Axios compromised on NPM – Malicious versions drop remote access trojan

941 mtud 2026-03-31 03:37:26 UTC stepsecurity.io Llama Share 332

StepSecurity identified malicious versions of the axios HTTP client library published to npm, [email protected] and [email protected], which inject a remote access trojan (RAT) dropper. Developers who installed these versions should rotate all secrets and credentials, check network logs, and downgrade to safe versions, and StepSecurity provides end-to-end npm supply chain security across three pillars: ...

Ollama is now powered by MLX on Apple Silicon in preview

328 redundantly 2026-03-31 04:37:26 UTC ollama.com Llama Share 158

Ollama now runs faster on Apple silicon with MLX framework, leveraging GPU Neural Accelerators for speedup. Ollama 0.19 sees 1851 token/s prefill and 134 token/s decode with improved memory efficiency and model accuracy.

7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown

23 adulion 2026-03-31 10:37:26 UTC ciphercue.com Llama Share 2

Ransomware groups posted 7,655 victim claims to public leak sites from March 2025 to March 2026, with Qilin being the most active group posting 1,179 claims across 74 countries. The top 5 groups accounted for 40% of the claims, and the remaining 124 groups collectively posted 4,628 claims, suggesting that disrupting any single group is unlikely to reduce the overall total significantly.

Artemis II is not safe to fly

398 idlewords 2026-03-31 02:37:26 UTC idlewords.com Llama Share 250

NASA's Orion spacecraft has a defective heat shield that could kill the crew on Artemis II due to spalling, impact from heat shield fragments, and bolt erosion. Despite this, NASA is planning to fly the mission with a crew, citing a change in the re-entry trajectory and a new heat shield design for future missions.

Claude Code's source code has been leaked via a map file in their NPM registry

302 treexs 2026-03-31 09:37:26 UTC twitter.com/fried_rice Full Share 138

Something went wrong, but don’t fret — let’s give it another shot. Some privacy related extensions may cause issues on x.com. Please disable them and try again.

Universal Claude.md – cut Claude output tokens

331 killme2008 2026-03-31 01:37:26 UTC github.com/drona23 Llama Share 124

A CLAUDE.md file reduces Claude output verbosity by ~63% without code changes, targeting sycophancy, verbosity, and formatting noise. It's most beneficial for high-output use cases, and users can customize it to target specific failure modes and compose multiple files for different project types.

Google's 200M-parameter time-series foundation model with 16k context

144 codepawl 2026-03-31 05:37:26 UTC github.com/google-research Llama Share 64

TimesFM is a pretrained time-series model by Google Research for forecasting. It can be installed via pip and used for point and quantile forecasting.

Fedware: Government apps that spy harder than the apps they ban

582 speckx 2026-03-30 18:37:26 UTC sambent.com Llama Share 209

The US government's mobile apps, including the White House app, request excessive permissions and embed trackers, violating users' privacy. These apps, part of a surveillance apparatus, collect sensitive data that feeds into ICE raids and warrantless location tracking.

Do your own writing

583 karimf 2026-03-30 18:37:26 UTC alexhwoods.com Llama Share 195

LLMs can undermine authenticity and credibility by generating writing that lacks thought and understanding. Effective writing requires human thoughtfulness and effort to establish credibility and increase understanding.

Good CTE, Bad CTE

59 radimm 2026-03-31 05:37:26 UTC boringsql.com Llama Share 17

CTEs are now inlined by default in PostgreSQL 12, allowing the planner to apply normal optimisations. Materialization is used when a CTE is referenced multiple times or contains side effects.

Clojure: The Documentary, official trailer [video]

220 fogus 2026-03-31 00:37:26 UTC youtube.com Embed Share 24

GitHub backs down, kills Copilot pull-request ads after backlash

276 _____k 2026-03-31 05:37:26 UTC theregister.com Llama Share 175

GitHub removed Copilot's ability to insert ads into pull requests after backlash from developers. The feature was disabled after users complained of unwanted ads in their pull requests.

Audio tapes reveal mass rule-breaking in Milgram's obedience experiments

19 lentoutcry 2026-03-31 09:37:26 UTC psypost.org Llama Share 6

Researchers analyzed audio recordings from the Milgram experiment and found that obedient participants broke the rules of the study most of the time, often ignoring the scientific procedure. This suggests that the laboratory environment was one of unauthorized violence, rather than a legitimate scientific study.

30 Years Ago, Robots Learned to Walk Without Falling

6 vinhnx 2026-03-31 10:37:26 UTC spectrum.ieee.org Prefix Share 0

When you hear the term humanoid robot, you may think of C-3PO, the human-cyborg-relations android from Star Wars. C-3PO was designed to assist humans in communicating with robots and alien species. The droid, which first appeared on screen in 1977, joined the characters on their adventures, walking, talking, and interacting with the environment like a human. It was ahead of its time. Before ...

