Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts. The
RaTeX: KaTeX-compatible LaTeX rendering engine in pure Rust
90 points, 49 comments on Hacker News
GitHub Is Down
55 points, 11 comments on Hacker News
Sierra Raises $950M at $15B Valuation
64 points, 90 comments on Hacker News
Alberta voter list leak is a potential public safety disaster
6 points, 5 comments on Hacker News
Does Employment Slow Cognitive Decline? Evidence from Labor Market Shocks
160 points, 149 comments on Hacker News
Dithering with CSS
12 points, 6 comments on Hacker News
1966 Ford Mustang Converted into a Tesla with Working 'Full Self-Driving'
83 points, 65 comments on Hacker News
I tracked 7,700 UK petrol stations every 10 minutes for 3 months
10 points, 5 comments on Hacker News
Removable batteries in smartphones will be mandatory in the EU starting in 2027
153 points, 120 comments on Hacker News
Register now for OpenClaw: After Hours @ GitHub
OpenClaw builders will gather at GitHub HQ during Microsoft Build 2026 for demos and conversations. Join in person, or watch the livestream on Twitch. The post Register now for OpenClaw: After Hours @ GitHub appeared first on The GitHub Blog.
Pomiferous: The most extensive apples (pommes) database
7 points, 3 comments on Hacker News
Cloudflare Processes 10M+ Daily Insights with New Security Overview Dashboard
Cloudflare has launched a Security Overview dashboard that consolidates security signals into prioritized action items. It surfaces millions of daily insights, helping teams identify and remediate critical risks faster. Built on distributed checkers and real-time event processing, it integrates analytics workflows to reduce investigation overhead and improve response efficiency. By Leela Kumili
Async Rust never left the MVP state
Comments
Redis array: short story of a long development process
66 points, 11 comments on Hacker News
⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and scaling
How Monero's proof of work works
66 points, 37 comments on Hacker News
Indian matchbox labels as a visual archive
99 points, 26 comments on Hacker News
oops, cubic macro
Comments
Someone allegedly used a hairdryer to rig Polymarket weather bets
88 points, 44 comments on Hacker News
Gap between national food production and food-based dietary guidance (2025)
60 points, 39 comments on Hacker News
PyInfra 3.8.0 Is Out
134 points, 45 comments on Hacker News
Newton's law of gravity passes its biggest test
69 points, 33 comments on Hacker News
Presentation: The Human Scalability Problem: Why Your Teams Don’t Scale Like Your Code
Charlotte de Jong Schouwenburg discusses the "human bottlenecks" of hyper-growth. While systems scale, human cooperation often breaks down due to communication overload and lost context. She shares proven tools for behavioral scalability - including communication architecture and "engineering trust" - to help leaders maintain high-performing, autonomous teams without sacrificing speed or culture. By Charlotte de Jong Schouwenburg
DAG Workflow Engine
13 points, 7 comments on Hacker News
How LLMs Distort Our Written Language
Comments
2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When asked, the young man shared his motivation for the hack: he wanted to buy Pokémon cards. In a sense, this is a fairly conventional story.
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities. "Both waves followed a nearly identical
the tragedy of gethostbyname (2022)
Comments
Talking to 35 Strangers at the Gym
552 points, 266 comments on Hacker News
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles