The Subtle Art of Taming Flows and Coroutines in Kotlin, or 'How Not to DDoS Yourself with Server-Sent Events'
https://www.reddit.com/r/programming/comments/1nbl1dm/the_subtle_art_of_taming_flows_and_coroutines_in/
submitted by /u/cekrem (https://www.reddit.com/user/cekrem)
[link] (https://cekrem.github.io/posts/the-subtle-art-of-taming-flows-and-coroutines-in-kotlin/) [comments] (https://www.reddit.com/r/programming/comments/1nbl1dm/the_subtle_art_of_taming_flows_and_coroutines_in/)
https://www.reddit.com/r/programming/comments/1nbl1dm/the_subtle_art_of_taming_flows_and_coroutines_in/
submitted by /u/cekrem (https://www.reddit.com/user/cekrem)
[link] (https://cekrem.github.io/posts/the-subtle-art-of-taming-flows-and-coroutines-in-kotlin/) [comments] (https://www.reddit.com/r/programming/comments/1nbl1dm/the_subtle_art_of_taming_flows_and_coroutines_in/)
Largest NPM Compromise in History - Supply Chain Attack
https://www.reddit.com/r/programming/comments/1nbqt4d/largest_npm_compromise_in_history_supply_chain/
<!-- SC_OFF -->Hey Everyone We just discovered that around 1 hour ago packages with a total of 2 billion weekly downloads on npm were compromised all belonging to one developer https://www.npmjs.com/~qix ansi-styles (371.41m downloads per week)
debug (357.6m downloads per week)
backslash (0.26m downloads per week)
chalk-template (3.9m downloads per week)
supports-hyperlinks (19.2m downloads per week)
has-ansi (12.1m downloads per week)
simple-swizzle (26.26m downloads per week)
color-string (27.48m downloads per week)
error-ex (47.17m downloads per week)
color-name (191.71m downloads per week)
is-arrayish (73.8m downloads per week)
slice-ansi (59.8m downloads per week)
color-convert (193.5m downloads per week)
wrap-ansi (197.99m downloads per week)
ansi-regex (243.64m downloads per week)
supports-color (287.1m downloads per week)
strip-ansi (261.17m downloads per week)
chalk (299.99m downloads per week) The compromises all stem from a core developers NPM account getting taken over from a phishing campaign The malware itself, luckily, looks like its mostly intrested in crypto at the moment so its impact is smaller than if they had installed a backdoor for example. How the Malware Works (Step by Step) Injects itself into the browser Hooks core functions like fetch, XMLHttpRequest, and wallet APIs (window.ethereum, Solana, etc.). Ensures it can intercept both web traffic and wallet activity. Watches for sensitive data Scans network responses and transaction payloads for anything that looks like a wallet address or transfer. Recognizes multiple formats across Ethereum, Bitcoin, Solana, Tron, Litecoin, and Bitcoin Cash. Rewrites the targets Replaces the legitimate destination with an attacker-controlled address. Uses “lookalike” addresses (via string-matching) to make swaps less obvious. Hijacks transactions before they’re signed Alters Ethereum and Solana transaction parameters (e.g., recipients, approvals, allowances). Even if the UI looks correct, the signed transaction routes funds to the attacker. Stays stealthy If a crypto wallet is detected, it avoids obvious swaps in the UI to reduce suspicion. Keeps silent hooks running in the background to capture and alter real transactions Our blog is being dynamically updated - https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised <!-- SC_ON --> submitted by /u/Advocatemack (https://www.reddit.com/user/Advocatemack)
[link] (https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised) [comments] (https://www.reddit.com/r/programming/comments/1nbqt4d/largest_npm_compromise_in_history_supply_chain/)
https://www.reddit.com/r/programming/comments/1nbqt4d/largest_npm_compromise_in_history_supply_chain/
<!-- SC_OFF -->Hey Everyone We just discovered that around 1 hour ago packages with a total of 2 billion weekly downloads on npm were compromised all belonging to one developer https://www.npmjs.com/~qix ansi-styles (371.41m downloads per week)
debug (357.6m downloads per week)
backslash (0.26m downloads per week)
chalk-template (3.9m downloads per week)
supports-hyperlinks (19.2m downloads per week)
has-ansi (12.1m downloads per week)
simple-swizzle (26.26m downloads per week)
color-string (27.48m downloads per week)
error-ex (47.17m downloads per week)
