Skip to main content
Live Feed

Engineering &
Security Wire

Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.

25
ENG
5
SEC
0
AI
6746
TOTAL
Thu, Apr 9, 2026
30
5941ENG

Running NixOS Micro VMs on MacOS

Comments

Lobstersabhinavsarkar.netApr 9
5942ENG

EFF is leaving X

436 points, 365 comments on Hacker News

Hacker Newseff.orgApr 9
5943ENG

Research-Driven Agents: What Happens When Your Agent Reads Before It Codes

21 points, 2 comments on Hacker News

Hacker Newsblog.skypilot.coApr 9
5944ENG

Unfolder for Mac – A 3D model unfolding tool for creating papercraft

Article URL: https://www.unfolder.app/ Comments URL: https://news.ycombinator.com/item?id=47706140 Points: 6 # Comments: 1

Hacker Newsunfolder.appApr 9
5945ENG

Little Snitch comes to Linux, but the core logic is closed source

Article URL: https://the.unknown-universe.co.uk/privacy-security/little-snitch-linux/ Comments URL: https://news.ycombinator.com/item?id=47705834 Points: 6 # Comments: 1

Hacker Newsthe.unknown-universe.co.ukApr 9
5946SEC

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and

The Hacker News (Security)thehackernews.comApr 9
5947ENG

Show HN: I built a Cargo-like build tool for C/C++

54 points, 50 comments on Hacker News

Hacker Newsgithub.comApr 9
5948ENG

The Vercel plugin on Claude Code wants to read your prompts

218 points, 78 comments on Hacker News

Hacker Newsakshaychugh.xyzApr 9
5949ENG

How NASA Built Artemis II’s Fault-Tolerant Computer

35 points, 4 comments on Hacker News

Hacker Newscacm.acm.orgApr 9
5950ENG

The M×N problem of tool calling and open-source models

24 points, 6 comments on Hacker News

Hacker Newsthetypicalset.comApr 9
5951ENG

Wastrel milestone: full hoot support, with generational gc as a treat

Comments

Lobsterswingolog.orgApr 9
5952ENG

I made a productivity device for less than 50 bucks

Comments

Lobstersthelibre.newsApr 9
5953ENG

Meta removes ads for social media addiction litigation

416 points, 172 comments on Hacker News

Hacker Newsaxios.comApr 9
5954SEC

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in

The Hacker News (Security)thehackernews.comApr 9
5955ENG

You can absolutely have an RSS dependent website in 2026

Comments

Lobstersmatduggan.comApr 9
5956ENG

Session is shutting down in 90 days

Article URL: https://getsession.org/donate Comments URL: https://news.ycombinator.com/item?id=47703065 Points: 118 # Comments: 137

Hacker Newsgetsession.orgApr 9
5957ENG

How Passive Radar Works

24 points, 6 comments on Hacker News

Hacker Newspassiveradar.comApr 9
5958ENG

Most people can't juggle one ball

37 points, 11 comments on Hacker News

Hacker Newslesswrong.comApr 9
5959ENG

Launch HN: Relvy (YC F24) – On-call runbooks, automated

Hey HN! We are Bharath, and Simranjit from Relvy AI (https://www.relvy.ai). Relvy automates on-call runbooks for software engineering teams. It is an AI agent equipped with tools that can analyze telemetry data and code at scale, helping teams debug and resolve production issues in minutes. Here’s a video: [[[https://www.youtube.com/watch?v=BXr4_XlWXc0]]] A lot of teams are using AI in some form to reduce their on-call burden. You may be pasting logs into Cursor, or using Claude Code with Datadog’s MCP server to help debug. What we’ve seen is that autonomous root cause analysis is a hard problem for AI. This shows up in benchmarks - Claude Opus 4.6 is currently at 36% accuracy on the OpenRCA dataset, in contrast to coding tasks. There are three main reasons for this: (1) Telemetry data volume can drown the model in noise; (2) Data interpretation / reasoning is enterprise context dependent; (3) On-call is a time-constrained, high-stakes problem, with little room for AI to explore during

Hacker Newsrelvy.aiApr 9
5960ENG

Let’s talk about LLMs

Comments

Lobstersb-list.orgApr 9
5961ENG

A WebGPU implementation of Augmented Vertex Block Descent

95 points, 9 comments on Hacker News

Hacker Newsgithub.comApr 9
5962ENG

Lichess and Take Take Take Sign Cooperation Agreement

141 points, 31 comments on Hacker News

Hacker Newslichess.orgApr 9
5963ENG

But what about K?

Comments

Lobsterstony-zorman.comApr 9
5964SEC

The Hidden Security Risks of Shadow AI in Enterprises

As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and creating new blind spots in what is known as shadow AI. While similar to the phenomenon of

The Hacker News (Security)thehackernews.comApr 9
5965ENG

TIL that Helix and Typst are a match made in heaven

Comments

Lobstersergaster.orgApr 9
5966ENG

Show HN: CSS Studio. Design by hand, code by agent

Hi HN! I've just released CSS Studio, a design tool that lives on your site, runs on your browser, sends updates to your existing AI agent, which edits any codebase. You can actually play around with the latest version directly on the site. Technically, the way this works is you view your site in dev mode and start editing it. In your agent, you can run /studio which then polls (or uses Claude Channels) an MCP server. Changes are streamed as JSON via the MCP, along with some viewport and URL information, and the skill has some instructions on how best to implement them. It contains a lot of the tools you'd expect from a visual editing tool, like text editing, styles and an animation timeline editor. Comments URL: https://news.ycombinator.com/item?id=47702196 Points: 21 # Comments: 14

Hacker Newscssstudio.aiApr 9
5967SEC

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact ("Invoice540.pdf") first appeared on the VirusTotal platform on November 28, 2025. A second

The Hacker News (Security)thehackernews.comApr 9
5968ENG

Embedding EYG in Gleam programs

Comments

Lobstersgithub.comApr 9
5969SEC

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX. Two of the targets included prominent Egyptian journalists and government critics, Mostafa

The Hacker News (Security)thehackernews.comApr 9
5970ENG

The Bra-and-Girdle Maker That Fashioned the Impossible for NASA

20 points, 1 comments on Hacker News

Hacker Newsthereader.mitpress.mit.eduApr 9

Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles