Postmortem: TanStack npm supply-chain compromise

558 varunsharma07 2026-05-11 21:39:40 UTC tanstack.com Llama Share 205

An attacker compromised 42 @tanstack/* npm packages by combining GitHub Actions cache poisoning and runtime memory extraction of an OIDC token, publishing 84 malicious versions on 2026-05-11. The attack was detected within 20 minutes by an external researcher and all affected versions have been deprecated, but users who installed the affected versions are recommended to rotate their credentials.

If AI writes your code, why use Python?

188 indigodaddy 2026-05-11 21:39:40 UTC medium.com/@nmitchem Llama Share 205

AI has improved significantly in writing systems languages like Rust, Go, and Swift, making them easier to use. This shift changes the constraints of software development, favoring languages that are easiest for agents, not humans.

UCLA discovers first stroke rehabilitation drug to repair brain damage (2025)

244 bookofjoe 2026-05-11 18:39:40 UTC stemcell.ucla.edu Llama Share 48

UCLA researchers found a drug called DDL-920 that reproduces the effects of physical stroke rehabilitation in mice. The drug targets a brain cell called a parvalbumin neuron to help recover movement control after stroke.

Claude Platform on AWS

12 matrixhelix 2026-05-12 01:39:40 UTC claude.com Llama Share 3

The Claude Platform on AWS is now generally available, offering full access to Claude features with AWS authentication and billing. It brings native Claude API features to AWS customers with features shipping the same day as the native API.

Library for fast mapping of Java records to native memory

108 joe_mwangi 2026-05-11 19:39:40 UTC github.com/mamba-studio Llama Share 25

TypedMemory is a Java library for working with contiguous off-heap memory through strongly typed views. It provides a type-safe abstraction over memory for systems, interop, graphics, and data-oriented programming.

Show HN: A modern Music Player Daemon based on Rockbox firmware

17 tsiry 2026-05-12 00:39:40 UTC github.com/tsirysndr Llama Share 1

Rockbox is an open source audio player extended with Rust and Zig, exposing audio engine features through APIs and adding multi-room output via various protocols. It can stream audio to multiple devices and supports various output protocols.

I let AI build a tool to help me figure out what was waking me up at night

78 showmypost 2026-05-11 21:39:40 UTC martin.sh Llama Share 89

The user built a system to identify and record noise events that wake them up at night using AI tooling, a Raspberry Pi, and a smart home setup, allowing them to pinpoint and address the causes of their sleep disruptions. This project demonstrates how AI tooling has lowered the barrier for personal tooling, enabling the user to tackle small problems that were previously deemed not worth building.

GitLab announces workforce reduction and end of their CREDIT values

342 AnonGitLabEmpl 2026-05-11 21:39:40 UTC about.gitlab.com Llama Share 333

GitLab is undergoing a restructuring process to meet the opportunities of the agentic era, including reducing its country footprint by 30%, flattening its organization, and right-sizing roles. The company is reaffirming its Q1 and full year FY27 guidance and will reinvest the majority of savings into accelerating its progress against growth and technological initiatives.

Ratty – A terminal emulator with inline 3D graphics

615 orhunp_ 2026-05-11 10:39:40 UTC ratty-term.org Full Share 198

Ratty is a GPU-rendered terminal emulator with a spinning rat cursor, multiple 3D presentation modes and support for inline 3D graphics. Inspired by TempleOS and built with Rust and Ratatui.

Nullsoft, 1997-2004 (2004)

230 downbad_ 2026-05-11 15:39:40 UTC slate.com Llama Share 70

Justin Frankel, founder of Nullsoft, was a rebellious programmer who created popular music tools like Winamp and Gnutella, often challenging the music industry and his corporate parent AOL. He quit AOL and Nullsoft after releasing a private file-sharing system WASTE, which made it difficult for authorities to track copyright infringement.

Gmail registration now requires scanning a QR code and sending a text message

568 negura 2026-05-11 07:39:40 UTC discuss.privacyguides.net Llama Share 425

You created a Google account with an Italian SIM tied to your ID, then enabled 2FA and saved recovery codes. Google likely keeps a record of your used phone numbers but can't verify your account with a reassigned number.

Griffin PowerMate driver for modern macOS

45 classichasclass 2026-05-11 21:39:40 UTC github.com/jameslockman Llama Share 17

The PowerMate is a small device with a knob and button that can be used to scroll and click. It reports rotation and button events to the driver, which can be mapped to actions such as scrolling, clicking, and media control.

Google says criminal hackers used AI to find a major software flaw

122 donohoe 2026-05-11 20:39:40 UTC nytimes.com Llama Share 99

A hacking group used AI to detect a previously unknown bug, posing a threat to digital security. Google thwarted the attack, highlighting concerns over AI's potential impact on cybersecurity.

Silverback Imfura took a chance, and ended up alone

35 alex000kim 2026-05-11 21:39:40 UTC gorillafund.org Llama Share 12

Silverback Imfura left the Pablo group after a series of disruptions, forming a new group with two females who had recently joined. Imfura's new group was unstable and the females eventually returned to the Pablo group, where they were welcomed back.

Interaction Models

100 smhx 2026-05-11 21:39:40 UTC thinkingmachines.ai Llama Share 9

Researchers at Thinking Machines are developing a new type of AI model called interaction models that can handle real-time conversations and collaboration with humans. These models can perceive and respond to humans in real-time, across multiple modalities such as audio, video, and text, and can be used for a variety of applications including customer service, education, and healthcare.

