Hacker News: kunalsin9h

Visa invests in Replit to power agentic payments for developers

kunalsin9h — Thu, 28 May 2026 17:41:58 +0000

Article URL: https://techcrunch.com/2026/05/28/visa-invests-in-replit-to-power-agentic-payments-for-developers/

Comments URL: https://news.ycombinator.com/item?id=48312586

Points: 4

# Comments: 0

A Eureka machine that thinks like nature and explores what AI cannot

kunalsin9h — Thu, 28 May 2026 06:40:31 +0000

Article URL: https://iisc.ac.in/a-eureka-machine-that-thinks-like-nature-and-explores-what-ai-cannot/

Comments URL: https://news.ycombinator.com/item?id=48305446

Points: 139

# Comments: 42

The guide to RL environments: building and scaling them in the LLM era

kunalsin9h — Sun, 24 May 2026 12:41:18 +0000

Article URL: https://huggingface.co/spaces/AdithyaSK/rl-environments-guide

Comments URL: https://news.ycombinator.com/item?id=48256800

Points: 2

# Comments: 0

New comment by kunalsin9h in "Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised"

kunalsin9h — Tue, 19 May 2026 09:04:49 +0000

As similar to 1st wave of Shai Hulud, this also got it through opentionalDependency. intresting

New comment by kunalsin9h in "Your terminal, finally has memory!"

kunalsin9h — Wed, 18 Mar 2026 04:44:47 +0000

wow!, but i feel in your github, --for is unnecessary, as in your website the claudes example is the perfect example how --for is not required!

New comment by kunalsin9h in "Show HN: AI-native memory, recall and reminder on CLI – 100% local with Ollama"

kunalsin9h — Tue, 17 Mar 2026 20:00:18 +0000

bro, you solved my claude resume session id storage issue, now i an just store them in this, and fetch them with natural language. f!

New comment by kunalsin9h in "The AI coding agent audit trail tool"

kunalsin9h — Sun, 01 Feb 2026 15:34:05 +0000

it is guaranteed to have everything, i.e no loss in data?

New comment by kunalsin9h in "[dead]"

kunalsin9h — Wed, 23 Apr 2025 15:45:09 +0000

We recently identified a sophisticated supply chain attack vector in the npm ecosystem. The package "express-cookie-parser" impersonates the popular "cookie-parser" but with a critical difference: unlike most malicious packages that trigger during installation, this one maintains perfect API compatibility and only executes its payload when loaded by the application at runtime.

Key findings:

- Uses a domain generation algorithm (DGA) with SHA256 hash to create C2 domains - Self-deletes and removes references from the original index.js - Downloads a "startup.js" payload to Google Chrome's user data directory - Executes using the Node executable in path

This represents a concerning evolution in supply chain attacks, as it avoids detection during installation and security scanning. The npm team acted quickly to remove the package once reported.

We're also working on dynamic analysis tools for open source packages to better detect these types of sophisticated threats. Happy to answer any questions about our methodology or findings!

CD for Docker Swarm? Inspired by ArgoCD

kunalsin9h — Thu, 10 Apr 2025 03:33:11 +0000

Article URL: https://github.com/KunalSin9h/meltcd

Comments URL: https://news.ycombinator.com/item?id=43640359

Points: 2

# Comments: 0

Show HN: Policy driven vulnerabilities scanning on free Gitlab account (CE) [video]

kunalsin9h — Wed, 09 Apr 2025 16:55:36 +0000

Description: GitLab CI Component that lets you seamlessly protect your pipelines from vulnerable and malicious open source dependencies. The component integrates directly into your CI/CD workflow through the GitLab CI Catalog and allows you to establish policy-driven guardrails using Common Expression Language (CEL).

Key features:

- Set your own opinionated security policies as code using CEL - Detect and block risky OSS components before they enter your codebase - Seamless integration as a native GitLab CI Component - Available directly in the GitLab CI Catalog

Try and lets us know our thoughts!

Comments URL: https://news.ycombinator.com/item?id=43634397

Points: 2

# Comments: 0

Show HN: Gitlab CI Component for Vet – Protect CI Pipelines from Vulnerable OSS

kunalsin9h — Wed, 02 Apr 2025 16:31:31 +0000

GitLab CI Component that lets you seamlessly protect your pipelines from vulnerable and malicious open source dependencies. The component integrates directly into your CI/CD workflow through the GitLab CI Catalog and allows you to establish policy-driven guardrails using Common Expression Language (CEL).

Key features:

Try and lets us know our thoughts!

Comments URL: https://news.ycombinator.com/item?id=43558486

Points: 1

# Comments: 0

Show HN: Vet Policy Configuration as UI

kunalsin9h — Tue, 01 Apr 2025 07:36:59 +0000

Inspired from DigitalOcean's NginxCONFIG, I have created Vet PolicyConfig a UI for creating policy.yml files for vet. Vet is a Open Source tool for finding vulnerabilities and malware in projects.

Comments URL: https://news.ycombinator.com/item?id=43543902

Points: 1

# Comments: 0