for JavaScript

https://www.npmjs.com/package/@heyputer/kv.js

1•ent101•32m ago•0 comments

Reverse Engineering the Next.js Job Interview Malware (Hidden in Next.config.js)

https://dzentota.medium.com/reverse-engineering-the-next-js-job-interview-malware-targeting-lastp...

2•dzentota•32m ago•1 comments

Oxylipins from Soybean Oil Driving Obesity

https://www.jlr.org/article/S0022-2275(25)00195-6/fulltext

1•Noaidi•33m ago•0 comments

Dangerous Streets: Using ML to Prioritize Cyclist Safety

https://joshfonseca.com/blogs/dangerous-streets

2•m-hodges•34m ago•0 comments

$1000 bounty to add a feature to coolify

https://github.com/coollabsio/coolify/issues/7423

3•jimmydin7•35m ago•0 comments

Golden Dome (orbital weapon system)

https://en.wikipedia.org/wiki/Golden_Dome_(missile_defense_system)

2•exomonk•37m ago•0 comments

GhidrAssist and GhidrAssistMCP LLM plugins reached v1.0

2•jtang613•38m ago•0 comments

Training Foundation Models on a Full-Stack AMD Platform

https://arxiv.org/abs/2511.17127

1•ngaut•38m ago•0 comments

Can bigger-is-better 'scaling laws' keep AI improving forever?

https://theconversation.com/can-bigger-is-better-scaling-laws-keep-ai-improving-forever-history-s...

6•devonnull•40m ago•0 comments

I can't tell if this photo is real or AI and that terrifies me

https://twitter.com/immasiddx/status/1992979078220263720

2•bakigul•42m ago•2 comments

AI rendering of Roman war scenes from Trajan's Column

https://trajancolumn.com

1•unix-junkie•42m ago•0 comments

Show HN: Sportfoli – A Simple, Clean Sports Profile Builder for Athletes

https://www.sportfoli.com/

1•ethjdev•43m ago•0 comments

Mystery foot belongs to ancient human relative

https://www.france24.com/en/live-news/20251127-mystery-foot-belongs-to-ancient-human-relative-sci...

1•gmays•44m ago•0 comments

Show HN: Boing #2

https://boing.playcode.io

1•ianberdin•48m ago•1 comments

LLM – Unit Economics

https://robonomics.substack.com/p/llm-unit-economics

1•gmays•50m ago•1 comments

Tell HN: Happy LLM Day

3•christina97•50m ago•5 comments

Horizontal Volume Control in Apple Music – But Why?

https://iamvishnu.com/posts/horizontal-volume-control-apple-music

5•vishnuharidas•51m ago•0 comments

Show HN: Revolut for International Calls at cheap rates

https://callpronto.app

1•daolm•53m ago•0 comments

The Song of the Western Men

https://www.trelawnysarmy.org/ta/tawestmn.html

1•dash2•54m ago•0 comments

Why some memories last a lifetime while others fade fast

https://www.sciencedaily.com/releases/2025/11/251130050712.htm

1•saikatsg•54m ago•0 comments

New 3D scan reveals a hidden network of moai carvers on Easter Island

https://www.sciencedaily.com/releases/2025/11/251130050717.htm

1•saikatsg•55m ago•0 comments

Türkiye's Kızılelma writes history as it proves air-to-air capability

https://www.dailysabah.com/business/defense/turkiyes-kizilelma-writes-history-as-it-proves-air-to...

2•sahin•56m ago•0 comments

Open in hackernews

Reverse Engineering the Next.js Job Interview Malware (Hidden in Next.config.js)

https://dzentota.medium.com/reverse-engineering-the-next-js-job-interview-malware-targeting-lastpass-crypto-de79b60a4edb

2•dzentota•32m ago

Comments

dzentota•32m ago

OP here. This is a detailed analysis of a malware attack I recently encountered.

TL;DR: I was approached for a job on LinkedIn and asked to run a Next.js project. The malware wasn't in package.json dependencies but was triggered by next.config.js executing a fake jQuery file during npm run dev.

It dropped a Python RAT that targets LastPass vaults and crypto extensions. I managed to deobfuscate 65 layers of the payload to find the source code.

Happy to answer any questions about the analysis or the vectors used.