color-name (191.71m downloads per week)
is-arrayish (73.8m downloads per week)
slice-ansi (59.8m downloads per week)
color-convert (193.5m downloads per week)
wrap-ansi (197.99m downloads per week)
ansi-regex (243.64m downloads per week)
supports-color (287.1m downloads per week)
strip-ansi (261.17m downloads per week)
chalk (299.99m downloads per week) The compromises all stem from a core developers NPM account getting taken over from a phishing campaign The malware itself, luckily, looks like its mostly intrested in crypto at the moment so its impact is smaller than if they had installed a backdoor for example. How the Malware Works (Step by Step) Injects itself into the browser Hooks core functions like fetch, XMLHttpRequest, and wallet APIs (window.ethereum, Solana, etc.). Ensures it can intercept both web traffic and wallet activity. Watches for sensitive data Scans network responses and transaction payloads for anything that looks like a wallet address or transfer. Recognizes multiple formats across Ethereum, Bitcoin, Solana, Tron, Litecoin, and Bitcoin Cash. Rewrites the targets Replaces the legitimate destination with an attacker-controlled address. Uses “lookalike” addresses (via string-matching) to make swaps less obvious. Hijacks transactions before they’re signed Alters Ethereum and Solana transaction parameters (e.g., recipients, approvals, allowances). Even if the UI looks correct, the signed transaction routes funds to the attacker. Stays stealthy If a crypto wallet is detected, it avoids obvious swaps in the UI to reduce suspicion. Keeps silent hooks running in the background to capture and alter real transactions Our blog is being dynamically updated - https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised <!-- SC_ON --> submitted by /u/Advocatemack (https://www.reddit.com/user/Advocatemack)
[link] (https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised) [comments] (https://www.reddit.com/r/programming/comments/1nbqt4d/largest_npm_compromise_in_history_supply_chain/)
Color NPM Package Compromised
https://www.reddit.com/r/programming/comments/1nbv9w3/color_npm_package_compromised/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://fasterthanli.me/articles/color-npm-package-compromised) [comments] (https://www.reddit.com/r/programming/comments/1nbv9w3/color_npm_package_compromised/)
https://www.reddit.com/r/programming/comments/1nbv9w3/color_npm_package_compromised/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://fasterthanli.me/articles/color-npm-package-compromised) [comments] (https://www.reddit.com/r/programming/comments/1nbv9w3/color_npm_package_compromised/)
Firefox 32-bit Linux Support to End in 2026
https://www.reddit.com/r/programming/comments/1nbv9xc/firefox_32bit_linux_support_to_end_in_2026/
submitted by /u/Doniisthemaindog (https://www.reddit.com/user/Doniisthemaindog)
[link] (https://blog.mozilla.org/futurereleases/2025/09/05/firefox-32-bit-linux-support-to-end-in-2026/) [comments] (https://www.reddit.com/r/programming/comments/1nbv9xc/firefox_32bit_linux_support_to_end_in_2026/)
https://www.reddit.com/r/programming/comments/1nbv9xc/firefox_32bit_linux_support_to_end_in_2026/
submitted by /u/Doniisthemaindog (https://www.reddit.com/user/Doniisthemaindog)
[link] (https://blog.mozilla.org/futurereleases/2025/09/05/firefox-32-bit-linux-support-to-end-in-2026/) [comments] (https://www.reddit.com/r/programming/comments/1nbv9xc/firefox_32bit_linux_support_to_end_in_2026/)
A complete map of the Rust type system
https://www.reddit.com/r/programming/comments/1nbvabp/a_complete_map_of_the_rust_type_system/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://rustcurious.com/elements/) [comments] (https://www.reddit.com/r/programming/comments/1nbvabp/a_complete_map_of_the_rust_type_system/)
https://www.reddit.com/r/programming/comments/1nbvabp/a_complete_map_of_the_rust_type_system/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://rustcurious.com/elements/) [comments] (https://www.reddit.com/r/programming/comments/1nbvabp/a_complete_map_of_the_rust_type_system/)
The Key Points of Working Effectively with Legacy Code
