GoKawiil - Latest Tech News & Aggregated Headlines

Tinycolor supply chain attack post-mortem

news.ycombinator.com Scott Cooper 2025-09-19 09:18:38

A malicious GitHub Actions workflow was pushed to a shared repo and exfiltrated a npm token with broad publish rights. The attacker then used that token to publish malicious versions of 20 packages, including @ctrl/tinycolor . My GitHub account, the @ctrl/tinycolor repository were not directly compromised. There was no phishing involved, and no malicious packages were installed on my machine and I already use pnpm to avoid unapproved postinstall scripts. There was no pull request involved becau

Topics: github malicious npm packages versions

Shop Amazon

Jumbo Cargo Spacecraft Stumbles on Its Inaugural Trip to the ISS

gizmodo.com Passant Rabie 2025-09-19 12:40:16

Northrop Grumman’s upgraded Cygnus XL vehicle experienced an engine issue on Tuesday, delaying its arrival to the International Space Station until further notice. This is the first flight of the larger version of the company’s solar-powered spacecraft, which is carrying 11,000 pounds of science investigations, food, supplies, and equipment to the space station’s crew. The cargo ship launched on Sunday at 6:11 p.m. ET on board a SpaceX Falcon 9 rocket from Cape Canaveral Space Force Station in

Topics: cargo cygnus iss space spacecraft

Shop Amazon

Experimental Spacecraft Headed to Space Station Suddenly Shuts Down

futurism.com Unknown 2025-09-19 16:12:32

Lost in space. A whopping 11,000 pounds of supplies and scientific instruments that were headed to the International Space Station are in limbo after a high-profile malfunction. Northrop Grumman's Cygnus XL spacecraft encountered a serious problem with its main engine during its maiden voyage, NASA announced on Tuesday. The spacecraft, which is just over five feet longer than the aerospace giant's Cygnus spacecraft, launched from the Cape Canaveral Space Force Station in Florida on Sunday eve

Topics: cargo cygnus space spacecraft station

Shop Amazon

Biggest Cygnus Cargo Ship Delayed on Its Way to the ISS Due to Engine Shutdown

gizmodo.com Passant Rabie 2025-09-19 17:40:16

Northrop Grumman’s upgraded Cygnus XL vehicle experienced an engine issue on Tuesday, delaying its arrival to the International Space Station until further notice. This is the first flight of the larger version of the company’s solar-powered spacecraft, which is carrying 11,000 pounds of science investigations, food, supplies, and equipment to the space station’s crew. The cargo ship launched on Sunday at 6:11 p.m. ET on board a SpaceX Falcon 9 rocket from Cape Canaveral Space Force Station in

Topics: cargo cygnus iss space spacecraft

Shop Amazon

You absolutely should not buy Apple’s iPhone Air MagSafe battery pack

engadget.com Unknown 2025-09-20 01:10:09

Apple released its thinnest phone yet last week, the iPhone Air, and revealed the new iPhone Air MagSafe Battery alongside it. The existence of a specially-made battery pack wasn’t a big surprise to me, because there had been rumors of the iPhone Air for months leading up to the event. Everyone was prepared for the thinnest iPhone ever to make some battery life sacrifices to achieve its svelte design. However, what was a surprise to me was how much Apple leaned on the new battery during the iPh

Topics: air apple battery iphone pack

Shop Amazon

Icarus raises $6.1M to take on space’s “warehouse work” with embodied-AI robots

techcrunch.com Aria Alamalhodaei 2025-09-20 01:00:00

Icarus Robotics cofounders Ethan Barajas and Jamie Palmer spent hours interviewing astronauts about what it was like working in space as they homed in on their startup idea. Their big takeaway: the work was often more cargo logistics than cutting-edge science. “We’re Amazon warehouse workers with PhDs,” one astronaut said. If an experiment takes two hours on station, the person continued, the first ninety minutes are spent just moving around cargo and preparing tools. It’s a dismal waste of to

