Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
HAL by any other name
Comments
Presentation: AI-Powered SRE for Autonomous Incident Response
The presenters discuss incident response, how AI-enhanced SRE platforms connect signals from logs, metrics, traces, and historical incidents to enable autonomous decisions. By Rohit Dhawan, Pavan Madduri, Alina Astapovich, Goutham Rao, Renato Losio
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use of the
GitHub Actions is the weakest link
Comments
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast. Anthropic’s new model, Claude Mythos, and its Project Glasswing, showed that finding exploitable vulnerabilities and subtle cracks
FOSDEM 2026 - All FOSDEM 2026 videos are online
Comments
Presentation: Week-Long Outage: Lifelong Lessons
Molly Struve discusses a brutal six-day outage that nearly sank a company. She explains technical lessons like the importance of FMEAs, shadow traffic, and exercising rollback mechanisms. She shares why the human elements - widening your circle early and having a VP who acts as a defender - are what truly build psychological safety. By Molly Struve
The Social Edge of Intelligence: Individual Gain, Collective Loss
50 points, 50 comments on Hacker News
An Update on GitHub Availability
Article URL: https://github.blog/news-insights/company-news/an-update-on-github-availability/ Comments URL: https://news.ycombinator.com/item?id=47932422 Points: 131 # Comments: 129
jjj
Comments
Legare Kerrison and Cedric Clyburn on LLM Performance and Evaluations
Effectively measuring the performance of applications that are leveraging Large Language Models (LLM) is critical to the adoption of AI technologies in organizations. Legare Kerrison and Cedric Clyburn from RedHat team recently spoke at Arc of AI 2026 Conference about practical methods to evaluate and optimize LLM inference. By Srini Penchikala
GitHub Copilot code review will start consuming GitHub Actions minutes
174 points, 126 comments on Hacker News
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent's identity lifecycle operations in a
GTFOBins
7 points, 0 comments on Hacker News
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this
Vibe Coding Will Break Your Company
46 points, 30 comments on Hacker News
Donating to open source
Comments
LingBot-Map: Streaming 3D reconstruction with geometric context transformer
19 points, 1 comments on Hacker News
Consequences of passing too few register parameters to a C function
36 points, 19 comments on Hacker News
How I Broke the Anti-Bot Behind Nike, Kick, and Twitch
Comments
Show HN: AgentSwift – Open-source iOS builder agent
32 points, 7 comments on Hacker News
Why isn't AMD's MI300X competitive?
20 points, 12 comments on Hacker News
High Performance Git
92 points, 11 comments on Hacker News
Generative AI Vegetarianism
Article URL: https://sboots.ca/2026/03/11/generative-ai-vegetarianism/ Comments URL: https://news.ycombinator.com/item?id=47928885 Points: 4 # Comments: 1
OpenAI models, Codex, and Managed Agents come to AWS
OpenAI GPT models, Codex, and Managed Agents are now available on AWS, enabling enterprises to build secure AI in their AWS environments.
Our commitment to community safety
Learn how OpenAI protects community safety in ChatGPT through model safeguards, misuse detection, policy enforcement, and collaboration with safety experts.
To My Students
136 points, 32 comments on Hacker News
New Integrated by Design FreeBSD Book
40 points, 4 comments on Hacker News
Claude Pro: Opus model will only be available if extra usage is enabled
Article URL: https://support.claude.com/en/articles/11940350-claude-code-model-configuration Comments URL: https://news.ycombinator.com/item?id=47928088 Points: 29 # Comments: 11
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles