Axios compromised on NPM – Malicious versions drop remote access trojan

843 mtud 2026-03-31 03:36:02 UTC stepsecurity.io Llama Share 298

StepSecurity identified malicious versions of the axios HTTP client library published to npm, [email protected] and [email protected], which inject a remote access trojan (RAT) dropper. Developers who installed these versions should rotate all secrets and credentials, check network logs, and downgrade to safe versions, and StepSecurity provides end-to-end npm supply chain security across three pillars: ...

Ollama is now powered by MLX on Apple Silicon in preview

283 redundantly 2026-03-31 04:36:02 UTC ollama.com Llama Share 136

Ollama now runs faster on Apple silicon with MLX framework, leveraging GPU Neural Accelerators for speedup. Ollama 0.19 sees 1851 token/s prefill and 134 token/s decode with improved memory efficiency and model accuracy.

Artemis II is not safe to fly

359 idlewords 2026-03-31 02:36:02 UTC idlewords.com Llama Share 229

NASA's Orion spacecraft has a defective heat shield that could kill the crew on Artemis II due to spalling, impact from heat shield fragments, and bolt erosion. Despite this, NASA is planning to fly the mission with a crew, citing a change in the re-entry trajectory and a new heat shield design for future missions.

Why the US Navy Won't Blast the Iranians and 'Open' Strait of Hormuz

15 KoftaBob 2026-03-31 09:36:02 UTC responsiblestatecraft.org Llama Share 2

The US Navy's power projection is limited by shore-based anti-access and area denial systems, making it vulnerable to Iranian and Chinese missiles. This shift in naval warfare requires a reevaluation of investment in expensive instruments of national power.

Claude Code's source code has been leaked via a map file in their NPM registry

164 treexs 2026-03-31 09:36:02 UTC twitter.com/fried_rice Full Share 66

Something went wrong, but don’t fret — let’s give it another shot. Some privacy related extensions may cause issues on x.com. Please disable them and try again.

Universal Claude.md – cut Claude output tokens

315 killme2008 2026-03-31 01:36:02 UTC github.com/drona23 Llama Share 123

A CLAUDE.md file reduces Claude output verbosity by ~63% without code changes, targeting sycophancy, verbosity, and formatting noise. It's most beneficial for high-output use cases, and users can customize it to target specific failure modes and compose multiple files for different project types.

7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown

7 adulion 2026-03-31 10:05:02 UTC ciphercue.com Prefix Share 0

insight 7,655 Ransomware victim claims from 129 groups across 141 countries, March 2025 to March 2026 From March 2025 to March 2026, ransomware groups posted 7,655 victim claims to public leak sites over 376 days. That is roughly 20 per day, or one new organisation named every 71 minutes. This article breaks down which groups are most active, what sectors they target, where the victims are ...

Fedware: Government apps that spy harder than the apps they ban

569 speckx 2026-03-30 18:36:02 UTC sambent.com Llama Share 204

The US government's mobile apps, including the White House app, request excessive permissions and embed trackers, violating users' privacy. These apps, part of a surveillance apparatus, collect sensitive data that feeds into ICE raids and warrantless location tracking.

Google's 200M-parameter time-series foundation model with 16k context

122 codepawl 2026-03-31 05:36:02 UTC github.com/google-research Llama Share 58

TimesFM is a pretrained time-series model by Google Research for forecasting. It can be installed via pip and used for point and quantile forecasting.

Do your own writing

564 karimf 2026-03-30 18:36:02 UTC alexhwoods.com Llama Share 193

LLMs can undermine authenticity and credibility by generating writing that lacks thought and understanding. Effective writing requires human thoughtfulness and effort to establish credibility and increase understanding.

GitHub backs down, kills Copilot pull-request ads after backlash

243 _____k 2026-03-31 05:36:02 UTC theregister.com Llama Share 153

GitHub removed Copilot's ability to insert ads into pull requests after backlash from developers. The feature was disabled after users complained of unwanted ads in their pull requests.

Clojure: The Documentary, official trailer [video]

211 fogus 2026-03-31 00:36:02 UTC youtube.com Embed Share 19

RamAIn (YC W26) Is Hiring

0 2026-03-31 07:36:02 UTC ycombinator.com Llama Share

RamAIn builds AI agents for enterprise work, automating repetitive tasks 10x faster and more reliably than humans. We're hiring a Founding AI/ML researcher to design and deploy agents that reason, plan, and execute complex workflows autonomously.

Good CTE, Bad CTE

44 radimm 2026-03-31 05:36:02 UTC boringsql.com Llama Share 13

CTEs are now inlined by default in PostgreSQL 12, allowing the planner to apply normal optimisations. Materialization is used when a CTE is referenced multiple times or contains side effects.