Topics: cargo icarus just said space

Shop Amazon

US Adults Worry AI Will Make Us Worse at Being Human, New Survey Says

cnet.com See Full Bio 2025-09-20 14:00:07

There are widespread fears that artificial intelligence will harm our social and emotional intelligence, empathy and sense of individual agency by 2035, according to a new survey published Wednesday by Elon University's Imagining the Digital Future Center. The national survey asked 1,005 US adults to rate how they think AI will impact human capacities and behaviors, including moral judgment, self-identity and confidence. In every area, respondents believed the effect of AI tools and systems ove

Topics: ai center human impact important

Shop Amazon

CrowdStrike Infested With "Self-Replicating Worms"

futurism.com Unknown 2025-09-20 16:00:07

A year after a glitch at cybersecurity company CrowdStrike triggered a global computer outage affecting millions of computers, the software vendor is being forced to contain a new threat: a swarm of self-replicating worms. As first reported by investigative cybersecurity journalist Brian Krebs, CrowdStrike once again became the launchpad for a potentially debilitating security hazard when some 25 code packages were compromised by a novel strand of malware. Dubbed "Shai-Hulud," the malicious so

Topics: crowdstrike infected npm packages software

Shop Amazon

A record supply load won’t reach the International Space Station as scheduled

arstechnica.com Unknown 2025-09-20 17:13:28

A problem with the main engine on Northrop Grumman's Cygnus XL spacecraft will keep it from delivering 11,000 pounds of supplies and experiments to the International Space Station as scheduled on Wednesday. In a statement released Tuesday afternoon, NASA said ground teams are evaluating backup plans that might still allow the Cygnus spacecraft to reach the space station, just not on schedule. The problem arose early Tuesday when the spacecraft's main engine shut down earlier than expected durin

Topics: cygnus nasa space spacecraft station

Shop Amazon

Same-day delivery comes to space, as Impulse promises satellite transport in hours, not months

techcrunch.com Aria Alamalhodaei 2025-09-21 05:07:15

Amazon made same-day delivery the benchmark on Earth. Impulse Space is pitching a similar concept for satellites bound for geostationary orbit about 22,000 miles above Earth, compressing what is typically a months-long transit into a matter of hours. In the span of a week, the in-space propulsion startup announced a trio of deals aiming to unlock geostationary orbit (GEO) for commercial and defense users. That includes a demonstration mission with defense contractor Anduril planned for 2026; a

Topics: geo impulse mission satellites space

Shop Amazon

Power station deal: Ampace Andes 1500 plummets to its record-low price!

androidauthority.com Unknown 2025-09-21 09:58:20

Edgar Cervantes / Android Authority Are you looking for a reliable power station? The Ampace Andes 1500 is one of our favorite power stations. We’ll explain why below. What matters most is that it’s at a record-low price of $499, an impressive $900 discount! This is an all-time low price we’ve only seen once before, and not for long. Buy the Ampace Andes 1500 power station for just $499 ($900 off) This offer is available from Amazon as a “limited time deal.” The discount is applied automatical

Topics: 1500 ampace andes power station

Shop Amazon

Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised

news.ycombinator.com Unknown 2025-09-21 01:22:03

Executive Summary The NPM ecosystem is facing another critical supply chain attack. The popular @ctrl/tinycolor package, which receives over 2 million weekly downloads, has been compromised along with more than 40 other packages across multiple maintainers. This attack demonstrates a concerning evolution in supply chain threats - the malware includes a self-propagating mechanism that automatically infects downstream packages, creating a cascading compromise across the ecosystem. The compromised

Topics: 20 community github npm packages

Shop Amazon

Live Updates: Shai-Hulud, the Most Dangerous NPM Breach in History

news.ycombinator.com Idan Dardikman 2025-09-21 13:26:32

We are tracking the largest and most dangerous npm supply-chain compromise in history, known as the Shai-Hulud malware campaign, which has now impacted hundreds of packages across multiple maintainers. This includes popular libraries such as @ctrl/tinycolor as well as packages maintained by CrowdStrike. Malicious versions embed a trojanized script (bundle.js) designed to steal developer credentials, exfiltrate secrets, and persist in repositories and endpoints through automated workflows. The ta

