Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Ultraviolet corona discharges on treetops
149 points, 40 comments on Hacker News
Qwen3.6-27B: Flagship-Level Coding in a 27B Dense Model
368 points, 205 comments on Hacker News
Cheating at Tetris
14 points, 2 comments on Hacker News
Making Rust Workers reliable: panic and abort recovery in wasm‑bindgen
Panics in Rust Workers were historically fatal, poisoning the entire instance. By collaborating upstream on the wasm‑bindgen project, Rust Workers now support resilient critical error recovery, including panic unwinding using WebAssembly Exception Handling.
Markdown (2004)
Comments
GitHub Actions for a Gleam monorepo
Comments
Columnar Storage Is Normalization
79 points, 29 comments on Hacker News
A 3D Body from Eight Questions – No Photo, No GPU
22 points, 3 comments on Hacker News
What Async Promised and What it Delivered
Comments
Our eighth generation TPUs: two chips for the agentic era
6 points, 0 comments on Hacker News
3.4M Solar Panels
41 points, 1 comments on Hacker News
GitHub CLI now collects pseudoanonymous telemetry
34 points, 8 comments on Hacker News
Kernel code removals driven by LLM-created security reports
3 points, 0 comments on Hacker News
AI as a Fascist Artifact
Comments
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper, the novel file wiper has been used in a destructive campaign targeting the energy and utilities sector in Venezuela, per findings from Kaspersky. "Two batch scripts are responsible for initiating the
Nobody Got Fired for Uber's $8M Ledger Mistake?
27 points, 8 comments on Hacker News
CATL's new LFP battery can charge from 10 to 98% in less than 7 minutes
32 points, 5 comments on Hacker News
Toxic Combinations: When Cross-App Permissions Stack into Risk
On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API keys shared between agents,
Introducing workspace agents in ChatGPT
Workspace agents in ChatGPT are Codex-powered agents that automate complex workflows, run in the cloud, and help teams scale work across tools securely.
Speeding up agentic workflows with WebSockets in the Responses API
A deep dive into the Codex agent loop, showing how WebSockets and connection-scoped caching reduced API overhead and improved model latency.
Workspace agents
Learn how to build, use, and scale workspace agents in ChatGPT to automate repeatable workflows, connect tools, and streamline team operations.
Windows 9x Subsystem for Linux
263 points, 63 comments on Hacker News
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw. "Improper verification of cryptographic
How the Heck Does GPS Work?
70 points, 14 comments on Hacker News
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than
The Free Universal Construction Kit
58 points, 10 comments on Hacker News
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. "Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal," according to
XOR'ing a register with itself is the idiom for zeroing it out. Why not sub?
68 points, 74 comments on Hacker News
wsl9x: Windows 9x subsystem for Linux
Comments
A Man Who Invented the Future
13 points, 4 comments on Hacker News
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles