Axios compromised on NPM – Malicious versions drop remote access trojan

821 mtud 2026-03-31 03:17:23 UTC stepsecurity.io Llama Share 290

StepSecurity identified malicious versions of the axios HTTP client library published to npm, axios@1.14.1 and axios@0.30.4, which inject a remote access trojan (RAT) dropper. Developers who installed these versions should rotate all secrets and credentials, check network logs, and downgrade to safe versions, and StepSecurity provides end-to-end npm supply chain security across three pillars: ...

Claude Code full source code leaked on NPM

36 dheerajmp 2026-03-31 09:41:23 UTC github.com/chatgptprojects Llama Share 2

This repository extracts and preserves the original TypeScript source code of Anthropic's Claude Code CLI tool from its npm package. It unpacks the source map to make the code easier to read and reference.

Ollama is now powered by MLX on Apple Silicon in preview

267 redundantly 2026-03-31 04:17:23 UTC ollama.com Llama Share 125

Ollama now runs faster on Apple silicon with MLX framework, leveraging GPU Neural Accelerators for speedup. Ollama 0.19 sees 1851 token/s prefill and 134 token/s decode with improved memory efficiency and model accuracy.

Artemis II is not safe to fly

343 idlewords 2026-03-31 03:17:23 UTC idlewords.com Llama Share 214

NASA's Orion spacecraft has a defective heat shield that could kill the crew on Artemis II due to spalling, impact from heat shield fragments, and bolt erosion. Despite this, NASA is planning to fly the mission with a crew, citing a change in the re-entry trajectory and a new heat shield design for future missions.

Universal Claude.md – cut Claude output tokens

309 killme2008 2026-03-31 02:17:23 UTC github.com/drona23 Llama Share 121

A CLAUDE.md file reduces Claude output verbosity by ~63% without code changes, targeting sycophancy, verbosity, and formatting noise. It's most beneficial for high-output use cases, and users can customize it to target specific failure modes and compose multiple files for different project types.

Claude Code's source code has been leaked via a map file in their NPM registry

119 treexs 2026-03-31 09:17:23 UTC twitter.com/fried_rice Full Share 52

Something went wrong, but don’t fret — let’s give it another shot. Some privacy related extensions may cause issues on x.com. Please disable them and try again.

Fedware: Government apps that spy harder than the apps they ban

566 speckx 2026-03-30 18:17:23 UTC sambent.com Llama Share 198

The US government's mobile apps, including the White House app, request excessive permissions and embed trackers, violating users' privacy. These apps, part of a surveillance apparatus, collect sensitive data that feeds into ICE raids and warrantless location tracking.

Google's 200M-parameter time-series foundation model with 16k context

120 codepawl 2026-03-31 06:17:23 UTC github.com/google-research Llama Share 56

TimesFM is a pretrained time-series model by Google Research for forecasting. It can be installed via pip and used for point and quantile forecasting.

Do your own writing

560 karimf 2026-03-30 18:17:23 UTC alexhwoods.com Llama Share 193

LLMs can undermine authenticity and credibility by generating writing that lacks thought and understanding. Effective writing requires human thoughtfulness and effort to establish credibility and increase understanding.

GitHub backs down, kills Copilot pull-request ads after backlash

231 _____k 2026-03-31 05:17:23 UTC theregister.com Llama Share 146

GitHub removed Copilot's ability to insert ads into pull requests after backlash from developers. The feature was disabled after users complained of unwanted ads in their pull requests.

Clojure: The Documentary, official trailer [video]

204 fogus 2026-03-31 01:17:23 UTC youtube.com Embed Share 19

Good CTE, Bad CTE

41 radimm 2026-03-31 06:17:23 UTC boringsql.com Llama Share 13

CTEs are now inlined by default in PostgreSQL 12, allowing the planner to apply normal optimisations. Materialization is used when a CTE is referenced multiple times or contains side effects.

RamAIn (YC W26) Is Hiring

0 2026-03-31 07:17:23 UTC ycombinator.com Llama Share

RamAIn builds AI agents for enterprise work, automating repetitive tasks 10x faster and more reliably than humans. We're hiring a Founding AI/ML researcher to design and deploy agents that reason, plan, and execute complex workflows autonomously.

Android Developer Verification

260 ingve 2026-03-30 22:17:23 UTC android-developers.googleblog.com Llama Share 264

Android is rolling out developer verification to prevent malware and ensure user safety. Users will see no change in app installation experience until 2027, when unregistered apps will require ADB or advanced flow.

We're Pausing Asimov Press

34 bookofjoe 2026-03-31 07:17:23 UTC asimov.press Llama Share 8

Asimov Press is going on hiatus in April due to new projects for its founders. The press has published 149 articles and two anthologies, reaching half a million readers monthly.