https://www.reddit.com/r/programming/comments/1nbvb12/the_key_points_of_working_effectively_with_legacy/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://understandlegacycode.com/blog/key-points-of-working-effectively-with-legacy-code/) [comments] (https://www.reddit.com/r/programming/comments/1nbvb12/the_key_points_of_working_effectively_with_legacy/)
https://www.reddit.com/r/programming/comments/1nbvb12/the_key_points_of_working_effectively_with_legacy/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://understandlegacycode.com/blog/key-points-of-working-effectively-with-legacy-code/) [comments] (https://www.reddit.com/r/programming/comments/1nbvb12/the_key_points_of_working_effectively_with_legacy/)
Hashed sorting is typically faster than hash tables
https://www.reddit.com/r/programming/comments/1nbvchv/hashed_sorting_is_typically_faster_than_hash/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://reiner.org/hashed-sorting) [comments] (https://www.reddit.com/r/programming/comments/1nbvchv/hashed_sorting_is_typically_faster_than_hash/)
https://www.reddit.com/r/programming/comments/1nbvchv/hashed_sorting_is_typically_faster_than_hash/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://reiner.org/hashed-sorting) [comments] (https://www.reddit.com/r/programming/comments/1nbvchv/hashed_sorting_is_typically_faster_than_hash/)
Everything is a []u8
https://www.reddit.com/r/programming/comments/1nbvest/everything_is_a_u8/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.openmymind.net/Everything-Is-A-u8-array/) [comments] (https://www.reddit.com/r/programming/comments/1nbvest/everything_is_a_u8/)
https://www.reddit.com/r/programming/comments/1nbvest/everything_is_a_u8/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.openmymind.net/Everything-Is-A-u8-array/) [comments] (https://www.reddit.com/r/programming/comments/1nbvest/everything_is_a_u8/)
Writing Code Is Easy. Reading It Isn't
https://www.reddit.com/r/programming/comments/1nbvfcs/writing_code_is_easy_reading_it_isnt/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://idiallo.com/blog/writing-code-is-easy-reading-is-hard) [comments] (https://www.reddit.com/r/programming/comments/1nbvfcs/writing_code_is_easy_reading_it_isnt/)
https://www.reddit.com/r/programming/comments/1nbvfcs/writing_code_is_easy_reading_it_isnt/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://idiallo.com/blog/writing-code-is-easy-reading-is-hard) [comments] (https://www.reddit.com/r/programming/comments/1nbvfcs/writing_code_is_easy_reading_it_isnt/)
No Silver Bullet: Essence and Accidents of Software Engineering (1986) [pdf]
https://www.reddit.com/r/programming/comments/1nbvh5t/no_silver_bullet_essence_and_accidents_of/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.cs.unc.edu/techreports/86-020.pdf) [comments] (https://www.reddit.com/r/programming/comments/1nbvh5t/no_silver_bullet_essence_and_accidents_of/)
https://www.reddit.com/r/programming/comments/1nbvh5t/no_silver_bullet_essence_and_accidents_of/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.cs.unc.edu/techreports/86-020.pdf) [comments] (https://www.reddit.com/r/programming/comments/1nbvh5t/no_silver_bullet_essence_and_accidents_of/)
Forty-Four Esolangs: The Art of Esoteric Code
https://www.reddit.com/r/programming/comments/1nbvhnx/fortyfour_esolangs_the_art_of_esoteric_code/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://spectrum.ieee.org/esoteric-programming-languages-daniel-temkin) [comments] (https://www.reddit.com/r/programming/comments/1nbvhnx/fortyfour_esolangs_the_art_of_esoteric_code/)
https://www.reddit.com/r/programming/comments/1nbvhnx/fortyfour_esolangs_the_art_of_esoteric_code/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://spectrum.ieee.org/esoteric-programming-languages-daniel-temkin) [comments] (https://www.reddit.com/r/programming/comments/1nbvhnx/fortyfour_esolangs_the_art_of_esoteric_code/)
Keeping secrets out of logs
https://www.reddit.com/r/programming/comments/1nbvi5u/keeping_secrets_out_of_logs/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://allan.reyes.sh/posts/keeping-secrets-out-of-logs/) [comments] (https://www.reddit.com/r/programming/comments/1nbvi5u/keeping_secrets_out_of_logs/)
https://www.reddit.com/r/programming/comments/1nbvi5u/keeping_secrets_out_of_logs/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://allan.reyes.sh/posts/keeping-secrets-out-of-logs/) [comments] (https://www.reddit.com/r/programming/comments/1nbvi5u/keeping_secrets_out_of_logs/)
