SHA1-Hulud the Second Comming – Postman, Zapier, PostHog All Compromised via NPM

145 2025-11-24 16:24:31 UTC https://cdn.prod.website-files.com/642adcaf364024552e71df01/686cc07afc181d20f1b4486f_fav.png aikido.dev Llama 34
https://cdn.prod.website-files.com/642adcaf364024654c71df23/69244323f1c8b48f69d4eccf_2025-11-24_12-35-41.png
A malware attack, named Shai-Hulud, has hit hundreds of npm packages, compromising 492 packages with 132 million monthly downloads. The attack spreads through compromised developer environments, stealing sensitive information and uploading it to a public GitHub repository.

France threatens GrapheneOS with arrests / server seizure for refusing backdoors

138 2025-11-24 16:42:31 UTC https://grapheneos.social/packs/assets/favicon-16x16-74JBPGmr.png grapheneos.social Full 37
You are leaving grapheneos.social. If you trust this link, click it to continue.

NSA and IETF, part 3: Dodging the issues at hand

221 2025-11-24 12:24:31 UTC https://blog.cr.yp.to/favicon.ico blog.cr.yp.to Llama 88
The IETF's TLS working group is standardizing a non-hybrid post-quantum cryptography document that adds just PQ as another TLS option, despite concerns about its security and lack of consensus. An IETF area director dodged procedural objections and made false claims about the adoption call results, failing to address the central security argument for ECC+PQ.

Inside Rust's std and parking_lot mutexes – who wins?

45 2025-11-24 14:24:31 UTC https://substackcdn.com/image/fetch/$s_!COoa!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Febaa6e74-f8dd-4f69-b55a-ce69e612688f%2Ffavicon.ico blog.cuongle.dev Llama 3
https://substackcdn.com/image/fetch/$s_!tCcw!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F10eed961-c27c-4fc9-95ab-27a9ae9d9451_668x264.png
The author compares the performance and fairness of Rust's standard Mutex and parking_lot's Mutex, finding that parking_lot's Mutex is more predictable and fair under heavy contention, but standard Mutex is faster in low-contention scenarios. The author recommends using parking_lot's Mutex when risk of monopolization exists or when fairness is crucial, but standard Mutex is sufficient for ...

Chrome Jpegxl Issue Reopened

109 2025-11-24 12:24:31 UTC https://www.gstatic.com/buganizer/img/v0/favicon.ico issues.chromium.org Full 30
Sign in

France threatens GrapheneOS with arrests / server seizure for refusing backdoors

18 2025-11-24 17:02:31 UTC https://mamot.fr/packs/assets/favicon-16x16-74JBPGmr.png mamot.fr Llama 2
https://static.mamot.fr/media_attachments/files/115/581/775/877/215/045/small/378107f93bdc9156.png
Le gouvernement français attaque GrapheneOS, un système d'exploitation sécurisé, en le décrivant comme une "solution de téléphonie du crime" pour justifier la surveillance.

Corvus Robotics (YC S18): Hiring Head of Mfg/Ops, Next Door to YC Mountain View

0 2025-11-24 17:02:31 UTC https://news.ycombinator.com/y18.svg news.ycombinator.com Llama
Corvus Robotics is hiring a generalist leader to scale manufacturing operations for its autonomous logistics drones. The ideal candidate has hardware experience, clear communication, and Mandarin proficiency.

Show HN: Cynthia – Reliably play MIDI music files – MIT / Portable / Windows

59 2025-11-24 14:24:31 UTC https://www.blaizenterprises.com/favicon.ico blaizenterprises.com Llama 17
https://www.blaizenterprises.com/cynthia-screenshot.jpg
Cynthia is a music player that can play midi files from a folder or playlist, adjust playback speed, volume, and output device on-the-fly, and supports various midi formats. It also features a user-friendly interface with customizable colors and background schemes, and can be controlled using an Xbox controller.

Britain is one of the richest countries. So why do children live in poverty?

27 2025-11-24 16:55:31 UTC https://www.cnn.com/media/sites/cnn/apple-touch-icon.png cnn.com Llama 27
https://media.cnn.com/api/v1/images/stellar/prod/shutterstock-editorial-15237702b.jpg?c=original&q=w_1041,c_fill
Child poverty in the UK has reached a record high with around 4.5 million children living in relative poverty. Charities like Little Village are stepping in to provide essential supplies for new parents struggling financially.

Serflings is a remake of The Settlers 1

81 2025-11-24 12:24:31 UTC https://www.simpleguide.net/favicon.ico simpleguide.net Llama 23
https://www.simpleguide.net/javax.faces.resource/img/serflings/serflings.png.xhtml
Serflings is a remake of The Settlers 1 with added features like higher resolutions and network games. It requires a file from the original game to start and supports saved game loading from the original.

