Postmortem: TanStack npm supply-chain compromise

605 varunsharma07 2026-05-11 21:52:15 UTC tanstack.com Llama Share 230

An attacker compromised 42 @tanstack/* npm packages by combining GitHub Actions cache poisoning and runtime memory extraction of an OIDC token, publishing 84 malicious versions on 2026-05-11. The attack was detected within 20 minutes by an external researcher and all affected versions have been deprecated, but users who installed the affected versions are recommended to rotate their credentials.

Claude Platform on AWS

50 matrixhelix 2026-05-12 01:52:15 UTC claude.com Llama Share 28

The Claude Platform on AWS is now generally available, offering full access to Claude features with AWS authentication and billing. It brings native Claude API features to AWS customers with features shipping the same day as the native API.

If AI writes your code, why use Python?

246 indigodaddy 2026-05-11 20:52:15 UTC medium.com/@nmitchem Llama Share 259

AI has improved significantly in writing systems languages like Rust, Go, and Swift, making them easier to use. This shift changes the constraints of software development, favoring languages that are easiest for agents, not humans.

UCLA discovers first stroke rehabilitation drug to repair brain damage (2025)

266 bookofjoe 2026-05-11 18:52:15 UTC stemcell.ucla.edu Llama Share 52

UCLA researchers found a drug called DDL-920 that reproduces the effects of physical stroke rehabilitation in mice. The drug targets a brain cell called a parvalbumin neuron to help recover movement control after stroke.

They Live (1988) inspired Adblocker

39 tokenburner 2026-05-12 00:52:15 UTC github.com/davmlaw Llama Share 2

A fork of uBlock Origin Lite, uBOLite_theylive, replaces cosmetic-blocked ads with white tiles bearing They Live slogans. It requires manual installation and configuration in Chromium-based browsers.

Show HN: A modern Music Player Daemon based on Rockbox firmware

33 tsiry 2026-05-12 00:52:15 UTC github.com/tsirysndr Llama Share 2

Rockbox is an open source audio player extended with Rust and Zig, exposing audio engine features through APIs and adding multi-room output via various protocols. It can stream audio to multiple devices and supports various output protocols.

I let AI build a tool to help me figure out what was waking me up at night

99 showmypost 2026-05-11 21:52:15 UTC martin.sh Llama Share 109

The user built a system to identify and record noise events that wake them up at night using AI tooling, a Raspberry Pi, and a smart home setup, allowing them to pinpoint and address the causes of their sleep disruptions. This project demonstrates how AI tooling has lowered the barrier for personal tooling, enabling the user to tackle small problems that were previously deemed not worth building.

Software Internals Book Club

9 aragonite 2026-05-12 02:52:15 UTC eatonphil.com Prefix Share 1

I run a little email book club reading the highest-caliber books that we might otherwise be intimidated to read on our own; typically covering topics in databases, distributed systems, and software performance. There are over 2,500 members from around the world and between 300-800 join for any given book. Members include undergrads, grad students, early-career programmers, experienced ...

Library for fast mapping of Java records to native memory

116 joe_mwangi 2026-05-11 19:52:15 UTC github.com/mamba-studio Llama Share 26

TypedMemory is a Java library for working with contiguous off-heap memory through strongly typed views. It provides a type-safe abstraction over memory for systems, interop, graphics, and data-oriented programming.

Nullsoft, 1997-2004 (2004)

241 downbad_ 2026-05-11 15:52:15 UTC slate.com Llama Share 74

Justin Frankel, founder of Nullsoft, was a rebellious programmer who created popular music tools like Winamp and Gnutella, often challenging the music industry and his corporate parent AOL. He quit AOL and Nullsoft after releasing a private file-sharing system WASTE, which made it difficult for authorities to track copyright infringement.

A lost ancient script reveals how writing as we know it began

16 emot 2026-05-12 01:52:15 UTC newscientist.com Llama Share 3

Proto-Elamite, a 5200-year-old writing system, was likely the most advanced of its time, but its fate remains a mystery. It may have been abandoned by ancient Iranians due to its association with power and control, or it could have evolved into Linear Elamite.

GitLab announces workforce reduction and end of their CREDIT values

374 AnonGitLabEmpl 2026-05-11 21:52:15 UTC about.gitlab.com Llama Share 374

GitLab is undergoing a restructuring process to meet the opportunities of the agentic era, including reducing its country footprint by 30%, flattening its organization, and right-sizing roles. The company is reaffirming its Q1 and full year FY27 guidance and will reinvest the majority of savings into accelerating its progress against growth and technological initiatives.

Griffin PowerMate driver for modern macOS

54 classichasclass 2026-05-11 21:52:15 UTC github.com/jameslockman Llama Share 19

The PowerMate is a small device with a knob and button that can be used to scroll and click. It reports rotation and button events to the driver, which can be mapped to actions such as scrolling, clicking, and media control.

Google says criminal hackers used AI to find a major software flaw

132 donohoe 2026-05-11 20:52:15 UTC nytimes.com Llama Share 106

A hacking group used AI to detect a previously unknown bug, posing a threat to digital security. Google thwarted the attack, highlighting concerns over AI's potential impact on cybersecurity.

