Axios compromised on NPM – Malicious versions drop remote access trojan

1523 mtud 2026-03-31 03:55:08 UTC stepsecurity.io Llama Share 594

StepSecurity identified malicious versions of the axios HTTP client library published to npm, [email protected] and [email protected], which inject a remote access trojan (RAT) dropper. Developers who installed these versions should rotate all secrets and credentials, check network logs, and downgrade to safe versions, and StepSecurity provides end-to-end npm supply chain security across three pillars: ...

Open source CAD in the browser (Solvespace)

138 phkahler 2026-03-31 12:55:08 UTC solvespace.com Llama Share 38

SolveSpace has a web version that runs in the browser with some speed penalty and bugs. It's experimental and can be hosted locally like static web content.

GitHub Monaspace Case Study

44 homebrewer 2026-03-31 15:55:08 UTC lettermatic.com Llama Share 14

GitHub and Lettermatic collaborated to create Monaspace, a superfamily of five interchangeable typefaces for code editors. Monaspace offers high personalization and accessibility features, including Texture Healing, which improves legibility in monospace typefaces.

Cohere Transcribe: Speech Recognition

11 gmays 2026-03-31 16:29:08 UTC cohere.com Llama Share 2

Cohere Transcribe is an open-source automatic speech recognition model that achieves state-of-the-art accuracy with a low word error rate of 5.42%. It is available for download and can be used for real-world transcription tasks across 14 languages.

Oracle slashes 30k jobs

499 pje 2026-03-31 14:55:08 UTC rollingout.com Llama Share 378

Oracle laid off 20,000-30,000 employees, roughly 18% of its workforce, in a single email with no advance notice. The cuts are tied to Oracle's aggressive expansion into AI infrastructure, freeing up $8-10 billion in cash flow.

Ollama is now powered by MLX on Apple Silicon in preview

523 redundantly 2026-03-31 03:55:08 UTC ollama.com Llama Share 257

Ollama now runs faster on Apple silicon with MLX framework, leveraging GPU Neural Accelerators for speedup. Ollama 0.19 sees 1851 token/s prefill and 134 token/s decode with improved memory efficiency and model accuracy.

A Love Letter to 'Girl Games'

29 zdw 2026-03-31 15:55:08 UTC aftermath.site Llama Share 0

The author reminisces about childhood games like Pixie Hollow and Bratz: Rock Angelz, now lost due to cultural erasure of feminine games. FEMICOM Museum founder Rachel Weil aims to preserve and celebrate games targeted toward young girls.

Artemis II is not safe to fly

691 idlewords 2026-03-31 02:55:08 UTC idlewords.com Llama Share 440

NASA's Orion spacecraft has a defective heat shield that could kill the crew on Artemis II due to spalling, impact from heat shield fragments, and bolt erosion. Despite this, NASA is planning to fly the mission with a crew, citing a change in the re-entry trajectory and a new heat shield design for future missions.

Italy blocks US use of Sicily air base for Middle East war

108 prmph 2026-03-31 15:55:08 UTC politico.eu Llama Share 37

EU countries consider alternatives to Hungary if Orbán wins, while progressive voters abandon center-left parties in Europe. Transatlantic tensions rise as the US rejects a Russian proposal, affecting Italy's leader and other European nations.

Claude Code's source code has been leaked via a map file in their NPM registry

1134 treexs 2026-03-31 09:55:08 UTC twitter.com/fried_rice Full Share 606

Something went wrong, but don’t fret — let’s give it another shot. Some privacy related extensions may cause issues on x.com. Please disable them and try again.

Combinators

82 tosh 2026-03-31 11:55:08 UTC tinyapl.rubenverg.com Llama Share 22

Combinators are functions that refer to their arguments without modifying them. They are often represented by bird names in APL, such as Kestrel and Cardinal.

Audio tapes reveal mass rule-breaking in Milgram's obedience experiments

127 lentoutcry 2026-03-31 09:55:08 UTC psypost.org Llama Share 79

Researchers analyzed audio recordings from the Milgram experiment and found that obedient participants broke the rules of the study most of the time, often ignoring the scientific procedure. This suggests that the laboratory environment was one of unauthorized violence, rather than a legitimate scientific study.

RubyGems Fracture Incident Report

34 schneems 2026-03-31 14:55:08 UTC rubycentral.org Llama Share 1

Ruby Central's Open Source Committee faced a crisis in September 2025 known as the "RubyGems Fracture" due to a poorly communicated process to offboard two engineers, André Arko and Samuel Giddens, from the RubyGems.org service. The incident led to the removal of paid contributors and highlighted the need for better policies, procedures, and communication in managing access and offboarding in ...

Tell HN: Chrome says "Suspicious Download" when trying to download yt-dlp

146 joering2 2026-03-31 15:55:08 UTC news.ycombinator.com Llama Share 47

Google's browser warns of a "Suspicious Download" for yt-dlp, a tool to download files from Google's servers. This is seen as browser monopoly abuse and misleading people, as Chrome also downloads files from various servers.

Dot – A Siri Replacement learns skills through Apple Shortcuts

7 forestplasencia 2026-03-31 15:55:08 UTC apps.apple.com Prefix Share 0

Dot is a powerful personal AI assistant built for your iPhone. Tell it what you need and it gets it done — securely right on your phone. Dot is special because it can learn from you and for you. Need something done in one of your apps? Dot will create a skill to get it done. What can Dot do? - Control your smart home — turn on the lights, lock the front door, adjust the thermostat - Manage ...

