frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Project Gutenberg – keeps getting better

https://www.gutenberg.org/
130•JSeiko•58m ago•43 comments

OpenAI is connecting ChatGPT to bank accounts via Plaid

https://firethering.com/chatgpt-bank-account-plaid-openai/
31•steveharing1•35m ago•31 comments

A 0-click exploit chain for the Pixel 10

https://projectzero.google/2026/05/pixel-10-exploit.html
179•happyhardcore•3h ago•77 comments

The sigmoids won't save you

https://www.astralcodexten.com/p/the-sigmoids-wont-save-you
37•Tomte•6h ago•33 comments

I built Zenith: a live local-first fixed viewport planetarium

https://smorgasb.org/zenith-tech/
28•surprisetalk•1h ago•2 comments

Hightouch (YC S19) Is Hiring

https://hightouch.com/careers
1•joshwget•12m ago

O(x)Caml in Space

https://gazagnaire.org/blog/2026-05-14-borealis.html
187•yminsky•6h ago•37 comments

ASCII by Jason Scott

https://ascii.textfiles.com/
66•bookofjoe•3h ago•11 comments

Explore Wikipedia Like a Windows XP Desktop

https://explorer.samismith.com/
362•smusamashah•8h ago•98 comments

High dimensional geometry is transforming the MRI industry(2017) [pdf]

https://www.ams.org/government/DonohoPresentation06-28-17Final.pdf
49•nill0•3h ago•13 comments

Radicle: Sovereign {code forge} built on Git

https://radicle.dev/
139•KolmogorovComp•5h ago•38 comments

Image-blaster: Creates 3D environments, SFX, and meshes from a single image

https://github.com/neilsonnn/image-blaster
12•MattRogish•1h ago•0 comments

Show HN: Watch a neural net learn to play Snake

https://ppo.gradexp.xyz/
27•c1b•1d ago•4 comments

A new book on Steve Jobs at NeXT

https://spectrum.ieee.org/steve-jobs-next-computer
111•rbanffy•6h ago•96 comments

We don't know why Malawi is poor

https://newsletter.deenamousa.com/p/we-dont-know-why-malawi-is-poor
3•alphabetatango•16m ago•0 comments

Removing the modem and GPS from my 2024 RAV4 hybrid

https://arkadiyt.com/2026/05/13/removing-the-modem-and-gps-from-my-rav4/
1000•arkadiyt•1d ago•527 comments

Amazon workers under pressure to up their AI usage are making up tasks

https://www.fastcompany.com/91541586/amazon-workers-pressured-to-up-ai-use-extraneous-tasks
172•hackernj•3h ago•133 comments

Trade Dollars with other startups. Book it as revenue

https://www.revswap.ai/
139•tormeh•4h ago•98 comments

A few words on DS4

https://antirez.com/news/165
390•caust1c•18h ago•161 comments

We are retiring our bug bounty program

https://turso.tech/blog/the-wonders-of-ai
303•tjek•3h ago•223 comments

Details of the Daring Airdrop at Tristan Da Cunha

https://www.tristandc.com/government/news-2026-05-11-airdrop.php
224•kspacewalk2•13h ago•86 comments

Building ML framework with Rust and Category Theory

https://hghalebi.github.io/category_theory_transformer_rs/
80•adamnemecek•1d ago•17 comments

Ask HN: How to be SOC2 Type 2 compliant as a solo-entreprenuer?

63•sochix•9h ago•73 comments

RTX 5090 and M4 MacBook Air: Can It Game?

https://scottjg.com/posts/2026-05-05-egpu-mac-gaming/
662•allenleee•1d ago•157 comments

NanoTDB – Golang Append-Only Time Series DB

https://github.com/aymanhs/nanotdb
30•aymanhs72•6h ago•5 comments

First public macOS kernel memory corruption exploit on Apple M5

https://blog.calif.io/p/first-public-kernel-memory-corruption
417•quadrige•22h ago•112 comments

Welcome to the Strip Mining Era of OSS Security

https://www.metabase.com/blog/strip-mining-era-of-open-source-security
88•salsakran•5h ago•65 comments

Codex is now in the ChatGPT mobile app

https://openai.com/index/work-with-codex-from-anywhere/
426•mikeevans•21h ago•217 comments

New Nginx Exploit

https://github.com/DepthFirstDisclosures/Nginx-Rift
418•hetsaraiya•23h ago•97 comments

Gyroflow: Video stabilization using gyroscope data

https://github.com/gyroflow/gyroflow
143•nateb2022•3d ago•25 comments
Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•12mo ago

Comments

steele•12mo ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•12mo ago
Lmao, gentrify cracked me up
neilv•12mo ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•12mo ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•12mo ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•12mo ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•12mo ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•12mo ago
May as well just release an executable tbh.
theamk•12mo ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•12mo ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•12mo ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."