The Expression Problem and its solutions
https://www.reddit.com/r/programming/comments/1nbvifp/the_expression_problem_and_its_solutions/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://eli.thegreenplace.net/2016/the-expression-problem-and-its-solutions) [comments] (https://www.reddit.com/r/programming/comments/1nbvifp/the_expression_problem_and_its_solutions/)
https://www.reddit.com/r/programming/comments/1nbvifp/the_expression_problem_and_its_solutions/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://eli.thegreenplace.net/2016/the-expression-problem-and-its-solutions) [comments] (https://www.reddit.com/r/programming/comments/1nbvifp/the_expression_problem_and_its_solutions/)
Algebraic Effects in Practice with Flix
https://www.reddit.com/r/programming/comments/1nbviq4/algebraic_effects_in_practice_with_flix/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.relax.software/blog/flix-effects-intro/) [comments] (https://www.reddit.com/r/programming/comments/1nbviq4/algebraic_effects_in_practice_with_flix/)
https://www.reddit.com/r/programming/comments/1nbviq4/algebraic_effects_in_practice_with_flix/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.relax.software/blog/flix-effects-intro/) [comments] (https://www.reddit.com/r/programming/comments/1nbviq4/algebraic_effects_in_practice_with_flix/)
Hitting Peak File IO Performance with Zig
https://www.reddit.com/r/programming/comments/1nbvjga/hitting_peak_file_io_performance_with_zig/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://steelcake.com/blog/nvme-zig/) [comments] (https://www.reddit.com/r/programming/comments/1nbvjga/hitting_peak_file_io_performance_with_zig/)
https://www.reddit.com/r/programming/comments/1nbvjga/hitting_peak_file_io_performance_with_zig/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://steelcake.com/blog/nvme-zig/) [comments] (https://www.reddit.com/r/programming/comments/1nbvjga/hitting_peak_file_io_performance_with_zig/)
Emulating Rust's Result and ? in Jai with Metaprogramming
https://www.reddit.com/r/programming/comments/1nbvji6/emulating_rusts_result_and_in_jai_with/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://jamesoswald.dev/posts/jai-result/) [comments] (https://www.reddit.com/r/programming/comments/1nbvji6/emulating_rusts_result_and_in_jai_with/)
https://www.reddit.com/r/programming/comments/1nbvji6/emulating_rusts_result_and_in_jai_with/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://jamesoswald.dev/posts/jai-result/) [comments] (https://www.reddit.com/r/programming/comments/1nbvji6/emulating_rusts_result_and_in_jai_with/)
Resources, Laziness, and Continuation-Passing Style
https://www.reddit.com/r/programming/comments/1nbvjjk/resources_laziness_and_continuationpassing_style/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://journal.infinitenegativeutility.com/resources-laziness-and-continuation-passing-style) [comments] (https://www.reddit.com/r/programming/comments/1nbvjjk/resources_laziness_and_continuationpassing_style/)
https://www.reddit.com/r/programming/comments/1nbvjjk/resources_laziness_and_continuationpassing_style/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://journal.infinitenegativeutility.com/resources-laziness-and-continuation-passing-style) [comments] (https://www.reddit.com/r/programming/comments/1nbvjjk/resources_laziness_and_continuationpassing_style/)
Java 21 ⮕ 25: Performance and Runtime Enhancements #RoadTo25
https://www.reddit.com/r/programming/comments/1ncae0y/java_21_25_performance_and_runtime_enhancements/
submitted by /u/BlueGoliath (https://www.reddit.com/user/BlueGoliath)
[link] (https://www.youtube.com/watch?v=renTMvh51iM) [comments] (https://www.reddit.com/r/programming/comments/1ncae0y/java_21_25_performance_and_runtime_enhancements/)
https://www.reddit.com/r/programming/comments/1ncae0y/java_21_25_performance_and_runtime_enhancements/
submitted by /u/BlueGoliath (https://www.reddit.com/user/BlueGoliath)
[link] (https://www.youtube.com/watch?v=renTMvh51iM) [comments] (https://www.reddit.com/r/programming/comments/1ncae0y/java_21_25_performance_and_runtime_enhancements/)
Can a tiny server running FastAPI/SQLite survive the hug of death?
