HN Reader

Show HN: Scientific Calculator for Android (play.google.com)

2 points by Codegres 1h ago 0 comments

Show HN: I built a decentralized protocol for predicting interest rate movement (kairosswap.com)

3 points by vinniejames 3h ago 0 comments

Show HN: Ghostpipe – Connect files in your codebase to user interfaces (github.com)

4 points by adriaanmulder 3h ago 1 comments

Show HN: I built a tool to visually manage my LLM prompt templates and save them (promptcanvas.ml4den.com)

3 points by ml4den 3h ago 2 comments

Show HN: AI Code Detector – detect AI-generated code with 95% accuracy (code-detector.ai)

69 points by henryl 6h ago 58 comments

Show HN: Pyproc – Call Python from Go Without CGO or Microservices (github.com)

38 points by acc_10000 21h ago 9 comments

Show HN: A store that generates products from anything you type in search (anycrap.shop)

1142 points by kafked 3d ago 326 comments

Show HN: I Collected Every Emoticon I Could Find – All Mood and Generator (emoticonhub.com)

2 points by AdityaGavit 5h ago 1 comments

Show HN: I wrote a from-scratch OS to serve my blog (github.com)

5 points by thasso 10h ago 0 comments

Show HN: I reverse engineered macOS to allow custom Lock Screen wallpapers (cindori.com)

77 points by cindori 1d ago 56 comments

Show HN: Quizquestions.org – A free library for quiz questions (quizquestions.org)

2 points by Salim99 6h ago 0 comments

Show HN: Daffodil – Open-Source Ecommerce Framework to connect to any platform (github.com)

64 points by damienwebdev 1d ago 8 comments

Show HN: AI-powered web service combining FastAPI, Pydantic-AI, and MCP servers (github.com)

42 points by Aherontas 2d ago 22 comments

Show HN: Omarchy on CachyOS (github.com)

63 points by theYipster 1d ago 61 comments

Show HN: Semlib – Semantic Data Processing (github.com)

57 points by anishathalye 1d ago 12 comments

Show HN: Clean Clode – Clean Messy Terminal Pastes from Claude Code and Codex (cleanclode.com)

4 points by thewojo 8h ago 2 comments

Show HN: Dagger.js – A buildless, runtime-only JavaScript micro-framework (daggerjs.org)

76 points by TonyPeakman 1d ago 73 comments

Show HN: Alyx, a caffeine tracker with no accountability (alyxcaffeinetracker.com)

2 points by jordanmorgan10 9h ago 1 comments

Show HN: Should v0.2.0 – debugging Go tests made easier (github.com)

2 points by andrey-1201 3h ago 0 comments

Show HN: Universal single-letter project commands to speed up your CLI workflow (github.com)

2 points by paldepind2 9h ago 0 comments

Show HN: MCP Server Installation Instructions Generator (hyprmcp.com)

21 points by pmig 1d ago 6 comments

Show HN: Drop-in Redis replacement in Rust with 5M+ GET/s (github.com)

19 points by mehrant 15h ago 3 comments

Show HN: Datadef.io – Canvas for data lineage and metadata management (datadef.io)

12 points by theolouvart 2d ago 6 comments

Show HN: Small Transfers – charge from 0.000001 USD per request for your SaaS (smalltransfers.com)

192 points by strnisa 6d ago 74 comments

Show HN: Ruminate – AI reading tool for understanding hard things (tryruminate.com)

17 points by rshanreddy 1d ago 3 comments

Show HN: I built an app store for open-source financial plans (on spreadsheets) (finfam.app)

46 points by mhashemi 1d ago 14 comments

Show HN: Blocks – Dream work apps and AI agents in minutes (blocks.diy)

11 points by shelly_ 1d ago 3 comments

Show HN: Vicinae – A native, Raycast-compatible launcher for Linux (github.com)

178 points by aurellius 7d ago 34 comments

Show HN: HN Term – browse HN using the terminal (github.com)

9 points by arthurtakeda 1d ago 0 comments

Show HN: I made a generative online drum machine with ClojureScript (dopeloop.ai)

199 points by chr15m 4d ago 50 comments

Show HN: Term.everything – Run any GUI app in the terminal (github.com)

1077 points by mmulet 7d ago 144 comments

Show HN: Ultraplot – A succint wrapper for matplotlib (github.com)

34 points by cvanelteren 6d ago 13 comments

Show HN: InfiniteTalk AI – AI Lip-Sync Video Generator for Long Videos (infinitetalk.net)

2 points by laiwuchiyuan 21h ago 0 comments

Show HN: Building a Deep Research Agent Using MCP-Agent (thealliance.ai)

90 points by saqadri 6d ago 19 comments

Show HN: CLAVIER-36 – A programming environment for generative music (clavier36.com)

144 points by river_dillon 3d ago 25 comments

Show HN: Open Line Protocol – a minimal wire for AI agents (MIT) (github.com)

2 points by terrynce 23h ago 1 comments

Show HN: A tool to make a bootable USB installer out of macOS, or download it (macdaddy.io)

3 points by feelix 1d ago 2 comments

Show HN: TailGuard – Bridge your WireGuard router into Tailscale via a container (github.com)

149 points by juhovh 6d ago 36 comments

Show HN: Labspace Directory – Biotech resource for lab space (labspacedirectory.com)

3 points by ejhodges 1d ago 0 comments

Show HN: Bottlefire – Build single-executable microVMs from Docker images (bottlefire.dev)

161 points by losfair 9d ago 24 comments

Show HN: Making a cross-platform game in Go using WebRTC Datachannels (pion.ly)

72 points by valorzard 6d ago 12 comments

Show HN: Httpjail – HTTP(s) request filter for processes (github.com)

4 points by ammario 1d ago 0 comments

Show HN: PaperSync, making ArXiv papers collaborative (hackcmu25.vercel.app)

9 points by qflop 2d ago 5 comments

Show HN: A Daily Typing Challenge in the TUI (github.com)

2 points by FarzanHashmi 1d ago 2 comments

Show HN: C++ Compiler Support Page (cppstat.dev)

67 points by cemdervis 8d ago 30 comments

Show HN: Helios, an open-source distributed AI network using idle community GPUs (github.com)

2 points by fnoracr 1d ago 0 comments

Show HN: Allzonefiles.io – download 307M registered domain names (allzonefiles.io)

4 points by iryndin 1d ago 4 comments

Show HN: Haystack – Review pull requests like you wrote them yourself (haystackeditor.com)

86 points by akshaysg 6d ago 59 comments

Show HN: An MCP Gateway to block the lethal trifecta (github.com)

50 points by 76SlashDolphin 4d ago 22 comments

Show HN: Building an open-source agentic terminal (davehudson.io)

4 points by tritondev 1d ago 3 comments

PyPI Blog: Token Exfiltration Campaign via GitHub Actions Workflows

10 miketheman 2 9/16/2025, 9:09:47 PM blog.pypi.org ↗

Comments (2)

zahlman · 1h ago
> Attackers targeted a wide variety of repositories, many of which had PyPI tokens stored as GitHub secrets, modifying their workflows to send those tokens to external servers. While the attackers successfully exfiltrated some tokens, they do not appear to have used them on PyPI.

It's wild to me that people entrust a third-party CI system with API secrets, and then also entrust that same system to run "actions" provided by other third parties.

miketheman · 4h ago
Incident report of a recent attack campaign targeting GitHub Actions workflows to exfiltrate PyPI tokens, our response, and steps to protect your projects.