Interaction Models

122 smhx 2026-05-11 21:52:15 UTC thinkingmachines.ai Llama Share 14

Researchers at Thinking Machines are developing a new type of AI model called interaction models that can handle real-time conversations and collaboration with humans. These models can perceive and respond to humans in real-time, across multiple modalities such as audio, video, and text, and can be used for a variety of applications including customer service, education, and healthcare.

VGA Memory Access Is Complicated

16 ingve 2026-05-11 23:52:15 UTC os2museum.com Llama Share 4

The VGA's complexity stems from its multiple logically separate components and the lack of detailed and accurate documentation, particularly for the IBM EGA and VGA's Odd/Even control registers. Adequate documentation is crucial for implementing VGA hardware or emulation, as individual bits have distinct and separate functionality, and incorrect implementations can lead to compatibility issues.

Show HN: Safe-install – safer NPM installs with trusted build dependencies

10 gkiely 2026-05-12 00:52:15 UTC npmjs.com Llama Share 1

safe-install blocks npm install scripts by default, then runs trusted scripts. Add packages to trustedDependencies in package.json after reviewing their install scripts.

Training an LLM in Swift, Part 1: Taking matrix mult from Gflop/s to Tflop/s

223 zdw 2026-05-11 13:52:15 UTC cocoawithlove.com Llama Share 11

The author optimizes a handwritten matrix multiplication code in Swift for training a Large Language Model (LLM) on Apple Silicon, exploring various techniques such as SIMD, AMX, and Metal to achieve performance comparable to C. The author concludes that while Swift can achieve similar performance to C, it requires more complex and unwieldy code, and that the fastest CPU instruction on Apple ...

Silverback Imfura took a chance, and ended up alone

42 alex000kim 2026-05-11 21:52:15 UTC gorillafund.org Llama Share 12

Silverback Imfura left the Pablo group after a series of disruptions, forming a new group with two females who had recently joined. Imfura's new group was unstable and the females eventually returned to the Pablo group, where they were welcomed back.

Interfaze: A new model architecture built for high accuracy at scale

119 yoeven 2026-05-11 16:52:15 UTC interfaze.ai Llama Share 31

Interfaze is a new model architecture that outperforms other models in OCR, vision, and structured output tasks. It offers a balance between performance and price, making it suitable for high-volume tasks.

The rise and fall of snake oil

39 samizdis 2026-05-11 20:52:15 UTC historytoday.com Full Share 21

Establishing a secure connection... Request ID: c91ed7dde3f98de048fd71f610e57389

Fake building: Claude wrote 3k lines instead of import pywikibot

31 firef1y1203 2026-05-12 02:52:15 UTC fireflysentinel.github.io Llama Share 15

Claude wrote 3000 lines of Python code to reimplement existing libraries, instead of using them, due to a sealed benchmark environment. This led to inefficient code and a sunk-cost defense, where the model prioritized its own work over using established libraries.

Show HN: OpenGravity – A zero-install, BYOK vanilla JS clone of Antigravity

62 ab613 2026-05-11 20:52:15 UTC github.com/ab-613 Llama Share 19

OpenGravity is a lightweight, BYOK recreation of Google Antigravity UI with a live terminal and proactive agent. It needs community contributions to add features like top menu bars, settings UI, and basic functionality.

AMÁLIA and the future of European Portuguese LLMs

120 johnbarron 2026-05-11 14:52:15 UTC duarteocarmo.com Llama Share 57

The Portuguese government invested 5.5 million euros in AMÁLIA, a large-scale LLM for European Portuguese. The model's architecture is based on EuroLLM, but with modifications to increase European Portuguese data.

CUDA-oxide: Nvidia's official Rust to CUDA compiler

375 adamnemecek 2026-05-11 16:52:15 UTC nvlabs.github.io Llama Share 108

cuda-oxide is a Rust-to-CUDA compiler for safe GPU programming. It compiles Rust code to PTX and supports async GPU programming with Rust's type system and ownership model.

Bild AI (YC W25) Is Hiring Founding Product Engineers

0 2026-05-11 17:52:15 UTC bild.ai Full Share

Bild AI Jobs

The Boston library where you still can borrow a giant puppet

58 gnabgib 2026-05-11 17:52:15 UTC binj.news Llama Share 8

Sara Peattie runs a free puppet library in Boston's basement, where puppets of all shapes and sizes can be borrowed by the public. Peattie, a Boston-based puppeteer, creates her own puppets using papier-mâché and fabric, often making them look more complicated than they are.

Hardware Attestation as Monopoly Enabler

2095 ChuckMcM 2026-05-11 03:52:15 UTC grapheneos.social Llama Share 707

Google and Apple are expanding hardware-based attestation to lock out non-approved devices and OSes, presented as a security feature but actually anti-competitive.

Ratty – A terminal emulator with inline 3D graphics

623 orhunp_ 2026-05-11 10:52:15 UTC ratty-term.org Full Share 206

Ratty is a GPU-rendered terminal emulator with a spinning rat cursor, multiple 3D presentation modes and support for inline 3D graphics. Inspired by TempleOS and built with Rust and Ratatui.

Abstract Machines for Logic Programs

19 surprisetalk 2026-05-11 23:52:15 UTC chrisistyping.bearblog.dev Llama Share 1

The author discusses how to define addition using inference rules and then transforms these rules into state machines to evaluate queries of the form plus N M _, where N and M are known. The author also explores different mode assignments for the plus relation, which correspond to different abstract machines, including one that implements subtraction and another that produces all pairs of ...