Android Developer Verification

273 ingve 2026-03-30 22:37:26 UTC android-developers.googleblog.com Llama Share 275

Android is rolling out developer verification to prevent malware and ensure user safety. Users will see no change in app installation experience until 2027, when unregistered apps will require ADB or advanced flow.

How to turn anything into a router

696 yabones 2026-03-30 13:37:26 UTC nbailey.ca Llama Share 239

User wants to create a homebrew router using a Linux-powered device, such as a mini-PC, to bypass a US policy banning new consumer router imports.

Turning a MacBook into a touchscreen with $1 of hardware (2018)

333 HughParry 2026-03-30 19:37:26 UTC anishathalye.com Llama Share 168

A team created a touchscreen MacBook using a $1 mirror and computer vision, allowing for touch input without an external webcam. The system uses a webcam, mirror, and computer vision to translate finger movements into mouse events, making existing apps touch-enabled.

We're Pausing Asimov Press

45 bookofjoe 2026-03-31 06:37:26 UTC asimov.press Llama Share 12

Asimov Press is going on hiatus in April due to new projects for its founders. The press has published 149 articles and two anthologies, reaching half a million readers monthly.

One of the largest salt mines in the world exists under Lake Erie

35 1659447091 2026-03-31 05:37:26 UTC apnews.com Llama Share 25

Cargill's Whiskey Island salt mine in Cleveland extracts 3-4 million tons of salt annually to supply the Northeast and Great Lakes. The mine operates year-round to meet high demand due to a colder-than-usual winter.

Mr. Chatterbox is a Victorian-era ethically trained model

56 y1n0 2026-03-31 02:37:26 UTC simonwillison.net Llama Share 37

Trip Venturella released Mr Chatterbox, a language model trained on 28,000 Victorian-era British texts. The model is small, with 340 million parameters, but its responses are limited and feel like a Markov chain.

Oscar Reutersvärd (2021)

41 layer8 2026-03-31 03:37:26 UTC escherinhetpaleis.nl Full Share 3

With Belvedere , Waterfall and Ascending and Descending , M.C. Escher created three iconic prints based on impossible figures: a cube, a triangle and a staircas

Bird brains (2023)

323 DiffTheEnder 2026-03-30 13:37:26 UTC dhanishsemar.com Llama Share 203

A flock of New Zealand kea parrots was found to be cleverly moving traffic cones to stop cars and get food from humans. Researchers have developed various tests to measure bird intelligence, including the mirror test, Aesop's Fable, and delayed gratification test.

OpenGridWorks: The Electricity Infrasctructure, Mapped

121 jonbraun 2026-03-30 21:37:26 UTC opengridworks.com Full Share 17

We're verifying your browser Website owner? Click here to fix

Agents of Chaos

117 luu 2026-03-30 20:37:26 UTC agentsofchaos.baulab.info Llama Share 15

Researchers studied AI agents in a live lab environment, interacting with 20 researchers over 2 weeks. They found 11 case studies of failures, including unauthorized access, sensitive info disclosure, and system takeover.

Cherri – programming language that compiles to an Apple Shortuct

320 mihau 2026-03-30 16:37:26 UTC github.com/electrikmilk Llama Share 64

Cherri is a programming language for Shortcuts that allows large projects and maintenance. It has a package manager, type checking, and a GUI IDE for macOS.

Vulnerability research is cooked

193 pedro84 2026-03-30 19:37:26 UTC sockpuppet.org Llama Share 134

AI coding agents will drastically alter exploit development, making it easier to find vulnerabilities in software. This shift will profoundly impact information security and the Internet, potentially rendering traditional countermeasures ineffective.

I'm betting on ATProto

119 speckx 2026-03-30 20:37:26 UTC brittanyellich.com Llama Share 115

The author attended ATmosphereConf, a conference focused on the decentralized social media protocol ATProto, and was inspired by the community's efforts to create a more human internet. They believe ATProto has the potential to bring people together and create genuine connections, unlike mainstream social media platforms.

Show HN: I turned a sketch into a 3D-print pegboard for my kid with an AI agent

45 virpo 2026-03-31 02:37:26 UTC github.com/virpo Llama Share 12

User created a pegboard system with Codex, using Fusion 360 to generate pieces. The system has 7 play pieces, 4 gears, and 2 boards, with easy modification using Python generators.

CodingFont: A game to help you pick a coding font

424 nvahalik 2026-03-30 15:37:26 UTC codingfont.com Full Share 216

Browse Studio

Incident March 30th, 2026 – Accidental CDN Caching

60 cebert 2026-03-31 01:37:26 UTC blog.railway.com Llama Share 22

Railway experienced a 52-minute incident where CDN caching was accidentally enabled for some domains, potentially serving unauthenticated data to authenticated users. A configuration update was reverted and all cached assets were purged to prevent further issues.