Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Claude Opus 4.7
948 points, 737 comments on Hacker News
A time travel debugger for WebAssembly
Comments
Game Devs Explain the Tricks Involved with Letting You Pause a Game
3 points, 0 comments on Hacker News
Building the foundation for running extra-large language models
We built a custom technology stack to run fast large language models on Cloudflare’s infrastructure. This post explores the engineering trade-offs and technical optimizations required to make high-performance AI inference accessible.
Qwen3.6-35B-A3B: Agentic coding power, now open to all
618 points, 296 comments on Hacker News
The future of everything is lies, I guess: Where do we go from here?
328 points, 313 comments on Hacker News
Cloudflare Email Service
317 points, 136 comments on Hacker News
Cloudflare's AI Platform: an inference layer designed for agents
154 points, 35 comments on Hacker News
Show HN: MacMind – A transformer neural network in HyperCard on a 1989 Macintosh
77 points, 17 comments on Hacker News
Compiling to Java as a target language
Comments
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enough supply chain drama to fill a season of television nobody asked for. Not
Artifacts: Versioned storage that speaks Git
69 points, 4 comments on Hacker News
Mozilla Thunderbolt
Article URL: https://www.thunderbolt.io/ Comments URL: https://news.ycombinator.com/item?id=47792368 Points: 272 # Comments: 234
Deploy Postgres and MySQL databases with PlanetScale + Workers
Learn how to deploy PlanetScale Postgres and MySQL databases via Cloudflare and connect Cloudflare Workers.
AI Search: the search primitive for your agents
AI Search is the search primitive for your agents. Create instances dynamically, upload files, and search across instances with hybrid retrieval and relevance boosting. Just create a search instance, upload, and search.
Many-Step Sequences in Go
Comments
€54k spike in 13h from unrestricted Firebase browser key accessing Gemini APIs
Article URL: https://discuss.ai.google.dev/t/unexpected-54k-billing-spike-in-13-hours-firebase-browser-key-without-api-restrictions-used-for-gemini-requests/140262 Comments URL: https://news.ycombinator.com/item?id=47791871 Points: 55 # Comments: 23
Updating Gun Rocket through 10 years of Unity Engine
63 points, 20 comments on Hacker News
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI agent connections, andOAuth grants. When projects end or employees leave, most
Study: EVs with V2H cut household electricity costs and need for home batteries
Article URL: https://adelaide.edu.au/about/news/2026/electric-vehicles-the-key-to-more-efficient-home-energy-use/ Comments URL: https://news.ycombinator.com/item?id=47791665 Points: 6 # Comments: 0
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO)
The noise we make is hurting animals. Can we learn to shut up?
Article URL: https://www.technologyreview.com/2026/04/16/1135179/anthropogenic-noise-hurting-animals/ Comments URL: https://news.ycombinator.com/item?id=47791507 Points: 26 # Comments: 21
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage
Ancient DNA reveals pervasive directional selection across West Eurasia [pdf]
Article URL: https://reich.hms.harvard.edu/sites/reich.hms.harvard.edu/files/inline-files/2026_Akbari_Nature_selection_0.pdf Comments URL: https://news.ycombinator.com/item?id=47791282 Points: 25 # Comments: 5
AI cybersecurity is not proof of work
155 points, 68 comments on Hacker News
Codex Hacked a Samsung TV
Article URL: https://blog.calif.io/p/codex-hacked-a-samsung-tv Comments URL: https://news.ycombinator.com/item?id=47791212 Points: 63 # Comments: 44
KDE Gear 26.04
Comments
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security Intelligence Brief. Download now → The "First-Hop Bias" Blind Spot Most&
The age of snarky UI
Comments
Codex for (almost) everything
The updated Codex app for macOS and Windows adds computer use, in-app browsing, image generation, memory, and plugins to accelerate developer workflows.
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles