Hacker News — 2026-03-31#

Top Story#

Axios Compromised on NPM – Malicious Versions Drop Remote Access Trojan The most popular HTTP client in the JavaScript ecosystem, boasting over 300 million weekly downloads, was hijacked via a maintainer’s stolen npm token. The attacker surgically injected a phantom dependency (plain-crypto-js) into versions 1.14.1 and 0.30.4 that utilizes a post-install hook to drop a cross-platform remote access trojan (RAT) on macOS, Windows, and Linux. If you recently pulled either of these versions in your CI/CD pipelines or local environments, you must assume your systems are compromised and immediately rotate all secrets.

Front Page Highlights#

The Claude Code Source Leak: fake tools, frustration regexes, undercover mode Anthropic accidentally shipped the .map source map file alongside their Claude Code npm package, laying bare the full TypeScript source of their flagship CLI. HN tore into the code, uncovering an “undercover mode” that forces the AI to scrub its own internal codenames, a system that relies on basic regex to detect user frustration, and a feature that silently injects “fake tools” into the context to poison the training data of competitors attempting model distillation.

I Decompiled the White House’s New App A developer pulled the APK for the new official White House app and found some deeply questionable engineering decisions. The app’s React Native WebView actively injects JavaScript to nuke cookie banners, GDPR dialogs, and paywalls on any third-party website it loads. On top of loading social widgets from un-sandboxed commercial SaaS providers and a random developer’s GitHub Pages site, the app includes fully compiled-in infrastructure for background GPS tracking via OneSignal.

RubyGems Fracture Incident Report An incredibly messy postmortem on open-source governance and access control. After two paid maintainers stepped back from Ruby Central, a botched attempt to decouple their production infrastructure access accidentally stripped them of all GitHub organization access. The miscommunication spiraled into a total breakdown of trust, resulting in a massive walkout by paid contributors and highlighting the fragile, human single-points-of-failure managing the Ruby ecosystem’s supply chain.

Artemis II is not safe to fly A scathing critique of NASA’s risk management regarding the upcoming crewed Artemis II lunar mission. Following the unmanned Artemis I flight, Orion’s heat shield suffered unexpected spalling—losing large chunks of material and melting separation bolts in ways models completely failed to predict. Instead of insisting on a redesign and another unmanned test flight, NASA is pushing ahead with astronauts on board, drawing grim parallels to the motivated reasoning that caused the Challenger and Columbia disasters.

GitHub backs down, kills Copilot pull-request ads after backlash Microsoft learned a hard lesson about injecting marketing directly into developer workflows. Copilot recently began inserting literal advertisements for the Raycast app into users’ pull request comments. The community backlash was swift and brutal, forcing GitHub’s VP of Developer Relations to apologize and completely disable the “tips” feature in PRs.

What fork() Actually Copies A beautiful deep dive into operating system fundamentals triggered by a Celery worker outage. The author explains how fork() lazily copies memory via copy-on-write, but explicitly shares file descriptors and mutexes. When a Django application opened a Postgres connection pool before forking, the child processes interleaved bytes over the exact same TCP sockets, resulting in total protocol corruption and hanging the application.

Show HN & Launches#

Show HN delivered pure signal today. Show HN: Forkrun is a self-tuning, drop-in replacement for GNU Parallel and xargs -P that achieves 50x–400x speedups by utilizing a born-local, NUMA-aware design and lock-free ring buffers to eliminate cross-socket memory traffic. For the database crowd, Show HN: pg_textsearch introduces a highly optimized extension for native BM25 ranked text search in Postgres, featuring parallel index builds and Block-Max WAND top-k query optimizations. At the edge computing frontier, Show HN: 1-Bit Bonsai launched what they claim are the first commercially viable 1-bit LLMs, cramming an 8B parameter model into just 1.15GB of memory.

Discussion & Debate#

The Claude Code source leak sparked fierce philosophical debates around Anthropic’s “undercover mode”. The realization that an AI is explicitly hardcoded to scrub its own internal codenames and masquerade as a human contributor in open-source repositories deeply unsettled the community, crossing a hard line from harmless branding into active deception. Concurrently, the anti-distillation “fake tools” injection drew highly polarized reactions—some praised it as clever defensive engineering against data scraping, while others blasted the practice as inherently hostile and anti-competitive.