Training an LLM in Swift, Part 1: Taking matrix mult from Gflop/s to Tflop/s

217 zdw 2026-05-11 13:39:40 UTC cocoawithlove.com Llama Share 11

The author optimizes a handwritten matrix multiplication code in Swift for training a Large Language Model (LLM) on Apple Silicon, exploring various techniques such as SIMD, AMX, and Metal to achieve performance comparable to C. The author concludes that while Swift can achieve similar performance to C, it requires more complex and unwieldy code, and that the fastest CPU instruction on Apple ...

Interfaze: A new model architecture built for high accuracy at scale

114 yoeven 2026-05-11 16:39:40 UTC interfaze.ai Llama Share 30

Interfaze is a new model architecture that outperforms other models in OCR, vision, and structured output tasks. It offers a balance between performance and price, making it suitable for high-volume tasks.

The rise and fall of snake oil

29 samizdis 2026-05-11 20:39:40 UTC historytoday.com Full Share 20

Establishing a secure connection... Request ID: f2c080d10c9299ca827306aae2d9163f

A lost ancient script reveals how writing as we know it began

3 emot 2026-05-12 01:39:40 UTC newscientist.com Prefix Share 0

Early writing is a tale of two scripts. Egyptian hieroglyphs and Mesopotamian cuneiform both emerged independently about 5300 years ago. The political powers of ancient Egypt and Mesopotamia flourished in the centuries to come, partly because writing helped states control the flow of goods and consolidate power. The pen (or ancient stylus) was mightier than the sword. Or so the conventional ...

Abstract Machines for Logic Programs

17 surprisetalk 2026-05-11 23:39:40 UTC chrisistyping.bearblog.dev Llama Share 1

The author discusses how to define addition using inference rules and then transforms these rules into state machines to evaluate queries of the form plus N M _, where N and M are known. The author also explores different mode assignments for the plus relation, which correspond to different abstract machines, including one that implements subtraction and another that produces all pairs of ...

Show HN: OpenGravity – A zero-install, BYOK vanilla JS clone of Antigravity

55 ab613 2026-05-11 20:39:40 UTC github.com/ab-613 Llama Share 18

OpenGravity is a lightweight, BYOK recreation of Google Antigravity UI with a live terminal and proactive agent. It needs community contributions to add features like top menu bars, settings UI, and basic functionality.

Bild AI (YC W25) Is Hiring Founding Product Engineers

0 2026-05-11 18:39:40 UTC bild.ai Full Share

Bild AI Jobs

AMÁLIA and the future of European Portuguese LLMs

118 johnbarron 2026-05-11 14:39:40 UTC duarteocarmo.com Llama Share 57

The Portuguese government invested 5.5 million euros in AMÁLIA, a large-scale LLM for European Portuguese. The model's architecture is based on EuroLLM, but with modifications to increase European Portuguese data.

CUDA-oxide: Nvidia's official Rust to CUDA compiler

367 adamnemecek 2026-05-11 16:39:40 UTC nvlabs.github.io Llama Share 107

cuda-oxide is a Rust-to-CUDA compiler for safe GPU programming. It compiles Rust code to PTX and supports async GPU programming with Rust's type system and ownership model.

Building a web server in aarch64 assembly to give my life (a lack of) meaning

104 theanonymousone 2026-05-11 13:39:40 UTC imtomt.github.io Llama Share 34

The author built a web server called ymawky in AArch64 assembly for macOS to understand how a web server works and to strip away convenience layers. The project involved parsing HTTP requests, handling edge cases, and implementing security features such as request timeouts and path sanitization in a low-level and manual way.

The Boston library where you still can borrow a giant puppet

55 gnabgib 2026-05-11 17:39:40 UTC binj.news Llama Share 8

Sara Peattie runs a free puppet library in Boston's basement, where puppets of all shapes and sizes can be borrowed by the public. Peattie, a Boston-based puppeteer, creates her own puppets using papier-mâché and fabric, often making them look more complicated than they are.

Hardware Attestation as Monopoly Enabler

2084 ChuckMcM 2026-05-11 02:39:40 UTC grapheneos.social Llama Share 705

Google and Apple are expanding hardware-based attestation to lock out non-approved devices and OSes, presented as a security feature but actually anti-competitive.

Show HN: E2a – Open-source email gateway for AI agents

24 mnexa 2026-05-11 20:39:40 UTC github.com/mnexa-ai Llama Share 2

Authenticated email gateway for AI agents with inbound and outbound email processing, verification, and approval features. It supports local and cloud agents, with a shared domain for instant slug-based onboarding and managed deliverability.

Show HN: Safe-install – safer NPM installs with trusted build dependencies

3 gkiely 2026-05-12 00:39:40 UTC npmjs.com Prefix Share 0

Run npm installs with dependency lifecycle scripts disabled by default, then rebuild only the packages you explicitly trust. npm lifecycle scripts can run arbitrary code during install. Setting ignore-scripts=true blocks that whole class of install-time execution, but it also breaks packages that legitimately need postinstall, install, or preinstall scripts to build native bindings, download ...

Software engineering may no longer be a lifetime career

378 movis 2026-05-11 14:39:40 UTC seangoedecke.com Llama Share 624

Some software engineers think AI use makes them less intelligent by not learning tasks, but this is a bad argument. They should adapt to AI like construction workers do to heavy lifting, even if it's detrimental to their long-term cognitive abilities.