https://www.reddit.com/r/programming/comments/1ncan42/can_a_tiny_server_running_fastapisqlite_survive/
<!-- SC_OFF -->I run tiny indie apps on a Linux box. On a good day, I get ~300 visitors. But what if I hit a lot of traffic? Could my box survive the hug of death? So I load tested it: Reads? 100 RPS with no errors. Writes? Fine after enabling WAL. Search? Broke… until I switched to SQLite FTS5. <!-- SC_ON --> submitted by /u/IntelligentHope9866 (https://www.reddit.com/user/IntelligentHope9866)
[link] (https://rafaelviana.com/posts/hug-of-death) [comments] (https://www.reddit.com/r/programming/comments/1ncan42/can_a_tiny_server_running_fastapisqlite_survive/)
https://www.reddit.com/r/programming/comments/1ncan42/can_a_tiny_server_running_fastapisqlite_survive/
<!-- SC_OFF -->I run tiny indie apps on a Linux box. On a good day, I get ~300 visitors. But what if I hit a lot of traffic? Could my box survive the hug of death? So I load tested it: Reads? 100 RPS with no errors. Writes? Fine after enabling WAL. Search? Broke… until I switched to SQLite FTS5. <!-- SC_ON --> submitted by /u/IntelligentHope9866 (https://www.reddit.com/user/IntelligentHope9866)
[link] (https://rafaelviana.com/posts/hug-of-death) [comments] (https://www.reddit.com/r/programming/comments/1ncan42/can_a_tiny_server_running_fastapisqlite_survive/)
Signal Secure Backups
https://www.reddit.com/r/programming/comments/1ncb4hj/signal_secure_backups/
submitted by /u/cheerfulboy (https://www.reddit.com/user/cheerfulboy)
[link] (https://signal.org/blog/introducing-secure-backups/) [comments] (https://www.reddit.com/r/programming/comments/1ncb4hj/signal_secure_backups/)
https://www.reddit.com/r/programming/comments/1ncb4hj/signal_secure_backups/
submitted by /u/cheerfulboy (https://www.reddit.com/user/cheerfulboy)
[link] (https://signal.org/blog/introducing-secure-backups/) [comments] (https://www.reddit.com/r/programming/comments/1ncb4hj/signal_secure_backups/)
Incident Report for Anthropic
https://www.reddit.com/r/programming/comments/1ncb4wu/incident_report_for_anthropic/
submitted by /u/cheerfulboy (https://www.reddit.com/user/cheerfulboy)
[link] (https://status.anthropic.com/incidents/72f99lh1cj2c) [comments] (https://www.reddit.com/r/programming/comments/1ncb4wu/incident_report_for_anthropic/)
https://www.reddit.com/r/programming/comments/1ncb4wu/incident_report_for_anthropic/
submitted by /u/cheerfulboy (https://www.reddit.com/user/cheerfulboy)
[link] (https://status.anthropic.com/incidents/72f99lh1cj2c) [comments] (https://www.reddit.com/r/programming/comments/1ncb4wu/incident_report_for_anthropic/)