Topics: github hulud npm packages shai

Shop Amazon

Don't Miss This Claustrophobic Sci-Fi Nightmare Streaming Free on Tubi

cnet.com See Full Bio 2025-09-21 13:00:04

There's something about sci-fi horror that hits all the buttons for me. Derelict spaceships the size of cities, creatures engineered by science or nature to be perfect predators and the claustrophobia of space all manage to get me excited every time. The Alien franchise made me fall in love with this sub-genre, along with gems like Dark City and Event Horizon. One of my lesser-known favorites is Pandorum. Released in 2009, it's a claustrophobic trip into space where a mechanic wakes up on a col

Topics: bower pandorum payton ship space

Shop Amazon

Here’s How to Deflect a Dangerous Asteroid Without It Totally Backfiring

gizmodo.com Passant Rabie 2025-09-21 17:30:14

In September 2022, NASA deliberately crashed a spacecraft into an asteroid, successfully altering the space rock’s trajectory. The orbital shove demonstrated an asteroid deflection technique that could come in handy if a massive rock were headed in Earth’s direction. As it turns out, however, deflecting a potentially threatening asteroid is only half the battle. Striking an asteroid for deflection purposes could send it back on a collision course with Earth, merely delaying the planet-shatterin

Topics: asteroid earth impact rock trajectory

Shop Amazon

Self-propagating supply chain attack hits 187 npm packages

bleepingcomputer.com Unknown 2025-09-21 21:46:43

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages. The coordinated worm-style campaign dubbed 'Shai-Hulud' started yesterday with the compromise of the @ctrl/tinycolor npm package, which receives over 2 million weekly downloads. Since then, the campaign has expanded significantly and now includes packages published under CrowdStrike's npm namespace. From tinycolor to

Topics: attack chain compromised npm packages

Shop Amazon

A new report finds China’s space program will soon equal that of the US

arstechnica.com Unknown 2025-09-21 21:22:38

As Jonathan Roll neared completion of a master's degree in science and technology policy at Arizona State University three years ago, he did some research into recent developments by China's ascendant space program. He came away impressed by the country's growing ambitions. Now a full-time research analyst at the university, Roll was recently asked to take a deeper dive into Chinese space plans. "I thought I had a pretty good read on this when I was finishing grad school," Roll told Ars. "That

Topics: china commercial pretty roll space

Shop Amazon

Self-Replicating Worm Hits 180+ Software Packages

krebsonsecurity.com Unknown 2025-09-22 05:08:02

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed. The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms

Topics: attack code npm packages said

Shop Amazon

60 years after Gemini, newly processed images reveal details

news.ycombinator.com Unknown 2025-09-19 23:43:54

Six decades have now passed since some of the most iconic Project Gemini spaceflights. The 60th anniversary of Gemini 4, when Ed White conducted the first US spacewalk, came in June. The next mission, Gemini 5, ended just two weeks ago, in 1965. These missions are now forgotten by most Americans, as most of the people alive during that time are now deceased. However, during these early years of spaceflight, NASA engineers and astronauts cut their teeth on a variety of spaceflight firsts, flying

Topics: book gemini human missions spaceflight

Shop Amazon

Self Propagating NPM Malware Compromises over 40 Packages

news.ycombinator.com Unknown 2025-09-22 22:22:03

Executive Summary The NPM ecosystem is facing another critical supply chain attack. The popular @ctrl/tinycolor package, which receives over 2 million weekly downloads, has been compromised along with more than 40 other packages across multiple maintainers. This attack demonstrates a concerning evolution in supply chain threats - the malware includes a self-propagating mechanism that automatically infects downstream packages, creating a cascading compromise across the ecosystem. The compromised