Good Code Will Still Win

4 dakshgupta 2026-03-31 15:55:08 UTC greptile.com Prefix Share 2

A couple of years ago, "slop" became the popular shorthand for unwanted, mindlessly generated AI content flooding the internet including images, text, and spam. Simon Willison helped popularize the term, though it had been circulating in engineering communities in the years prior. At Greptile, we spend a lot of time thinking about questions like: Is slop the future? Are programming ...

What major works of literature were written after age of 85? 75? 65?

77 paulpauper 2026-03-31 10:55:08 UTC statmodeling.stat.columbia.edu Llama Share 51

The author discussed major works published by authors over 85, citing Sophocles' Philoctetes and Goethe's Faust, but found few notable works by authors over 80. A list of notable works by authors over 65 includes V. Hugo's Ninety-three, T. Mann's Doctor Faustus, and J. Saramago's Blindness.

Multiple Sclerosis

42 luu 2026-03-31 12:55:08 UTC subfictional.com Llama Share 17

I was recently diagnosed with Relapsing-Remitting Multiple Sclerosis after experiencing numbness and tingling in my arm and torso. I'm starting treatment to manage symptoms and slow disease progression.

Microsoft: Copilot is for entertainment purposes only

127 lpcvoid 2026-03-31 14:55:08 UTC microsoft.com Llama Share 54

You agree to these terms by using Copilot, which includes rules for using the service, protecting others, and respecting Microsoft's rights. By using Copilot, you grant Microsoft permission to use your content and agree to their terms, including the Microsoft Services Agreement and the Microsoft Privacy Statement.

Show HN: Loreline, narrative language transpiled via Haxe: C++/C#/JS/Java/Py/Lua

19 jeremyfa 2026-03-31 14:55:08 UTC loreline.app Llama Share 5

Loreline is a narrative language that uses Haxe for transpilation to multiple platforms, allowing it to run everywhere. It has a lexer, parser, and interpreter that transform source text into executable code, with a focus on performance and simplicity.

Fedware: Government apps that spy harder than the apps they ban

636 speckx 2026-03-30 18:55:08 UTC sambent.com Llama Share 251

The US government's mobile apps, including the White House app, request excessive permissions and embed trackers, violating users' privacy. These apps, part of a surveillance apparatus, collect sensitive data that feeds into ICE raids and warrantless location tracking.

Show HN: Hyprmoncfg – Terminal-based monitor config manager for Hyprland

6 earcar 2026-03-31 16:07:08 UTC paolino.me Prefix Share 0

Configuring monitors in Hyprland means writing monitor= lines by hand. A 4K display at 1.33x scale is effectively 2880x1620 pixels, so the monitor next to it needs to start at x=2880. Vertically centering a 1080p panel against it means doing division in your head to get the y-offset right. You reload, you’re off by 40 pixels, you edit, you reload again. There’s no visual feedback until after ...

Universal Claude.md – cut Claude output tokens

412 killme2008 2026-03-31 01:55:08 UTC github.com/drona23 Llama Share 147

A CLAUDE.md file reduces Claude output verbosity by ~63% without code changes, targeting sycophancy, verbosity, and formatting noise. It's most beneficial for high-output use cases, and users can customize it to target specific failure modes and compose multiple files for different project types.

Google's 200M-parameter time-series foundation model with 16k context

253 codepawl 2026-03-31 05:55:08 UTC github.com/google-research Llama Share 95

TimesFM is a pretrained time-series model by Google Research for forecasting. It can be installed via pip and used for point and quantile forecasting.

Project Mario: the inside story of DeepMind

4 highfrequency 2026-03-31 15:55:08 UTC colossus.com Prefix Share 0

The following is an exclusive excerpt adapted from the author’s new book, THE INFINITY MACHINE: Demis Hassabis, DeepMind, and the Quest for Superintelligence, out today. In the autumn of 2015, Mustafa Suleyman embarked on a grand experiment in making AI good for society. Together with Demis Hassabis, the senior co-founder of the London-based artificial intelligence lab DeepMind, he began an ...

RamAIn (YC W26) Is Hiring

0 2026-03-31 07:55:08 UTC ycombinator.com Llama Share

RamAIn builds AI agents for enterprise work, automating repetitive tasks 10x faster and more reliably than humans. We're hiring a Founding AI/ML researcher to design and deploy agents that reason, plan, and execute complex workflows autonomously.

Do your own writing

685 karimf 2026-03-30 17:55:08 UTC alexhwoods.com Llama Share 218

LLMs can undermine authenticity and credibility by generating writing that lacks thought and understanding. Effective writing requires human thoughtfulness and effort to establish credibility and increase understanding.

Good CTE, Bad CTE

142 radimm 2026-03-31 05:55:08 UTC boringsql.com Llama Share 34

CTEs are now inlined by default in PostgreSQL 12, allowing the planner to apply normal optimisations. Materialization is used when a CTE is referenced multiple times or contains side effects.

7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown

52 adulion 2026-03-31 10:55:08 UTC ciphercue.com Llama Share 11

Ransomware groups posted 7,655 victim claims to public leak sites from March 2025 to March 2026, with Qilin being the most active group posting 1,179 claims across 74 countries. The top 5 groups accounted for 40% of the claims, and the remaining 124 groups collectively posted 4,628 claims, suggesting that disrupting any single group is unlikely to reduce the overall total significantly.

GitHub backs down, kills Copilot pull-request ads after backlash

502 _____k 2026-03-31 05:55:08 UTC theregister.com Llama Share 290

GitHub removed Copilot's ability to insert ads into pull requests after backlash from developers. The feature was disabled after users complained of unwanted ads in their pull requests.