Shai-Hulud Returns: Over 300 NPM Packages Infected

568 2025-11-24 11:24:31 UTC https://helixguard.ai/favicon.svg helixguard.ai Llama 446
https://helixguard.ai/blog/actionSecrets.png
HelixGuard detected over 300 NPM registry components poisoned with malware that steals sensitive information and exfiltrates it via GitHub Actions. The malware, similar to the 'Shai-Hulud' attack, uses TruffleHog for secret scanning and achieves worm-like propagation by modifying package.json and using stolen tokens.

We stopped roadmap work for a week and fixed bugs

165 2025-11-24 08:24:31 UTC https://lalitm.com/favicon.ico lalitm.com Llama 253
https://lalitm.com/img/5g47sxjucyfgvvp.png
The author's company has a quarterly "fixit" week where 40 software engineers stop regular work to fix small bugs and improve developer productivity. This week-long event boosts team spirit and product quality.

Slicing Is All You Need: Towards a Universal One-Sided Distributed MatMul

69 2025-11-24 10:24:31 UTC https://arxiv.org/static/browse/0.3.4/images/icons/apple-touch-icon.png arxiv.org Llama 5
https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png
Researchers developed a universal one-sided algorithm for distributed matrix multiplication that supports all partitionings and replication factors. The algorithm uses slicing to compute local matrix multiplies and is competitive with PyTorch DTensor in performance.

RuBee

305 2025-11-24 03:24:31 UTC https://computer.rip/static/cubes.svg computer.rip Llama 53
https://computer.rip/static/cubes.svg
RuBee is a unique wireless protocol used for asset tracking, particularly in secure facilities, due to its robustness and short range. It was developed by Visible Assets Inc. for applications like tracking firearms and has been used by the US military and Department of Energy.

Disney Lost Roger Rabbit

385 2025-11-24 01:24:31 UTC https://i0.wp.com/pluralistic.net/wp-content/uploads/2020/02/cropped-guillotine-French-Revolution.jpg?fit=32%2C32&ssl=1 pluralistic.net Llama 182
https://i0.wp.com/craphound.com/images/18Nov2025.jpg?w=840&ssl=1
Disney's failure to make sequels to Who Framed Roger Rabbit is a nightmare scenario for creators, but the 1976 Copyright Act's Termination of Transfer provision can rescue them. This provision allows creators to cancel licenses and regain rights after 35 years, giving them bargaining power against media companies.

Historically Accurate Airport Dioramas by AV Pro Designs

6 2025-11-24 15:24:31 UTC https://static.core77.com/images/favicons/favicon-192x192.png core77.com Prefix 0
https://s3files.core77.com/blog/images/1769196_81_138995_YIZ7Mjxmn.jpg
Brian Keene is a former airline pilot and retired airline industry executive who remains obsessed with airports. So much so that in his retirement, he started AV Pro Designs, a company that manufactures dioramas of famous airports. (They sell them to museums, institutions and "the diorama community," whatever that is.) In designing the 1:1400 models, Keene draws on both his own ...

Fast Lua runtime written in Rust

67 2025-11-24 14:24:31 UTC https://astra.arkforge.net/logo.svg astra.arkforge.net Llama 37
https://astra.arkforge.net/banner.png
A local server is created using the http module and a route is registered to return "hello from default Astra instance!" at the root URL. A counter is incremented and returned as JSON at the "/count" URL.

Japan's gamble to turn island of Hokkaido into global chip hub

224 2025-11-24 03:24:31 UTC https://static.files.bbci.co.uk/bbcdotcom/web/20251110-152207-94080fba49-web-2.33.2-3/apple-touch-icon.png bbc.com Llama 364
https://ichef.bbci.co.uk/news/480/cpsprodpb/83c4/live/46b3b420-c5b5-11f0-b602-51c15dd35a8c.jpg.webp
Japan is investing billions to turn Hokkaido into a global hub for advanced semiconductors, aiming to reboot the country's chip-making capabilities. Rapidus, a government-backed company, is building Japan's first cutting-edge chip foundry in Hokkaido, with a goal to mass produce 2nm chips by 2027.

µcad: New open source programming language that can generate 2D sketches and 3D

343 2025-11-23 21:24:31 UTC https://microcad.xyz/wp-content/uploads/2025/11/FavIcon.webp microcad.xyz Full 110
https://microcad.xyz/wp-content/uploads/2025/11/release-2.webp
Welcome to the website of µcad!Microcad (or µcad) is a new open source programming language that can generate 2D sketches and 3D objects.The project is still in its early stages, but µcad is becoming increasingly stable. New ideas are being added to the code every week.In this blog, we want to keep you up to date on the latest developments at µcad.