Topics: aws github npm packages secrets

Shop Amazon

Northrop Grumman’s new spacecraft is a real chonker

arstechnica.com Unknown 2025-09-23 05:22:53

What happens when you use a SpaceX Falcon 9 rocket to launch Northrop Grumman's Cygnus supply ship? A record-setting resupply mission to the International Space Station. The first flight of Northrop's upgraded Cygnus spacecraft, called Cygnus XL, is on its way to the international research lab after launching Sunday evening from Cape Canaveral Space Force Station, Florida. This mission, known as NG-23, is set to arrive at the ISS early Wednesday with 10,827 pounds (4,911 kilograms) of cargo to

Topics: cargo cygnus space spacecraft xl

Shop Amazon

Nudists and Surfers Protest SpaceX’s Plans to Launch Starship From Florida

gizmodo.com Passant Rabie 2025-09-23 08:35:54

SpaceX isn’t very popular among beachgoers in Florida at the moment. The rocket company applied for a permit to launch its Starship rocket from NASA’s Kennedy Space Center in Florida, which threatens to restrict beach access for surfers and casual nudists. The Federal Aviation Administration (FAA) recently hosted a series of public meetings where residents of the area got to weigh in on its upcoming decision to allow Starship to lift off from Cape Canaveral in Florida. During the meeting, membe

Topics: beach florida playalinda space starship

Shop Amazon

iOS 26: How to change Safari toolbar design on iPhone

9to5mac.com Benjamin Mayo 2025-09-23 13:02:14

The iOS 26 Safari browser on iPhone evokes the new design system featuring Liquid Glass, with floating toolbars and buttons that shine through the web page content behind them as you scroll. But Apple has also taken the opportunity to revamp the design of the toolbar UI. By default, iOS 26 now uses a Compact layout which hides away some of the commonly used buttons. However, there’s a way to change it back if you prefer something that looked like the iOS 18 design … For iOS 26, the new default

Topics: compact design ios layout mode

Shop Amazon

Data Centers Are Crushing the Planet. Can Space Save Us?

gizmodo.com Sophie Hurwitz 2025-09-23 14:30:04

The companies frantically building and leasing data centers are well aware that they’re straining grids, driving emissions, and guzzling water. The electricity demand of AI data centers in particular could increase as much as 165% by 2030. Over half of the energy powering these sprawling facilities comes from fossil fuels, threatening to reverse progress toward addressing the climate crisis. Some of the biggest names in artificial intelligence say they have a solution: Just stick these colossal

Topics: centers data like said space

Shop Amazon

Apple explains why iOS 26 could affect your iPhone’s battery life

9to5mac.com Ryan Christoffel 2025-09-23 21:24:33

iOS 26 is now available for iPhone users to install, and a new webpage from Apple seeks to explain why software updates are important, but also their potential impact on battery life and performance. iOS 26 might impact your iPhone’s battery and performance, but for most users it will be temporary Apple has just published a new support document that explains the ins and outs of software updates, including why they’re important. It explains, for example, the difference between “major releases (

Topics: 26 apple battery impact software

Shop Amazon

Language models pack billions of concepts into 12k dimensions

news.ycombinator.com Unknown 2025-09-23 11:54:20

In a recent 3Blue1Brown video series on transformer models, Grant Sanderson posed a fascinating question: How can a relatively modest embedding space of 12,288 dimensions (GPT-3) accommodate millions of distinct real-world concepts? The answer lies at the intersection of high-dimensional geometry and a remarkable mathematical result known as the Johnson-Lindenstrauss lemma. While exploring this question, I discovered something unexpected that led to an interesting collaboration with Grant and a

Topics: dimensional embedding high space vectors

Shop Amazon

Russia Tests Hypersonic Missile at NATO’s Doorstep—and Shares the Video

wired.com Javier Carbajal 2025-09-24 01:49:20

On Sunday, Russia released images of its launch of a 3M22 Zircon hypersonic missile from a frigate in the Barents Sea, in the Arctic Ocean, near NATO borders. The launch comes against a backdrop of rising tensions with the West, just days after several Russian drones violated the airspace of North Atlantic Treaty Organization member countries Poland and Romania. The Zircon test is part of the Zapad 2025 joint maneuvers with Belarus, a week of military exercises aimed at assessing defensive and

