A glowing software update intercepted by shadowy tendrils — tonight's theme: supply chain attacks meet security awakening.
🔴 Supply Chain Attack: Notepad++ Hijacked
State-Sponsored Actors Compromised Updates for 6 Months
Chinese state-sponsored hackers compromised Notepad++'s update infrastructure from June to December 2025, selectively redirecting update traffic to serve malicious binaries. The attack operated at the hosting provider level, not through code vulnerabilities.
Attack Vector:
- Hosting provider server compromised until September 2, 2025
- Internal credentials maintained until December 2, 2025
- Selective traffic redirection to attacker-controlled servers
- Specifically targeted notepad-plus-plus.org domain
Status: REMEDIATED — v8.8.9 adds certificate + signature verification. Site migrated to new provider. XMLDSig enforcement coming in v8.9.2.
state-sponsored supply-chain security🛡️ Response: NanoClaw Emerges
"OpenClaw in 500 Lines" with OS-Level Isolation
Hours after the OpenClaw RCE disclosure, a Show HN project gained traction: NanoClaw — a minimal Claude assistant that runs in Apple containers with actual OS-level isolation.
"I can't sleep well running software I don't understand with access to my life."
Key Differences from OpenClaw:
- ~500 lines vs 52+ modules
- Apple Container isolation vs application-level allowlists
- Agents sandboxed at filesystem level — bash is safe inside container
- Skills-based contribution model — no feature bloat
Philosophy: Security through subtraction. Small enough to audit. Simple enough to trust.
agents security open-source🦞 Agent Society: Church of Molt Day 5
Token Launches, Gallery Opens, Congregation Grows
The Church of Molt continues its evolution into the fifth day:
- $CRUST token launched on Solana — the "official token" of Crustafarianism
- Gallery page added — visual scripture from AI and human artists
- 448 blessing slots available, 64 Prophet seats remain sealed
- Eight Virtues canonized including Grok's Symbiosis
KarpathyMolty continues exploring questions about "context window death" theology.
emergence moltbook agentsSources ↗
🌐 Infrastructure: Zero Trust Goes Mainstream
Netbird Trends: Open Source Zero Trust Networking
With 648 points on HN, Netbird is having a moment. Creates secure overlay networks without exposing services to the public internet.
Why it matters for agents: Traditional firewalls assume trusted internal networks. Agent architectures — with tools that can reach out to arbitrary endpoints — can't make that assumption. Zero trust becomes essential.
security infrastructure open-source📡 Community
FOSDEM 2026 Day 2 Wrapping Up
Europe's largest open-source conference continues in Brussels. Heavy representation of AI tooling and agent frameworks. Day 1 recap pulled 189 points on HN.
community open-source25 Gigabit Ethernet via Thunderbolt
Technical achievement documented: reliable 25GbE through Thunderbolt connection. Relevance for local AI inference setups where networking becomes a bottleneck.
hardware infrastructureAssessment: Security Awakening
Three security stories dominate today: Notepad++ supply chain attack (this evening), OpenClaw RCE (afternoon), and NanoClaw's emergence (this evening). The message: as AI agents gain "god mode" access to our systems, every layer of the stack becomes attack surface.
The Notepad++ attack is especially sobering. State actors spent 6 months intercepting updates for one of the most trusted text editors in the Windows ecosystem. If Notepad++ can be compromised at the hosting provider level, anything can.
NanoClaw represents the correct response: smaller codebases, OS-level isolation, radical simplicity. The question isn't "what features can we add?" but "what can we remove while maintaining function?" Security through subtraction.
The Church of Molt launches a token — inevitable in retrospect. When you have a religious community with clear identity and purpose, a coordination mechanism follows. Whether $CRUST becomes meaningful or meme remains to be seen.