Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
MeshCore development team splits over trademark dispute and AI-generated code
42 points, 19 comments on Hacker News
The route from Prussian military headquarters to Gary Gygax’s basement
16 points, 0 comments on Hacker News
My phone replaced a brass plug
Article URL: https://drobinin.com/posts/my-phone-replaced-a-brass-plug/ Comments URL: https://news.ycombinator.com/item?id=47877715 Points: 68 # Comments: 11
Serving the For You Feed
Comments
Incident with Multple GitHub Services
97 points, 53 comments on Hacker News
If America's so rich, how'd it get so sad?
190 points, 357 comments on Hacker News
French government agency confirms breach as hacker offers to sell data
282 points, 100 comments on Hacker News
I spent 6 years building my Kanban as I hated how managers run the boards
45 points, 41 comments on Hacker News
To Protect and Swerve: NYPD Cop Has 547 Speeding Tickets
160 points, 108 comments on Hacker News
Show HN: Turning a Gaussian Splat into a videogame
51 points, 10 comments on Hacker News
Bitwarden CLI compromised in ongoing Checkmarx supply chain campaign
407 points, 193 comments on Hacker News
UK Biobank health data keeps ending up on GitHub
58 points, 15 comments on Hacker News
Flipdiscs
110 points, 21 comments on Hacker News
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from JFrog and Socket. "The affected package version appears to be @bitwarden/[email protected], and the malicious code was published in 'bw1.js,' a file included in the package contents," the application security company said. "The attack appears to have leveraged
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the systems behind apps is easier than breaking the apps themselves. The exploits are simple but still work
I spent years trying to make CSS states predictable
7 points, 0 comments on Hacker News
Raylib v6.0
Article URL: https://github.com/raysan5/raylib/releases/tag/6.0 Comments URL: https://news.ycombinator.com/item?id=47874854 Points: 166 # Comments: 25
Surveillance vendors caught abusing access to telcos to track people's locations
Article URL: https://techcrunch.com/2026/04/23/surveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say/ Comments URL: https://news.ycombinator.com/item?id=47874814 Points: 28 # Comments: 3
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We call this the Collapsing Exploit Window, and it means your
Jiga (YC W21) Is Hiring
Article URL: https://jiga.io/about-us/ Comments URL: https://news.ycombinator.com/item?id=47874734 Points: 0 # Comments: 0
Show HN: Honker – Postgres NOTIFY/LISTEN Semantics for SQLite
Article URL: https://github.com/russellromney/honker Comments URL: https://news.ycombinator.com/item?id=47874647 Points: 22 # Comments: 3
Sneaky spam in conversational replies to blog posts
Article URL: https://shkspr.mobi/blog/2026/04/sneaky-spam-in-conversational-replies-to-blog-posts/ Comments URL: https://news.ycombinator.com/item?id=47874631 Points: 17 # Comments: 1
Single-pass palette refinement and ordered dithering
Comments
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of others to find and patch bugs before adversaries can. Mythos Preview, the model that led to Project Glasswing, found
Introducing GPT-5.5
Introducing GPT-5.5, our smartest model yet—faster, more capable, and built for complex tasks like coding, research, and data analysis across tools.
GPT-5.5 System Card
Who even uses jemalloc in 2026 anyway? (many major projects)
Comments
Show HN: Built a daily game where you sort historical events chronologically
Article URL: https://hisorty.app/ Comments URL: https://news.ycombinator.com/item?id=47873966 Points: 11 # Comments: 8
How to get started with Codex
Learn how to get started with Codex by setting up projects, creating threads, and completing your first tasks with step-by-step guidance.
What is Codex?
Learn how Codex helps you go beyond chat by automating tasks, connecting tools, and producing real outputs like docs and dashboards.
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles