frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Supply chain attack alert: .github/setup.js

8•antihero•1h ago
Our org GitHub just got compromised massively by a supply-chain attack. Vectors are

* Claude hooks

* Gemini hooks

* Cursor setup

* VScode tasks

It adds all of the above to execute node .github/setup.js, an obfuscated file.

Check infected: `rg --hidden --no-ignore 'node .github/setup.js`

It spreads by adding mimic'd skip-ci commits to open PRs which then get merged.

Payload is obfuscated, available on request.

If this is already a known one in the world, apologies, it hit us at around 10PM BST last night, the damage would have been incredible.

Still trying to identify the original source.

Anthropic calls for global freeze in AI development

https://www.telegraph.co.uk/business/2026/06/04/worlds-most-valuable-ai-start-up-calls-for-global...
1•truegoric•43s ago•1 comments

Arithmetic Without Numbers – How LLMs Do Math

https://alvaro-videla.com/llm-arithmetic-internals/article_interactive/article.html
1•old_sound•2m ago•1 comments

Short videos may hinder learning by fragmenting attention and memory, study

https://phys.org/news/2026-06-short-videos-hinder-fragmenting-attention.html
1•pseudolus•5m ago•0 comments

The Most Predictable Edit in History

https://medium.com/@jakeorlowitz/the-most-predictable-edit-in-history-967956076b11
1•JohnHammersley•6m ago•0 comments

Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy

https://www.haproxy.com/blog/haproxy-cve-2026-49975-http2-bomb
2•owenthejumper•8m ago•0 comments

Ultra fast cross-platform multiple screenshots module in pure Python

https://python-mss.readthedocs.io/stable/index.html
1•ankitg12•10m ago•0 comments

Show HN: Gaussographs – Gaussian Splat Photography

https://bayardrandel.com/gaussographs/
1•squidsoup•11m ago•0 comments

Doctors file complaint against Philip Morris over 'misleading AI tool'

https://www.dutchnews.nl/2026/06/doctors-slam-misleading-philip-morris-tobacco-campaign/
1•molf•11m ago•0 comments

Introduction to Using Control Strings

https://apps.microsoft.com/detail/9p129dd8kdmw?hl=en-US&gl=US
1•GateLink•12m ago•1 comments

Reinforcement Learning and Optimal Control Book (RIP Dimitri Bertsekas)

https://web.mit.edu/dimitrib/www/RLbook.html
1•sebzuddas•16m ago•0 comments

Chrome, Opera and Vivaldi pen open letter to Microsoft saying "enough is enough"

https://www.neowin.net/news/browser-vendors-pen-open-letter-to-microsoft-saying-enough-is-enough/
3•bundie•17m ago•0 comments

Mac OLM to PST Outlook Converter Software

https://www.perfectdatasolutions.com/en/olm/olm-to-pst-converter.html
1•tieanderson•18m ago•0 comments

Oracle files foreign-worker requests amid layoff bloodbath

https://nypost.com/2026/04/02/us-news/outrage-over-oracles-thousands-of-h-1b-requests-amid-layoffs/
2•robtherobber•22m ago•0 comments

A disease of deforestation: how Ebola is linked to the smartphone in your pocket

https://www.theguardian.com/world/2026/jun/05/ebola-mineral-mining-smartphones-congo
2•kuerbel•22m ago•0 comments

Offres D'emploi EN RDC – Disponibles Sur Kivuhub Emplois (Kivuhub.net) June 2026

1•kivuhub•31m ago•0 comments

A peek at POSIX sh's future goodies

https://world-playground-deceit.net/blog/2026/06/a-peek-at-posix-sh-s-future-goodies.html
1•BoingBoomTschak•33m ago•0 comments

Mantyx – Free Agent Runtime with batteries included

https://mantyx.io/
1•mantyx•40m ago•0 comments

Automated Oracle to PostgreSQL Migration in Seconds

https://www.spectralcore.com/blog/why-we-built-sql-tran-oracle-to-postgresql-migration
2•spectral_beel•41m ago•0 comments

RNG: Flat Datacenter Networks at Scale

https://arxiv.org/abs/2604.15261
1•rayhaanj•42m ago•0 comments

Envato forced my hand. Now selling direct and rethinking marketplace trust

https://www.indiehackers.com/post/envato-s-july-policy-change-forced-my-hand-now-i-m-selling-dire...
1•veno_es•46m ago•0 comments

Kill Sticky Headers (2013)

https://alisdair.mcdiarmid.org/kill-sticky-headers/
3•downbad_•46m ago•0 comments

OpenAI says it will comply with Trump's order requiring AI model reviews

https://www.cnbc.com/2026/06/05/openai-trump-ai-model-review-order.html
2•thm•48m ago•0 comments

Preprint warns of catastrophic AI risks if no action is taken within five years

https://news.uq.edu.au/2026-06-global-experts-assess-risk-ai-catastrophes
3•giuliomagnifico•49m ago•0 comments

Should I choose v1 or v2? [AutoHotkey Wiki]

https://autohotkey.wiki/versions
1•ankitg12•49m ago•0 comments

How China is using human labor to win the humanoid robot data race

https://restofworld.org/2026/china-ai-robotics-training-data/
2•JeanKage•52m ago•0 comments

I built From after 10 years of failing to stick with any note-taking app

https://getfrom.app/blog/en/why-i-built-from
1•lezaun•54m ago•1 comments

Why are US consumers so angry? It's not just high prices

https://www.theguardian.com/us-news/ng-interactive/2026/jun/04/us-consumer-rage-prices-economy
4•prmph•54m ago•0 comments

Hertaler – Modernise archaic language in ePub, HTML private

https://thejanmanshow.github.io/Hertaler/
1•janandonly•57m ago•0 comments

Boundaries of Stationary Feature Learning: A Minimax Barrier for Scaling Laws

https://zenodo.org/records/20516952
2•ivandrozdovisme•59m ago•0 comments

EPL – a programming language where every keyword is plain English

https://www.google.com/url?q=https://github.com/abneeshsingh21/EPL&source=gmail&ust=1780737352628...
2•abneesh_builds•1h ago•0 comments