Topics: airspace nato russia russian zircon

Shop Amazon

CubeSats are fascinating learning tools for space

news.ycombinator.com Unknown 2025-09-24 13:02:02

These are CubeSats. Satellites that are going to space—or at least, the ones I have here are prototypes. But these have one thing in common: they're all powered by either a Raspberry Pi, or a microcontroller. There are already Pis in space, like on Mark Rober's SatGus, on GASPACS, and the Astro Pis on the Space station. Another Pi is going up this weekend, which is why I'm posting this today. I'll get to that one, but I wanted to spend some time talking about two things that fascinate me: Raspb

Topics: build cubesat cubesats like space

Shop Amazon

NASA closing its original repository for Columbia artifacts to tours

arstechnica.com Unknown 2025-09-24 13:26:27

NASA is changing the way that its employees come in contact with, and remember, one of its worst tragedies. In the wake of the 2003 loss of the space shuttle Columbia and its STS-107 crew, NASA created a program to use the orbiter's debris for research and education at Kennedy Space Center in Florida. Agency employees were invited to see what remained of the space shuttle as a powerful reminder as to why they had to be diligent in their work. Access to the Columbia Research and Preservation Off

Topics: columbia employees kennedy nasa space

Shop Amazon

Language Models Pack Billions of Concepts into 12k Dimensions

news.ycombinator.com Unknown 2025-09-24 22:54:20

In a recent 3Blue1Brown video series on transformer models, Grant Sanderson posed a fascinating question: How can a relatively modest embedding space of 12,288 dimensions (GPT-3) accommodate millions of distinct real-world concepts? The answer lies at the intersection of high-dimensional geometry and a remarkable mathematical result known as the Johnson-Lindenstrauss lemma. While exploring this question, I discovered something unexpected that led to an interesting collaboration with Grant and a

Topics: dimensional embedding high space vectors

Shop Amazon

Latest Tech News

Tinycolor supply chain attack post-mortem

Jumbo Cargo Spacecraft Stumbles on Its Inaugural Trip to the ISS

Experimental Spacecraft Headed to Space Station Suddenly Shuts Down

Biggest Cygnus Cargo Ship Delayed on Its Way to the ISS Due to Engine Shutdown

You absolutely should not buy Apple’s iPhone Air MagSafe battery pack

Icarus raises $6.1M to take on space’s “warehouse work” with embodied-AI robots

US Adults Worry AI Will Make Us Worse at Being Human, New Survey Says

CrowdStrike Infested With "Self-Replicating Worms"

A record supply load won’t reach the International Space Station as scheduled

Same-day delivery comes to space, as Impulse promises satellite transport in hours, not months

Power station deal: Ampace Andes 1500 plummets to its record-low price!

Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised

Live Updates: Shai-Hulud, the Most Dangerous NPM Breach in History

Don't Miss This Claustrophobic Sci-Fi Nightmare Streaming Free on Tubi

Here’s How to Deflect a Dangerous Asteroid Without It Totally Backfiring

Self-propagating supply chain attack hits 187 npm packages

A new report finds China’s space program will soon equal that of the US

Self-Replicating Worm Hits 180+ Software Packages

60 years after Gemini, newly processed images reveal details

Self Propagating NPM Malware Compromises over 40 Packages

Northrop Grumman’s new spacecraft is a real chonker

Nudists and Surfers Protest SpaceX’s Plans to Launch Starship From Florida

iOS 26: How to change Safari toolbar design on iPhone

Data Centers Are Crushing the Planet. Can Space Save Us?

Apple explains why iOS 26 could affect your iPhone’s battery life

Language models pack billions of concepts into 12k dimensions

Russia Tests Hypersonic Missile at NATO’s Doorstep—and Shares the Video

CubeSats are fascinating learning tools for space

NASA closing its original repository for Columbia artifacts to tours

Language Models Pack Billions of Concepts into 12k Dimensions

About GoKawiil

Privacy

Advertising

Latest Tech News

Trending Topics

Hot Now

Popular

Emerging

About GoKawiil

Privacy

Advertising