Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Saying goodbye to Agile
Article URL: https://lewiscampbell.tech/blog/260414.html Comments URL: https://news.ycombinator.com/item?id=47774781 Points: 99 # Comments: 83
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that's specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. "The progressive use of AI accelerates defenders – those responsible for keeping systems, data, and users safe – enabling them to find and fix problems
I don't care that it's X times faster
Comments
Understanding the FFT Algorithm (2013)
15 points, 2 comments on Hacker News
Not all elementary functions can be expressed with exp-minus-log
Article URL: https://www.stylewarning.com/posts/not-all-elementary/ Comments URL: https://news.ycombinator.com/item?id=47773788 Points: 62 # Comments: 35
Don't feel like exercising? Maybe it's the wrong time of day for you
Article URL: https://www.bbc.com/news/articles/cd6lzpxwx50o Comments URL: https://news.ycombinator.com/item?id=47773168 Points: 48 # Comments: 26
CadQuery is an open-source Python library for building 3D CAD models
106 points, 18 comments on Hacker News
TruffleRuby 34: full Ruby 3.4 compatibility, up to 23% faster parsing, and a new Prism-based Ripper with 20x speedups
Comments
Fuck the cloud (2009)
Article URL: https://ascii.textfiles.com/archives/1717 Comments URL: https://news.ycombinator.com/item?id=47772048 Points: 60 # Comments: 30
Stop Flock
Article URL: https://stopflock.com Comments URL: https://news.ycombinator.com/item?id=47772012 Points: 570 # Comments: 144
Patch Tuesday, April 2026 Edition
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.
Free, fast diagnostic tools for DNS, email authentication, and network security
Article URL: https://mrdns.com/ Comments URL: https://news.ycombinator.com/item?id=47771220 Points: 17 # Comments: 0
Trusted access for the next era of cyber defense
Article URL: https://openai.com/index/scaling-trusted-access-for-cyber-defense/ Comments URL: https://news.ycombinator.com/item?id=47770770 Points: 52 # Comments: 42
Gas Town: From Clown Show to v1.0
Article URL: https://steve-yegge.medium.com/gas-town-from-clown-show-to-v1-0-c239d9a407ec Comments URL: https://news.ycombinator.com/item?id=47770124 Points: 70 # Comments: 110
Tell HN: Fiverr left customer files public and searchable
Fiverr (gig work/task platform, competitor to Upwork) uses a service called Cloudinary to process PDF/images in messaging, including work products from the worker to client. Besides the PDF processing value add, Cloudinary effectively acts like S3 here, serving assets directly to the web client. Like S3, it has support for signed/expiring URLs. However, Fiverr opted to use public URLs, not signed ones, for sensitive client-worker communication. Moreover, it seems like they may be serving public HTML somewhere that links to these files. As a result, hundreds are in Google search results, many containing PII. Example query: site:fiverr-res.cloudinary.com form 1040 In fact, Fiverr actively buys Google Ads for keywords like "form 1234 filing" despite knowing that it does not adequately secure the resulting work product, causing the preparer to violate the GLBA/FTC Safeguards Rule. Responsible Disclosure Note -- 40 days have passed since this was notified to the designated vulnerability ema
Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game
Learn to find and exploit real-world agentic AI vulnerabilities through five progressive challenges in this free, open source game that over 10,000 developers have already used to sharpen their security skills. The post Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game appeared first on The GitHub Blog.
40% of lost calories globally are from beef, needing 33 cal of feed per 1 cal
21 points, 12 comments on Hacker News
Cybersecurity looks like proof of work now
199 points, 82 comments on Hacker News
I wrote to Flock's privacy contact to opt out of their domestic spying program
109 points, 36 comments on Hacker News
OpenSSL 4.0.0
43 points, 4 comments on Hacker News
Show HN: Plain – The full-stack Python framework designed for humans and agents
Article URL: https://github.com/dropseed/plain Comments URL: https://news.ycombinator.com/item?id=47768750 Points: 57 # Comments: 22
Object oriented programming in Ada
Comments
It's NOT OK to compare floating-points using epsilons
Comments
Turn your best AI prompts into one-click tools in Chrome
11 points, 3 comments on Hacker News
Modifying FileZilla to Workaround Bambu 3D Printer's FTP Issue
19 points, 10 comments on Hacker News
Spain to expand internet blocks to tennis, golf, movies broadcasting times
207 points, 175 comments on Hacker News
Claude Code Routines
122 points, 75 comments on Hacker News
KeePassχ - a KeePassXC fork
Comments
jemalloc 5.3.1 released
Comments
Show HN: Kelet – Root Cause Analysis agent for your LLM apps
30 points, 11 comments on Hacker News
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles