frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Over 400 Malicious packages found in Arch AUR

https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/
4•Hydrocarb0n•1h ago

Comments

Hydrocarb0n•1h ago
Attackers (or a coordinated set of compromised accounts) targeted many orphaned AUR packages—those without active maintainers. They pushed commits that added lines like this to the PKGBUILD (or related build files):bash

npm install atomic-lockfile ...

(Exact variations exist, but that's the core pattern.) This affects ~408 packages according to reports.

When users (or AUR helpers) build these packages with makepkg, it executes npm install, which downloads and runs the atomic-lockfile npm package. That package was published very recently and includes a preinstall script (a Rust binary at ./src/hooks/deps) that runs automatically during installation.

Show HN: Goloop – An agentic loop on your terminal

https://mantyx-io.github.io/goloop/
1•mantyx•1m ago•0 comments

An Interview with Intel's Kira Boyko: Xeon 6's Product Director

https://chipsandcheese.com/p/an-interview-with-intels-kira-boyko
1•rbanffy•2m ago•0 comments

Biggest IPOs in History Are Collapsing. Nobel Economist Says Run

https://www.youtube.com/watch?v=IOaYnEf5ZeY
2•quantummagic•3m ago•0 comments

The quiet collapse of British universities

https://www.arguably.uk/p/the-quiet-collapse-of-british-universities
1•theanonymousone•4m ago•0 comments

Auto mode for pi.dev. An LLM reviews your coding agent's commands

https://github.com/vinzenzu/pi-auto-reviewer
1•vinzenzu•5m ago•2 comments

Docker Sandbox Kit for Mistral Vibe CLI

https://github.com/cdr-chakotay/sbx-mistral
1•noodlebird•5m ago•0 comments

Is reviewing pull requests slowing you down?

https://www.pr-preview.com
2•VladNiculescu•11m ago•1 comments

Only Bounds: the most impactful Rust change that you’ve never heard of

https://smallcultfollowing.com/babysteps/blog/2026/06/09/only-bounds/
1•MrBuddyCasino•13m ago•0 comments

When the Watcher Became the Confidant – How AI Befriends and Infers Our Children

https://jorgepereiracampos.substack.com/p/when-the-watcher-became-the-confidant
1•BlinkyPT•15m ago•0 comments

Pokémon Go data trained AI that could assist military drones in war zones

https://www.theguardian.com/technology/2026/jun/12/pokemon-go-data-trained-ai-that-could-assist-m...
1•beardyw•16m ago•0 comments

Europe 2031 – What getting AI wrong means for us

https://europe2031.ai/
2•sarusso•16m ago•0 comments

Someone DM'd me for a pitch deck. I built a deck generator instead(now $17K MRR)

https://www.magicslides.app
1•theindianappguy•17m ago•1 comments

Mineral requirements for clean energy transitions

https://www.iea.org/reports/the-role-of-critical-minerals-in-clean-energy-transitions/mineral-req...
1•leonidasrup•22m ago•0 comments

India's workers are training AI robots to take their jobs

https://www.aljazeera.com/gallery/2026/6/11/photos-indias-workers-are-training-ai-robots-to-take-...
1•rustoo•30m ago•1 comments

Build a free AWS security lab on your laptop with LocalEmu

https://builder.aws.com
1•CloudHackerFr•30m ago•0 comments

Deezer's new tool can identify AI music from Spotify, Apple Music, and others

https://techcrunch.com/2026/06/11/deezers-new-tool-can-identify-ai-music-from-spotify-apple-music...
1•JeanKage•31m ago•0 comments

The Jqwik Anti-AI Affair

https://blog.johanneslink.net/2026/06/09/the-jqwik-anti-ai-affair/
2•birdculture•32m ago•0 comments

Building a plugin system without runtime, storage, or shared JavaScript context

https://tolgee.io/blog/building-a-plugin-system-for-tolgee-without-a-runtime-storage-or-shared-js...
1•jancizmar•34m ago•0 comments

Apple and London's Met Police have a new plan to make stolen iPhones useless

https://www.shortlist.com/tech/apple-and-londons-metropolitan-police-have-a-new-plan-to-make-stol...
1•_____k•34m ago•0 comments

Report on an Unidentified Space Station

https://sseh.uchicago.edu/doc/roauss.htm
1•paulmooreparks•38m ago•0 comments

Digital Twin

https://en.wikipedia.org/wiki/Digital_twin
1•the-mitr•38m ago•0 comments

Predytics – Real-Time World Cup Market Tracker (Polymarket and Kalshi)

https://predytics.com
1•shamxal•52m ago•0 comments

Ransomware gangs cut off from EUR 336M crypto laundering pipeline

https://www.europol.europa.eu/media-press/newsroom/news/ransomware-gangs-cut-eur-336-million-audi...
1•doener•52m ago•0 comments

Structured Markdown components without framework lock-in

https://contentbit.dev/
2•gsempe•54m ago•0 comments

The unwritten laws of software engineering

https://newsletter.manager.dev/p/the-unwritten-laws-of-software-engineering
1•fagnerbrack•57m ago•0 comments

Adam Garske: How designing new enzymes could change the world [video]

https://www.ted.com/talks/adam_garske_how_designing_brand_new_enzymes_could_change_the_world
1•fagnerbrack•57m ago•0 comments

Show HN: Interkom – Social Slack Alternative

https://interkom.app/
1•yaszko•58m ago•0 comments

The Smart Dumb Programmer

https://fagnerbrack.com/the-smart-dumb-programmer-a69b57634e87
1•fagnerbrack•59m ago•0 comments

MCP Solves the Plug, Not the Trust Boundary

https://vectoralix.com/blog/mcp-has-a-tool-selection-problem
1•eugmai86•1h ago•0 comments

The Indian workers training AI robots to take their jobs

https://today.rtl.lu/news/world/the-indian-workers-training-ai-robots-to-take-their-jobs-459004114
1•TrackerFF•1h ago•0 comments