news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

TeamPCP Supply Chain Campaign: Update 004

https://isc.sans.edu/index_dyn.html

1•jruohonen•1h ago

Comments

jruohonen•1h ago

The noteworthy bit:

"INFO: Cloud Security Alliance Publishes Second Research Note on AI/ML Supply Chain Risk The Cloud Security Alliance AI Safety Initiative published a research note on March 29 framing the TeamPCP campaign as a structural shift in adversary methodology -- from opportunistic typosquatting to deliberate pipeline compromise of trusted [AI/ML] packages."

I put AI/ML in square brackets because of:

https://news.ycombinator.com/item?id=47582220

Voranto•1h ago

Seems to be the wrong link. Was able to find the correct link but the one presented just routes to a guide on data exfiltration.

Let the Commits Tell the Story

https://chrismaiorana.com/git-commits-tell-the-story/

1•swq115•27s ago•0 comments

Axios NPM Package Compromised: Supply Chain Attack Delivers Cross-Platform Rat

https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/

1•jruohonen•2m ago•1 comments

Claude Code full source code leaked on NPM

https://github.com/chatgptprojects/claude-code

1•dheerajmp•3m ago•0 comments

Damn Claude, that's a lot of commits

https://aifoc.us/damn-claude-thats-a-lot-of-commits/

1•twapi•3m ago•0 comments

Another Starlink satellite has inexplicably exploded

https://www.theverge.com/science/903906/another-starlink-satellite-has-inexplicably-exploded

2•ColinWright•4m ago•0 comments

Super technical engineers and managers suck at explaining their thoughts

https://newsletter.manager.dev/p/explaining-understanding-and-data-compression

2•AntonZ234•5m ago•0 comments

Orca – Executable skills and capabilities for AI agent workflows

https://github.com/gfernandf/agent-skills

2•gfernandf•8m ago•0 comments

I built 5 AI agents that scrape every platform 24/7 to find dev tools you'd miss

https://claudecodetools.dev

2•Rredlegit•10m ago•0 comments

Playing in the Mac App Sandbox

https://troz.net/post/2026/playing_mac_sandbox/

2•ingve•11m ago•0 comments

Why the US Navy Won't Blast the Iranians and 'Open' Strait of Hormuz

https://responsiblestatecraft.org/iran-strait-of-hormuz/

3•KoftaBob•12m ago•1 comments

Semlib: Semantic Data Processing

https://anishathalye.com/semlib/

1•vismit2000•15m ago•0 comments

I built an O(1) physics engine to stop LLM hallucinations in construction

https://flooring-ai-matrix.streamlit.app/

1•svid•19m ago•0 comments

"An Endless Stream of AI Slop"

https://arxiv.org/abs/2603.27249

2•jruohonen•25m ago•0 comments

Cursor rules that prevent AI from hallucinating bad Next.js code

https://github.com/vibestackdev/vibe-stack

1•vibestackdev•25m ago•0 comments

Positron Flux: from DORA dashboards to explaining what changed

https://sklivvz.com/posts/introducing-positron-flux

5•sklivvz1971•27m ago•0 comments

Engineering Blog Posts from Top Tech Companies

https://www.engineering.fyi

1•abracos•28m ago•0 comments

Prompt intensity threshold effect on AI-generated invention quality (preprint)

https://zenodo.org/records/19347700

1•h_hasegawa•29m ago•0 comments

Causality optional? Testing the "indefinite causal order" superposition

https://arstechnica.com/science/2026/03/getting-formal-about-quantum-mechanics-lack-of-causality/

1•rbanffy•30m ago•0 comments

The Horrors That Could Lie Ahead If Vaccines Vanish

https://projects.propublica.org/childhood-vaccines-deaths-modeling/

3•littlexsparkee•35m ago•0 comments

Does RAG Help AI Coding Tools?

https://www.mikeayles.com/blog/rag-coding-tools/

1•mikeayles•35m ago•1 comments

What Happened to Procomm Plus

https://dfarq.homeip.net/what-happened-to-procomm-plus/

1•zoidb•36m ago•0 comments

HN: AI-native investing app that builds and adapts thematic portfolios to you

https://basketsai.com

1•pranav6226•37m ago•1 comments

The Racket Programming Language

https://www.racket-lang.org/

3•h4ch1•38m ago•0 comments

Golang Constmap by Daniel Lemire

https://twitter.com/lemire/status/2038320406432494059

2•pjf•39m ago•1 comments

What are the best resources to learn about Harness Engineering?

1•udayan_w•39m ago•0 comments

After 16 years and $8B, the military's new GPS software still doesn't work

https://arstechnica.com/space/2026/03/after-16-years-and-8-billion-the-militarys-new-gps-software...

2•rbanffy•40m ago•0 comments

Claude Code's source code has been leaked via a map file in their NPM registry

https://twitter.com/Fried_rice/status/2038894956459290963

50•treexs•42m ago•20 comments

LibreTranslate: Free and Open Source Machine Translation API

https://github.com/LibreTranslate/LibreTranslate

2•ahamez•45m ago•0 comments

David Foster Wallace and the problem of loneliness [video]

https://www.youtube.com/watch?v=FCfpOugmd9E

1•simonebrunozzi•47m ago•0 comments

£5M Funding for supply chain security innovation in UK

https://apply-for-innovation-funding.service.gov.uk/competition/2421/overview/3d6991fa-73b2-48c0-...

4•anonhaven•54m ago•0 comments