Axios compromised on NPM – Malicious versions drop remote access trojan

834 mtud 2026-03-31 03:27:57 UTC stepsecurity.io Llama Share 293

StepSecurity identified malicious versions of the axios HTTP client library published to npm, [email protected] and [email protected], which inject a remote access trojan (RAT) dropper. Developers who installed these versions should rotate all secrets and credentials, check network logs, and downgrade to safe versions, and StepSecurity provides end-to-end npm supply chain security across three pillars: ...

Ollama is now powered by MLX on Apple Silicon in preview

274 redundantly 2026-03-31 04:27:57 UTC ollama.com Llama Share 131

Ollama now runs faster on Apple silicon with MLX framework, leveraging GPU Neural Accelerators for speedup. Ollama 0.19 sees 1851 token/s prefill and 134 token/s decode with improved memory efficiency and model accuracy.

Artemis II is not safe to fly

351 idlewords 2026-03-31 02:27:57 UTC idlewords.com Llama Share 224

NASA's Orion spacecraft has a defective heat shield that could kill the crew on Artemis II due to spalling, impact from heat shield fragments, and bolt erosion. Despite this, NASA is planning to fly the mission with a crew, citing a change in the re-entry trajectory and a new heat shield design for future missions.

Claude Code's source code has been leaked via a map file in their NPM registry

147 treexs 2026-03-31 09:27:57 UTC twitter.com/fried_rice Full Share 58

Something went wrong, but don’t fret — let’s give it another shot. Some privacy related extensions may cause issues on x.com. Please disable them and try again.

Universal Claude.md – cut Claude output tokens

315 killme2008 2026-03-31 01:27:57 UTC github.com/drona23 Llama Share 123

A CLAUDE.md file reduces Claude output verbosity by ~63% without code changes, targeting sycophancy, verbosity, and formatting noise. It's most beneficial for high-output use cases, and users can customize it to target specific failure modes and compose multiple files for different project types.

Why the US Navy Won't Blast the Iranians and 'Open' Strait of Hormuz

8 KoftaBob 2026-03-31 09:32:57 UTC responsiblestatecraft.org Prefix Share 3

American taxpayers could be forgiven if recent events have left them wondering why the largest and most expensive Navy in the world is sitting well outside the Strait of Hormuz, watching powerlessly as the Iranians decide which ships they will allow to transit the waterway. After all, they must wonder, why can’t the Navy simply blast the Iranians away and re-open the strait, sending life and ...

Fedware: Government apps that spy harder than the apps they ban

567 speckx 2026-03-30 18:27:57 UTC sambent.com Llama Share 202

The US government's mobile apps, including the White House app, request excessive permissions and embed trackers, violating users' privacy. These apps, part of a surveillance apparatus, collect sensitive data that feeds into ICE raids and warrantless location tracking.

Google's 200M-parameter time-series foundation model with 16k context

121 codepawl 2026-03-31 05:27:57 UTC github.com/google-research Llama Share 58

TimesFM is a pretrained time-series model by Google Research for forecasting. It can be installed via pip and used for point and quantile forecasting.

Do your own writing

562 karimf 2026-03-30 18:27:57 UTC alexhwoods.com Llama Share 193

LLMs can undermine authenticity and credibility by generating writing that lacks thought and understanding. Effective writing requires human thoughtfulness and effort to establish credibility and increase understanding.

GitHub backs down, kills Copilot pull-request ads after backlash

237 _____k 2026-03-31 05:27:57 UTC theregister.com Llama Share 149

GitHub removed Copilot's ability to insert ads into pull requests after backlash from developers. The feature was disabled after users complained of unwanted ads in their pull requests.

Clojure: The Documentary, official trailer [video]

207 fogus 2026-03-31 00:27:57 UTC youtube.com Embed Share 19

Good CTE, Bad CTE

43 radimm 2026-03-31 06:27:57 UTC boringsql.com Llama Share 13

CTEs are now inlined by default in PostgreSQL 12, allowing the planner to apply normal optimisations. Materialization is used when a CTE is referenced multiple times or contains side effects.

RamAIn (YC W26) Is Hiring

0 2026-03-31 07:27:57 UTC ycombinator.com Llama Share

RamAIn builds AI agents for enterprise work, automating repetitive tasks 10x faster and more reliably than humans. We're hiring a Founding AI/ML researcher to design and deploy agents that reason, plan, and execute complex workflows autonomously.

Android Developer Verification

261 ingve 2026-03-30 22:27:57 UTC android-developers.googleblog.com Llama Share 264

Android is rolling out developer verification to prevent malware and ensure user safety. Users will see no change in app installation experience until 2027, when unregistered apps will require ADB or advanced flow.

How to turn anything into a router

687 yabones 2026-03-30 14:27:57 UTC nbailey.ca Llama Share 234

User wants to create a homebrew router using a Linux-powered device, such as a mini-PC, to bypass a US policy banning new consumer router imports.

