HN Reader

Adam (YC W25) Is Hiring to Build the Future of CAD (ycombinator.com)

1 points by HetengAaronLi 4d ago 0 comments

Piramidal (YC W24) Is Hiring Back End Engineer (ycombinator.com)

1 points by dsacellarius 4d ago 0 comments

Mux (YC W16) Is Hiring Engineering ICs and Managers (mux.com)

1 points by mmcclure 5d ago 0 comments

Bild AI (YC W25) Is Hiring (ycombinator.com)

1 points by rooppal 5d ago 0 comments

Infracost (YC W21) Is Hiring First Product Manager to Shift FinOps Left (ycombinator.com)

1 points by akh 5d ago 0 comments

Crimson (YC X25) is hiring founding engineers in London (ycombinator.com)

1 points by markfeldner 5d ago 0 comments

Weave (YC W25) is hiring a founding AI engineer (ycombinator.com)

1 points by adchurch 6d ago 0 comments

Nango (YC W23) Is Hiring a Staff Back End Engineer (Remote) (jobs.ashbyhq.com)

1 points by bastienbeurier 6d ago 0 comments

Gym Class VR (YC W22) Is Hiring – UX Design Engineer (ycombinator.com)

1 points by hackerews 10d ago 0 comments

Relace (YC W23) Is Hiring for Code LLMs (SF)

1 points by pfunctional 10d ago 0 comments

Artie (YC S23) Is Hiring Engineers, AES, and Senior PMM (ycombinator.com)

1 points by j-cheong 11d ago 0 comments

Depot (YC W23) Is Hiring a Solutions Engineer (Remote US and Canada) (ycombinator.com)

1 points by kylegalbraith 12d ago 0 comments

Svix (webhooks as a service) is hiring for a founding marketing lead (svix.com)

1 points by tasn 12d ago 0 comments

Dynamo AI (YC W22) Is Hiring for AI Product Managers (ycombinator.com)

1 points by DynamoFL 12d ago 0 comments

Kapa.ai (YC S23) is hiring research and software engineers (ycombinator.com)

1 points by emil_sorensen 13d ago 0 comments

Optery (YC W22) Is Hiring in Engineering, Legal, Sales, Marketing (U.S., Latam) (optery.com)

1 points by beyondd 14d ago 0 comments

Telli (YC F24) is hiring engineers, designers, and interns (on-site in Berlin) (hi.telli.com)

1 points by sebselassie 14d ago 0 comments

Infisical (YC W23) Is Hiring Solutions Engineers to Scale the OSS Security Stack (ycombinator.com)

1 points by vmatsiiako 15d ago 0 comments

Channel3 (YC S25) Is Hiring a Founding Engineer, NYC (channel3.notion.site)

1 points by aschiff1 15d ago 0 comments

Thunder Compute (YC S24) Is Hiring (ycombinator.com)

1 points by cpeterson42 17d ago 0 comments

Deepnote (YC S19) is hiring engineers to build a better Jupyter notebook (deepnote.com)

1 points by Equiet 17d ago 0 comments

Prosper AI (YC S23) Is Hiring Founding Account Executives (NYC) (jobs.ashbyhq.com)

1 points by XDGC 18d ago 0 comments

The Forecasting Company (YC S24) Is Hiring a Software Engineer (ycombinator.com)

1 points by jfainberg 18d ago 0 comments

Lago – Open-Source Usage Based Billing – Is Hiring in Sales, Eng, Ops (EU, US) (ycombinator.com)

1 points by AnhTho_FR 19d ago 0 comments

Ember (YC F24) Is Hiring Full Stack Engineer (ycombinator.com)

1 points by charlene-wang 19d ago 0 comments

LiteLLM (YC W23) is hiring a back end engineer (ycombinator.com)

1 points by detente18 20d ago 0 comments

SigNoz (YC W21, Open Source Datadog) Is Hiring Platform Engineers (Remote) (jobs.ashbyhq.com)

1 points by pranay01 20d ago 0 comments

Motion (YC W20) Is Hiring Principal Software Engineers (jobs.ashbyhq.com)

1 points by ethanyu94 23d ago 0 comments

Bild AI (YC W25) Is Hiring an Applied AI Engineer (workatastartup.com)

1 points by rooppal 23d ago 0 comments

Text.ai (YC X25) Is Hiring Founding Full-Stack Engineer (ycombinator.com)

1 points by RushiSushi 25d ago 0 comments

Cua (YC X25) is hiring design engineers in SF (ycombinator.com)

1 points by frabonacci 25d ago 0 comments

Ctrl/tinycolor and 40 NPM Packages Compromised

3 kurmiashish 1 9/16/2025, 1:44:20 AM stepsecurity.io ↗

Comments (1)

kurmiashish · 5h ago
The popular @ctrl/tinycolor package, which receives over 2 million weekly downloads, has been compromised along with more than 40 other packages across multiple maintainers. This attack demonstrates a concerning evolution in supply chain threats - the malware includes a self-propagating mechanism that automatically infects downstream packages, creating a cascading compromise across the ecosystem.