Self Propagating NPM Malware Compromises over 40 Packages

150 jamesberthoty 2025-09-16 11:47:33 UTC stepsecurity.io Llama Share 111

A sophisticated supply chain attack compromised over 40 packages, including @ctrl/tinycolor, on npm, using a self-propagating mechanism to infect downstream packages. The malware leverages Node.js modules, Webpack bundles, and API calls to target Linux/macOS devs, harvest credentials, and exfiltrate secrets to a command and control endpoint.

FBI couldn't get my husband to decrypt his Tor node so he was jailed for 3 years

165 heavyset_go 2025-09-16 12:12:33 UTC old.reddit.com Llama Share 10

The service is blocked due to invalid credentials or User-Agent issue. Try default User-Agent or file a ticket for assistance.

Hosting a website on a disposable vape

1206 BogdanTheGeek 2025-09-15 18:47:33 UTC bogdanthegeek.github.io Llama Share 424

A blogger collected disposable vapes to salvage microcontrollers, specifically the PY32F002B, which has limited specs. They created a web server on the microcontroller using semihosting and uIP, achieving a 20ms ping and 160ms page load.

60 years after Gemini, newly processed images reveal details

105 sohkamyung 2025-09-16 07:47:33 UTC arstechnica.com Llama Share 26

A new book, "Gemini & Mercury Remastered", features restored NASA photographs from the 1960s. It tells the stories of the brave astronauts who pioneered space travel during the Mercury and Gemini programs.

"Your" vs. "My" in user interfaces

272 Twixes 2025-09-16 03:47:33 UTC adamsilver.io Llama Share 123

Using the prefix "my" can be awkward in product design, whereas "your" is more natural and avoids confusion, especially in cases with shared content. Using "your" can simplify user flow and reduce issues in user research.

Migrating to React Native's New Architecture

18 vidyesh 2025-09-16 10:47:33 UTC shopify.engineering Llama Share 8

Shopify successfully migrated its largest apps to React Native's New Architecture while maintaining weekly releases. They made minimal code changes and refactored later to ensure development velocity and app stability.

Robert Redford Has Died

19 uptown 2025-09-16 12:11:33 UTC nytimes.com Full Share 7

Please enable JS and disable any ad blocker

Learn x86-64 assembly by writing a GUI from scratch (2023)

157 ibobev 2025-09-16 03:47:33 UTC gaultier.github.io Llama Share 19

The user is writing a GUI application in x86-64 assembly language using the X11 protocol, aiming to create a small binary of around 1 KiB. They are following the System V ABI and explaining various assembly concepts, such as stack usage and function prologs and epilogs, to create a socket and connect to the X11 server.

React is winning by default and slowing innovation

568 dbushell 2025-09-15 17:47:33 UTC lorenstew.art Llama Share 641

React's dominance is slowing innovation due to a "React-by-default" mindset, where network effects decide architecture over technical fit. Alternative frameworks like Svelte, Solid, and Qwik offer superior performance and simplicity, but struggle for adoption due to React's default choice.

William Gibson Reads Neuromancer (2004)

258 exvi 2025-09-15 21:47:33 UTC bearcave.com Llama Share 68

Ray Bradbury's writing is literary but his speaking is awkward, unlike William Gibson whose spoken voice mirrors his written work. Gibson's reading of Neuromancer is rare and valuable, making it worth preserving and re-releasing in a modern format.

macOS Tahoe

503 Wingy 2025-09-15 17:47:33 UTC apple.com Full Share 705

macOS Tahoe with a new design, more ways to work seamlessly across devices, and new features to turbocharge productivity every day.

Scientists uncover extreme life inside the Arctic ice

6 hhs 2025-09-16 10:47:33 UTC news.stanford.edu Prefix Share 0

Skip to content We want to provide stories, announcements, events, leadership messages and resources that are relevant to you. Your selection is stored in a browser cookie which you can remove at any time by visiting the "Show me..." menu at the top right of the page. For more, read our cookie policy. For the first time, researchers report that Arctic algae can hustle along in -15 C – ...

The Mythical Creatures of London

22 zeristor 2025-09-16 09:47:33 UTC londonist.com Llama Share 5

London is home to various mythical creatures like dragons, giants, mermaids, minotaurs, and pegasi. The City of London is particularly known for its 14 dragon boundary guardians, while Gog and Magog are two mythical protectors paraded in the Square Mile during Lord Mayor's Shows.

Wanted to spy on my dog, ended up spying on TP-Link

470 kennedn 2025-09-15 16:47:33 UTC kennedn.com Llama Share 151

The user reverse-engineered a Tapo indoor camera's onboarding flow, decompiled its APK, and implemented a man-in-the-middle attack to gain access to its API. They successfully derived the camera's default password, decoded secure messages, and created a script to automate the onboarding process, ultimately figuring out what their dog does when they're away.

I feel Apple has lost its alignment with me and other long-time customers

399 mgrayson 2025-09-16 00:47:33 UTC morrick.me Llama Share 382

The author is disappointed with Apple's recent event, as they feel the company has lost its way and is adopting trends rather than innovation. Apple's new iPhone lineup, AirPods Pro, and Apple Watches were not impressive, and the author believes Apple has prioritized form over function.