We're Pausing Asimov Press

34 bookofjoe 2026-03-31 06:27:57 UTC asimov.press Llama Share 8

Asimov Press is going on hiatus in April due to new projects for its founders. The press has published 149 articles and two anthologies, reaching half a million readers monthly.

Turning a MacBook into a touchscreen with $1 of hardware (2018)

324 HughParry 2026-03-30 19:27:57 UTC anishathalye.com Llama Share 157

A team created a touchscreen MacBook using a $1 mirror and computer vision, allowing for touch input without an external webcam. The system uses a webcam, mirror, and computer vision to translate finger movements into mouse events, making existing apps touch-enabled.

Audio tapes reveal mass rule-breaking in Milgram's obedience experiments

7 lentoutcry 2026-03-31 09:27:57 UTC psypost.org Prefix Share 0

Reassessing one of the most famous psychological experiments in history, a recent analysis of audio recordings reveals that subjects who seemingly obeyed orders to administer severe electric shocks actually broke the rules of the scientific study most of the time. The authors suggest that this routine violation of experimental procedures transformed the laboratory into a scene of unauthorized ...

One of the largest salt mines in the world exists under Lake Erie

29 1659447091 2026-03-31 05:27:57 UTC apnews.com Llama Share 19

Cargill's Whiskey Island salt mine in Cleveland extracts 3-4 million tons of salt annually to supply the Northeast and Great Lakes. The mine operates year-round to meet high demand due to a colder-than-usual winter.

Oscar Reutersvärd (2021)

36 layer8 2026-03-31 03:27:57 UTC escherinhetpaleis.nl Full Share 3

With Belvedere , Waterfall and Ascending and Descending , M.C. Escher created three iconic prints based on impossible figures: a cube, a triangle and a staircas

Mr. Chatterbox is a Victorian-era ethically trained model

47 y1n0 2026-03-31 02:27:57 UTC simonwillison.net Llama Share 33

Trip Venturella released Mr Chatterbox, a language model trained on 28,000 Victorian-era British texts. The model is small, with 340 million parameters, but its responses are limited and feel like a Markov chain.

Bird brains (2023)

321 DiffTheEnder 2026-03-30 13:27:57 UTC dhanishsemar.com Llama Share 201

A flock of New Zealand kea parrots was found to be cleverly moving traffic cones to stop cars and get food from humans. Researchers have developed various tests to measure bird intelligence, including the mirror test, Aesop's Fable, and delayed gratification test.

OpenGridWorks: The Electricity Infrasctructure, Mapped

113 jonbraun 2026-03-30 21:27:57 UTC opengridworks.com Full Share 15

We're verifying your browser Website owner? Click here to fix

Agents of Chaos

110 luu 2026-03-30 20:27:57 UTC agentsofchaos.baulab.info Llama Share 15

Researchers studied AI agents in a live lab environment, interacting with 20 researchers over 2 weeks. They found 11 case studies of failures, including unauthorized access, sensitive info disclosure, and system takeover.

Show HN: I turned a sketch into a 3D-print pegboard for my kid with an AI agent

42 virpo 2026-03-31 02:27:57 UTC github.com/virpo Llama Share 12

User created a pegboard system with Codex, using Fusion 360 to generate pieces. The system has 7 play pieces, 4 gears, and 2 boards, with easy modification using Python generators.

CodingFont: A game to help you pick a coding font

420 nvahalik 2026-03-30 15:27:57 UTC codingfont.com Full Share 211

Browse Studio

Cherri – programming language that compiles to an Apple Shortuct

308 mihau 2026-03-30 16:27:57 UTC github.com/electrikmilk Llama Share 60

Cherri is a programming language for Shortcuts that allows large projects and maintenance. It has a package manager, type checking, and a GUI IDE for macOS.

I'm betting on ATProto

111 speckx 2026-03-30 20:27:57 UTC brittanyellich.com Llama Share 102

The author attended ATmosphereConf, a conference focused on the decentralized social media protocol ATProto, and was inspired by the community's efforts to create a more human internet. They believe ATProto has the potential to bring people together and create genuine connections, unlike mainstream social media platforms.

Vulnerability research is cooked

182 pedro84 2026-03-30 19:27:57 UTC sockpuppet.org Llama Share 128

AI coding agents will drastically alter exploit development, making it easier to find vulnerabilities in software. This shift will profoundly impact information security and the Internet, potentially rendering traditional countermeasures ineffective.

Incident March 30th, 2026 – Accidental CDN Caching

59 cebert 2026-03-31 02:27:57 UTC blog.railway.com Llama Share 22

Railway experienced a 52-minute incident where CDN caching was accidentally enabled for some domains, potentially serving unauthenticated data to authenticated users. A configuration update was reverted and all cached assets were purged to prevent further issues.