Ask HN: Hearing aid wearers, what's hot?

291 2025-11-24 03:24:31 UTC https://news.ycombinator.com/y18.svg news.ycombinator.com Llama 157
You're looking for a new hearing aid to replace your Phonak Audeo 90's. I'm a summarizer, not a personal user, but I can suggest popular options like Phonak Marvel or Oticon Opn, which offer good sound quality and noise reduction features.

Lambda Calculus – Animated Beta Reduction of Lambda Diagrams

120 2025-11-24 05:24:31 UTC https://cruzgodar.com/apple-icon-57x57.png cruzgodar.com Llama 8
https://cruzgodar.com/graphics/general-icons/logo.webp
Lambda calculus is a minimal Turing-complete language with functions as its only objects, allowing for beta reduction and expression evaluation. It can represent true and false, natural numbers, and arithmetic operations using selector functions and combinators.

The Rust Performance Book (2020)

179 2025-11-24 01:24:31 UTC https://nnethercote.github.io/perf-book/favicon.svg nnethercote.github.io Full 28
First published in November 2020 Written by Nicholas Nethercote and others

I built an faster Notion in Rust

110 2025-11-24 11:24:31 UTC https://imedadel.com/favicon.svg imedadel.com Llama 60
https://imedadel.com/_astro/outcrop-hero.D8hFMAtr_1EAWPy.png
The author built Outcrop, a knowledge base alternative to Confluence, after working at Stripe and realizing the importance of speed and simplicity in knowledge management. Outcrop features real-time collaboration, fast search, and robust authorization.

Show HN: Virtual SLURM HPC cluster in a Docker Compose

28 2025-11-24 14:24:31 UTC https://github.com/fluidicon.png github.com/exactlab Llama 6
https://opengraph.githubassets.com/3bfdcb07f6bbd545ea4b558ee5e043572d1758946906c562ee6129a645a56408/exactlab/vhpc
This project provides a Docker-based virtualization of a High Performance Computing (HPC) system running SLURM workload manager with OpenMPI support on Rocky Linux 9. It offers a lean, production-ready multi-container environment with optional full job accounting and SSH access for cluster management.

New magnetic component discovered in the Faraday effect

186 2025-11-23 23:24:31 UTC https://phys.org/favicon.ico phys.org Full 67
This page will redirect in a moment...

Show HN: Stun LLMs with thousands of invisible Unicode characters

167 2025-11-24 03:24:31 UTC https://gibberifier.com/favicon.png gibberifier.com Full 74
Result: Doesn't understand gibberified text - responds with confusion or completely ignores the invisible characters. See ChatGPT → Result: Completely bewildered by gibberified text - has no idea what's happening with the invisible characters. See Grok →

Building the largest known Kubernetes cluster, with 130k nodes

70 2025-11-24 08:24:31 UTC https://www.gstatic.com/cloud/images/icons/favicon.ico cloud.google.com Llama 54
https://storage.googleapis.com/gweb-cloudblog-publish/images/1_Phase_1__Establishing_a_performance_base.max-1300x1300.png
Google Cloud's Google Kubernetes Engine (GKE) has successfully scaled to 130,000 nodes, twice the officially supported limit, and sustained Pod throughput of 1,000 Pods per second. This extreme scalability is made possible by architectural innovations such as a strongly consistent API server watch cache and a proprietary key-value store based on Google's Spanner distributed database.

Fran Sans – font inspired by San Francisco light rail displays

1058 2025-11-23 18:24:31 UTC https://freight.cargo.site/t/original/i/F2621061314206142483674303867001/ES_Beetle.ico emilysneddon.com Llama 130
The article is about Fran Sans, a display font inspired by San Francisco's light rail vehicle destination displays. The font's creator, Emily Sneddon, aimed to capture the unique charm and utility of the original displays.

Ego, empathy, and humility at work

127 2025-11-24 02:24:31 UTC https://matthogg.fyi/favicon-32x32.png matthogg.fyi Llama 41
https://matthogg.fyi/apple-touch-icon.png
The article discusses how ego can hinder developers and technical leaders, and how empathy and humility can help counteract it. Practicing empathy and humility can lead to better collaboration and problem-solving.

Set theory with types

97 2025-11-23 21:24:31 UTC https://lawrencecpaulson.github.io/favicon.ico lawrencecpaulson.github.io Llama 15
NG de Bruijn discussed set theory and type theory in his 1973 paper, questioning the idea that everything is a set. He proposed a typed set theory that excludes x in x and is simpler and more intuitive than AUTOMATH.