PayPal to support Ethereum and Bitcoin

454 DocFeind 2025-09-15 14:47:33 UTC newsroom.paypal-corp.com Llama Share 351

PayPal introduced personalized payment links for US users, allowing easy money transfers through a one-time link shared in conversations. The feature will expand internationally and integrate with crypto payments, making personal transactions more convenient and secure.

How big a solar battery do I need to store all my home's electricity?

352 FromTheArchives 2025-09-15 12:47:33 UTC shkspr.mobi Llama Share 432

You have a solar panel system in suburban London generating 3,800kWh per year and using the same amount. You want to know the maximum size battery needed to store summer excess for winter usage.

GPT-5-Codex

333 meetpateltech 2025-09-15 17:47:33 UTC openai.com Llama Share 107

Codex has been updated with GPT-5-Codex, a version optimized for agentic coding, offering faster and more reliable real-time collaboration and task execution. It's available in the cloud, IDE, and CLI, with improved code review capabilities and security features.

Addendum to GPT-5 system card: GPT-5-Codex

235 wertyk 2025-09-15 18:47:33 UTC openai.com Llama Share 135

GPT-5-Codex is a version of GPT-5 optimized for coding tasks, trained to mirror human style and follow instructions. It has safety measures like specialized training and sandboxing to prevent harm.

People Who Hunt Down Old TVs

99 tmendez 2025-09-15 23:47:33 UTC bbc.com Llama Share 60

People still value cathode-ray tube TVs due to their nostalgic picture quality and unique attributes, driving their demand among retro gamers and collectors. They can be modified or paired with upscaling devices to achieve specific effects, making them a sought-after item in the collector's market.

Linux phones are more important now than ever

585 wicket 2025-09-16 00:47:33 UTC feddit.org Llama Share 350

Google is rapidly closing the Android ecosystem by limiting developer access and implementing mandatory verification, threatening open-source development. This requires an open replacement, potentially Linux, to ensure continued innovation and security.

Why do we keep gravitating toward complexity?

107 PaulHoule 2025-09-15 23:47:33 UTC kyrylo.org Llama Share 140

Modern software often defaults to complexity, despite it not always making experiences better, due to factors like the temptation to over-engineer and team dynamics. To create effective software, one should aim for simplicity, considering the needs of both users and maintainers, and avoid creating complex systems that serve little purpose beyond intellectual indulgence.

Launch HN: Trigger.dev (YC W23) – Open-source platform to build reliable AI apps

145 eallam 2025-09-15 15:47:33 UTC news.ycombinator.com Llama Share 58

Eric, CTO at Trigger.dev, presents a developer platform for building AI agents and workflows, open-source under Apache 2.0, offering scalable deployment and monitoring. It uses Checkpoint Restore In Userspace (CRIU) for efficient serverless execution.

Basics of Equality Saturation

10 todsacerdoti 2025-09-16 08:47:33 UTC egglog-python.readthedocs.io Llama Share 1

We define an EGraph using the egglog library for optimizing linear algebra expressions. We run several rewrite rules, including associativity and commutativity for addition and multiplication, to simplify and optimize expressions in the EGraph.

Show HN: Pyproc – Call Python from Go Without CGO or Microservices

28 acc_10000 2025-09-16 04:47:33 UTC github.com/yuminosukesato Llama Share 7

pyproc allows calling Python functions from Go, enabling parallelism through process-based execution. It enables load balancing, worker processes, and health checks for efficient execution and scalability.

Ask HN: Generalists, when do you say "I know enough" about any particular topic?

3 AbstractH24 2025-09-16 11:52:33 UTC news.ycombinator.com Prefix Share 12

The idea is generalists know a lot about everything and when to pass it off to a subject matter expert. In 2025, with everything in tech changing by the minute, I’m realizing I need to set boundaries about how deep I go on any particular topic. But I’m unsure how. Particularly if I don’t want to get left behind as things continue to evolve. I think it goes in cycles. I used to work with Kafka ...

I wish my web server were in the corner of my room (2022)

90 jonassaid 2025-09-15 21:47:33 UTC interconnected.org Llama Share 63

The author reminisces about hosting a website on a Linux box in college, feeling magical when users accessed it from afar. They now want to replicate this experience with a Raspberry Pi at home, feeling a sense of agency and ownership over the internet.

How People Use ChatGPT [pdf]

143 nycdatasci 2025-09-15 19:47:33 UTC cdn.openai.com Llama Share 73

ChatGPT has been adopted by around 10% of the world's adult population, with 700 million users sending 18 billion messages each week. The chatbot's usage has grown steadily, with non-work-related messages increasing from 53% to over 70% of all usage.

CubeSats are fascinating learning tools for space

199 warrenm 2025-09-15 14:47:33 UTC jeffgeerling.com Llama Share 79

The user discusses CubeSats, small satellites powered by Raspberry Pis or microcontrollers, and how they are used for space research and education. The user highlights various CubeSat projects, including SatGus, Build a CubeSat, and SilverSat, and how they are teaching students about space, electronics, and security through hands-on building and experimentation.

Removing newlines in FASTA file increases ZSTD compression ratio by 10x

269 bede 2025-09-15 12:47:33 UTC log.bede.im Llama Share 104

Zstandard's --long feature improves deduplication in large files, but its performance was initially slow. Optimizations have since brought its performance close to Zstandard's fast defaults.