frontpage.

When malware, a rogue script, npm module, or an attacker with shell access starts scanning your home directory for credentials, the canary trips and fires an alert. Developer's computers are increasingly being targeted with attacks, for example the LiteLLM attacks demonstrate the recent risks and complex supply chain attacks.

I made this tool for macOS systems that helps detect when a package accesses something it shouldn't. It's a tiny go binary (less than 2k LOC) with no dependencies that will mount a webdav filesystem (no root) or NFS (root required) with fake secrets and send you a notification when anything accesses it. Very stupid simple. I've always really liked the canary/honeypot approach and this at least may give some folks a chance to detect (similar to like LittleSnitch) when something strange is going on!

When to use which mode? Use WebDAV for low-friction canaries you can spin up anywhere. Use NFS for canaries that need to survive an attacker who has your user shell and is looking around.

Microsoft Set for Worst Quarter Since 2008 as AI Fears Converge

Codex-review – Claude Code plugin for Codex reviews of plans and implementations

Show HN: Hollow – serverless web perception for AI agents

Double FPS on MacBook Neo with water cooling

CRNG: Random numbers with real market fat tails, not Gaussian

Case Study: How an Arkweaver Customer Answers the Hard Questions

Why are executives enamored with AI, but ICs aren't?

The sun and thousands of its twins migrated across the Milky Way just in time

The Cost of Concurrency Coordination with Jon Gjengset [video]

I've created a programming course where you build what you buy

Five Nights at Epstein's – Game

Anti-Islanding and Smart Grid Protection (2015)

The first A-Corp law is here

Vibe Security Radar: Real CVEs where AI-generated code introduced Bugs

Hegseth's War on Anthropic Encounters the First Amendment

About the Atmosphere

Red Teaming Would Fix Liberalism's Crisis

US Tech Companies Must Be Liable for Facilitating Persecution and Torture Abroad

Mount any SEC EDGAR filer's complete filing history as a virtual filesystem

CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root

Moats, or castles in the air?

Malicious IoliteLabs VSCode Extensions Target Solidity Developers with Backdoor

Alan Cache – the best caching library? (Part 1)

Show HN: Echoes of Deception

Building a Firewall via Endpoint Security?

Researchers use quantum biosensors to peer into the inner workings of cells

Post reporters called the White House. Their phones showed 'Epstein Island.'

Google warns quantum computers could hack encrypted systems by 2029

Exact Geometric Resolution of Cosmological Constant Problem: The Flat 3-Torus

Sashiko agentic Linux kernel code review system

Show HN: Tiny filesystem honeypot for macOS with zero dependencies in Go