Arkiv

LiteLLM Python package compromised by supply-chain attack

litellm-python-package-compromised-by-supply-chain-attack

Summary The litellm==1.82.8 wheel package on PyPI contains a malicious .pth file (litellm_init.pth, 34,628 bytes) that automatically executes a credential-stealing script every time the Python interpreter starts — no import litellm required. This is a supply chain compromise. The malicious file is listed in the package’s own RECORD: litellm_init.pth,sha256=ceNa7wMJnNHy1kRnNCcwJaFjWX3pORLfMh7xGL8TUjg,34628 Reproduction pip download litellm==1.82.8 –no-deps -d […]

Nanobrew: The fastest macOS package manager compatible with brew

$ nb install jq ==> Resolving dependencies…     [38ms] ==> Installing 1 package(s):     jq 1.7.1 ==> Downloading + installing 1 packages…     ✓ jq ==> Done in 1102.4ms $ nb list jq 1.7.1 $ nb update # self-update nanobrew ==> Updating nanobrew… ==> nanobrew updated successfully

Debunking Zswap and Zram Myths

debunking-zswap-and-zram-myths

tl;dr: If in doubt, prefer to use zswap. Only use zram if you have a highly specific reason to. In terms of architecture: zswap sits in front of your disk swap, compresses pages in RAM, and automatically tiers cold data to disk. It integrates directly with the kernel’s memory management and distributes pressure gracefully. zram […]

curl > /dev/sda: How I made a Linux distro that runs wget | dd

curl->-/dev/sda:-how-i-made-a-linux-distro-that-runs-wget-|-dd

How I made a Linux distro that runs `wget | dd` 2026-03-24 02:10 Linux http To replace your Linux installation with a new OS, you can download a pre-prepared disk image directly to your disk by running a command like this: curl https://something.example/foo.img > /dev/sda # (or whatever your disk is called) No need to […]

Local Bernstein theory, and lower bounds for Lebesgue constants

local-bernstein-theory,-and-lower-bounds-for-lebesgue-constants

Local Bernstein theory, and lower bounds for Lebesgue constants 23 March, 2026 in math.CA, math.CV, paper | Tags: exponential type, Lagrange interpolation, Paul Erdos, trigonometric polynomials | by Terence Tao I’ve just uploaded to the arXiv my paper “Local Bernstein theory, and lower bounds for Lebesgue constants“. This paper was initially motivated by a problem of […]

Microsoft’s ”Fix” for Windows 11: Flowers After the Beating

microsoft’s-”fix”-for-windows-11:-flowers-after-the-beating

Microsoft just announced a 7-point plan to fix Windows 11, and the tech press is treating it like a redemption arc. Pavan Davuluri, the Windows president, admitted in January 2026 that ”Windows 11 had gone off track” and said Microsoft was entering a mode called ”swarming” where engineers would be pulled off new features to […]

Show HN: ProofShot – Give AI coding agents eyes to verify the UI they build

show-hn:-proofshot-–-give-ai-coding-agents-eyes-to-verify-the-ui-they-build

ProofShot — Visual proof for AI-built code Open Source — MIT Licensed Let your AI agent prove its own work with video recording, error logs, and proof artifacts — every time it ships code. $ npm install -g proofshot GitHub REC localhost:3000/board New item Name Enable dark mode Priority P0 P1 P2 🧭 Navigate: /board […]

From zero to a RAG system: successes and failures

from-zero-to-a-rag-system:-successes-and-failures

A few months ago I was tasked with creating an internal tool for the company’s engineers: a Chat that used a local LLM. Nothing extraordinary so far. Then the requirements came in: it had to have a fast response, I insist… fast!, and… it also had to provide answers about every project the company has […]

Gzip decompression in 250 lines of Rust

gzip-decompression-in-250-lines-of-rust

i wanted to have a deeper understanding of how compression actually works, so i wrote a gzip decompressor from scratch. the result is about 250 lines of rust that can decompress gzip from a file or stdin. why bother? gzip is everywhere. it compresses your web traffic, your log files, your documentation / man pages, […]