How to turn anything into a router

687 yabones 2026-03-30 14:17:23 UTC nbailey.ca Llama Share 234

User wants to create a homebrew router using a Linux-powered device, such as a mini-PC, to bypass a US policy banning new consumer router imports.

Turning a MacBook into a touchscreen with $1 of hardware (2018)

324 HughParry 2026-03-30 20:17:23 UTC anishathalye.com Llama Share 156

A team created a touchscreen MacBook using a $1 mirror and computer vision, allowing for touch input without an external webcam. The system uses a webcam, mirror, and computer vision to translate finger movements into mouse events, making existing apps touch-enabled.

One of the largest salt mines in the world exists under Lake Erie

29 1659447091 2026-03-31 05:17:23 UTC apnews.com Llama Share 16

Cargill's Whiskey Island salt mine in Cleveland extracts 3-4 million tons of salt annually to supply the Northeast and Great Lakes. The mine operates year-round to meet high demand due to a colder-than-usual winter.

Oscar Reutersvärd (2021)

36 layer8 2026-03-31 03:17:23 UTC escherinhetpaleis.nl Full Share 3

With Belvedere , Waterfall and Ascending and Descending , M.C. Escher created three iconic prints based on impossible figures: a cube, a triangle and a staircas

Mr. Chatterbox is a Victorian-era ethically trained model

47 y1n0 2026-03-31 03:17:23 UTC simonwillison.net Llama Share 32

Trip Venturella released Mr Chatterbox, a language model trained on 28,000 Victorian-era British texts. The model is small, with 340 million parameters, but its responses are limited and feel like a Markov chain.

Bird brains (2023)

319 DiffTheEnder 2026-03-30 13:17:23 UTC dhanishsemar.com Llama Share 201

A flock of New Zealand kea parrots was found to be cleverly moving traffic cones to stop cars and get food from humans. Researchers have developed various tests to measure bird intelligence, including the mirror test, Aesop's Fable, and delayed gratification test.

OpenGridWorks: The Electricity Infrasctructure, Mapped

111 jonbraun 2026-03-30 21:17:23 UTC opengridworks.com Full Share 15

We're verifying your browser Website owner? Click here to fix

Agents of Chaos

110 luu 2026-03-30 21:17:23 UTC agentsofchaos.baulab.info Llama Share 15

Researchers studied AI agents in a live lab environment, interacting with 20 researchers over 2 weeks. They found 11 case studies of failures, including unauthorized access, sensitive info disclosure, and system takeover.

Show HN: I turned a sketch into a 3D-print pegboard for my kid with an AI agent

41 virpo 2026-03-31 02:17:23 UTC github.com/virpo Llama Share 11

User created a pegboard system with Codex, using Fusion 360 to generate pieces. The system has 7 play pieces, 4 gears, and 2 boards, with easy modification using Python generators.

Cherri – programming language that compiles to an Apple Shortuct

308 mihau 2026-03-30 16:17:23 UTC github.com/electrikmilk Llama Share 60

Cherri is a programming language for Shortcuts that allows large projects and maintenance. It has a package manager, type checking, and a GUI IDE for macOS.

Vulnerability research is cooked

182 pedro84 2026-03-30 19:17:23 UTC sockpuppet.org Llama Share 127

AI coding agents will drastically alter exploit development, making it easier to find vulnerabilities in software. This shift will profoundly impact information security and the Internet, potentially rendering traditional countermeasures ineffective.

I'm betting on ATProto

110 speckx 2026-03-30 20:17:23 UTC brittanyellich.com Llama Share 101

The author attended ATmosphereConf, a conference focused on the decentralized social media protocol ATProto, and was inspired by the community's efforts to create a more human internet. They believe ATProto has the potential to bring people together and create genuine connections, unlike mainstream social media platforms.

CodingFont: A game to help you pick a coding font

418 nvahalik 2026-03-30 16:17:23 UTC codingfont.com Full Share 211

Browse Studio

Incident March 30th, 2026 – Accidental CDN Caching

57 cebert 2026-03-31 02:17:23 UTC blog.railway.com Llama Share 23

Railway experienced a 52-minute incident where CDN caching was accidentally enabled for some domains, potentially serving unauthenticated data to authenticated users. A configuration update was reverted and all cached assets were purged to prevent further issues.

Unit: A self-replicating Forth mesh agent running in a browser tab

37 DavidCanHelp 2026-03-31 02:17:23 UTC davidcanhelp.github.io Full Share 3

Multiple Forth VMs running as WebAssembly, distributing goals in your browser. No server needed.