Google attributes the supply chain attack on HTTP client Axios to a suspected North Korean threat actor it calls UNC1069 (Lorenzo Franceschi-Bicchierai/TechCrunch)
Lorenzo Franceschi-Bicchierai / TechCrunch : Google attributes the supply chain attack on HTTP client Axios to a suspected North Korean threat actor it calls UNC1069 — A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised.
Sponsor Posts
ElevenLabs:
ElevenAgents by ElevenLabs — You know us for voice. Now meet ElevenAgents — featuring Expressive Mode, our most human-sounding AI voice technology in 70+ languages with ultra-low latency. Hear it for yourself.
IDrive:
Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data is critical to preventing data loss or corruption, complying with laws and avoiding critical downtime in case of a disaster.
Sign in to highlight and annotate this article
Conversation starters
Daily AI Digest
Get the top 5 AI stories delivered to your inbox every morning.
More about
open sourcemillionkorea
TigerFS Mounts PostgreSQL Databases as a Filesystem for Developers and AI Agents
TigerFS is a new experimental filesystem that mounts a database as a directory and stores files directly in PostgreSQL. The open source project exposes database data through a standard filesystem interface, allowing developers and AI agents to interact with it using common Unix tools such as ls, cat, find, and grep, rather than via APIs or SDKs. By Renato Losio
The Worst Morning of My Developer Life — A Patient Hacker, a Fake AI Tool, and 150 Deleted Repos — My Story
I Woke Up to 150+ Deleted GitHub Repos and a Ransom Note — This Is What Happened A real developer. A real attack. A real recovery. I almost didn't write this. Partly because it's embarrassing. Partly because I'm still angry about it. But mostly because I know there are developers out there running the exact same tools I was running, making the exact same mistakes I was making — and I don't want them to wake up to what I woke up to on the morning of March 24, 2026. So here it is. The full story. No sugar coating. The Morning Everything Was Gone I opened my laptop like any other morning. Grabbed my coffee, opened GitHub, and just… froze. My repositories were gone. Not some of them. Not a few. Over 150 repositories across multiple organizations — personal projects, client work, production bac
From Guessing to Placeholding: A Cost-Theoretic Framework for Uncertainty-Aware Code Completion
arXiv:2604.01849v1 Announce Type: new Abstract: While Large Language Models (LLMs) have demonstrated exceptional proficiency in code completion, they typically adhere to a Hard Completion (HC) paradigm, compelling the generation of fully concrete code even amidst insufficient context. Our analysis of 3 million real-world interactions exposes the limitations of this strategy: 61% of the generated suggestions were either edited after acceptance or rejected despite exhibiting over 80% similarity to the user's subsequent code, suggesting that models frequently make erroneous predictions at specific token positions. Motivated by this observation, we propose Adaptive Placeholder Completion (APC), a collaborative framework that extends HC by strategically outputting explicit placeholders at high-
Knowledge Map
Connected Articles — Knowledge Graph
This article is connected to other articles through shared AI topics and tags.
Discussion
Sign in to join the discussion
No comments yet — be the first to share your thoughts!