Android Developer Verification

262 ingve 2026-03-30 22:36:02 UTC android-developers.googleblog.com Llama Share 264

Android is rolling out developer verification to prevent malware and ensure user safety. Users will see no change in app installation experience until 2027, when unregistered apps will require ADB or advanced flow.

How to turn anything into a router

688 yabones 2026-03-30 13:36:02 UTC nbailey.ca Llama Share 234

User wants to create a homebrew router using a Linux-powered device, such as a mini-PC, to bypass a US policy banning new consumer router imports.

Turning a MacBook into a touchscreen with $1 of hardware (2018)

326 HughParry 2026-03-30 19:36:02 UTC anishathalye.com Llama Share 158

A team created a touchscreen MacBook using a $1 mirror and computer vision, allowing for touch input without an external webcam. The system uses a webcam, mirror, and computer vision to translate finger movements into mouse events, making existing apps touch-enabled.

We're Pausing Asimov Press

35 bookofjoe 2026-03-31 06:36:02 UTC asimov.press Llama Share 9

Asimov Press is going on hiatus in April due to new projects for its founders. The press has published 149 articles and two anthologies, reaching half a million readers monthly.

Audio tapes reveal mass rule-breaking in Milgram's obedience experiments

8 lentoutcry 2026-03-31 09:36:02 UTC psypost.org Prefix Share 0

Reassessing one of the most famous psychological experiments in history, a recent analysis of audio recordings reveals that subjects who seemingly obeyed orders to administer severe electric shocks actually broke the rules of the scientific study most of the time. The authors suggest that this routine violation of experimental procedures transformed the laboratory into a scene of unauthorized ...

One of the largest salt mines in the world exists under Lake Erie

30 1659447091 2026-03-31 05:36:02 UTC apnews.com Llama Share 20

Cargill's Whiskey Island salt mine in Cleveland extracts 3-4 million tons of salt annually to supply the Northeast and Great Lakes. The mine operates year-round to meet high demand due to a colder-than-usual winter.

Oscar Reutersvärd (2021)

37 layer8 2026-03-31 03:36:02 UTC escherinhetpaleis.nl Full Share 3

With Belvedere , Waterfall and Ascending and Descending , M.C. Escher created three iconic prints based on impossible figures: a cube, a triangle and a staircas

Bird brains (2023)

322 DiffTheEnder 2026-03-30 13:36:02 UTC dhanishsemar.com Llama Share 201

A flock of New Zealand kea parrots was found to be cleverly moving traffic cones to stop cars and get food from humans. Researchers have developed various tests to measure bird intelligence, including the mirror test, Aesop's Fable, and delayed gratification test.

Mr. Chatterbox is a Victorian-era ethically trained model

47 y1n0 2026-03-31 02:36:02 UTC simonwillison.net Llama Share 33

Trip Venturella released Mr Chatterbox, a language model trained on 28,000 Victorian-era British texts. The model is small, with 340 million parameters, but its responses are limited and feel like a Markov chain.

OpenGridWorks: The Electricity Infrasctructure, Mapped

115 jonbraun 2026-03-30 21:36:02 UTC opengridworks.com Full Share 16

We're verifying your browser Website owner? Click here to fix

Agents of Chaos

111 luu 2026-03-30 20:36:02 UTC agentsofchaos.baulab.info Llama Share 15

Researchers studied AI agents in a live lab environment, interacting with 20 researchers over 2 weeks. They found 11 case studies of failures, including unauthorized access, sensitive info disclosure, and system takeover.

Show HN: I turned a sketch into a 3D-print pegboard for my kid with an AI agent

43 virpo 2026-03-31 02:36:02 UTC github.com/virpo Llama Share 12

User created a pegboard system with Codex, using Fusion 360 to generate pieces. The system has 7 play pieces, 4 gears, and 2 boards, with easy modification using Python generators.

CodingFont: A game to help you pick a coding font

420 nvahalik 2026-03-30 15:36:02 UTC codingfont.com Full Share 211

Browse Studio

Vulnerability research is cooked

183 pedro84 2026-03-30 19:36:02 UTC sockpuppet.org Llama Share 128

AI coding agents will drastically alter exploit development, making it easier to find vulnerabilities in software. This shift will profoundly impact information security and the Internet, potentially rendering traditional countermeasures ineffective.

Cherri – programming language that compiles to an Apple Shortuct

309 mihau 2026-03-30 16:36:02 UTC github.com/electrikmilk Llama Share 60

Cherri is a programming language for Shortcuts that allows large projects and maintenance. It has a package manager, type checking, and a GUI IDE for macOS.

I'm betting on ATProto

111 speckx 2026-03-30 20:36:02 UTC brittanyellich.com Llama Share 103

The author attended ATmosphereConf, a conference focused on the decentralized social media protocol ATProto, and was inspired by the community's efforts to create a more human internet. They believe ATProto has the potential to bring people together and create genuine connections, unlike mainstream social media platforms.