Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Battle for Wesnoth: open-source, turn-based strategy game
Article URL: https://www.wesnoth.org Comments URL: https://news.ycombinator.com/item?id=47664186 Points: 56 # Comments: 10
Show HN: Moon simulator game, ray-casting
35 points, 10 comments on Hacker News
Launch HN: Freestyle – Sandboxes for Coding Agents
195 points, 111 comments on Hacker News
Launch HN: Freestyle: Sandboxes for AI Coding Agents
We’re Ben and Jacob, cofounders of Freestyle (https://freestyle.sh). We’re building a cloud for Coding Agents. For the first generation of agents it looked like workflows with minimal tools. 2 years ago we published a package to let AI work in SQL, at that time GPT-4 could write simple scripts. Soon after the first AI App Builders started using AI to make whole websites; we supported that with a serverless deploy system. But the current generation is going much further, instead of minimal tools and basic serverless apps AI can utilize the full power of a computer (“sandbox”). We’re building sandboxes that are interchangeable with EC2s from your agents perspective, with bonus features: 1. We’ve figured out how to fork a sandbox horizontally without more than a 400ms pause in it. That's not forking the filesystem, we mean forking the whole memory of it. If you’re half way down a browser page with animations running, they’ll be in the same place in all the forks. If you’re running a mine
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organizations in South Korea. The attack chain, per Fortinet FortiGuard Labs, involves obfuscated Windows shortcut (LNK) files acting as the starting point to drop a decoy PDF
Someone good at CSS help, my website design is dying
Comments
Show HN: GovAuctions lets you browse government auctions at once
I've long been into finding deals on government auction sites (seizures, surplus sales etc.) - right now for example San Diego DHS is selling 26 tons of lead shot, with bidding starting at $1,000 ¯\_(ツ)_/¯ It has historically been extremely tedious though: scanning dozens of janky sites which have interminable page loading times; back buttons take you all the way back to the homepage etc. The site I built - GovAuctions - lets you search every government surplus auction at once. You can filter by location, category, and price, save items to a watchlist, and get alerts when new auctions match what you're looking for. Let me know what you think, if you have any suggestions, and if you find any deals in your area! Comments URL: https://news.ycombinator.com/item?id=47662945 Points: 33 # Comments: 16
What are you doing this week?
What are you doing this week? Feel free to share! Keep in mind it’s OK to do nothing at all, too.
81yo Dodgers fan can no longer get tickets because he doesn't have a smartphone
Article URL: https://twitter.com/Suzierizzo1/status/2040864617467924865 Comments URL: https://news.ycombinator.com/item?id=47662857 Points: 225 # Comments: 209
Reducto releases Deep Extract
Article URL: https://reducto.ai/blog/reducto-deep-extract-agent Comments URL: https://news.ycombinator.com/item?id=47662833 Points: 24 # Comments: 3
Sc-im: Spreadsheets in your terminal
Article URL: https://github.com/andmarti1424/sc-im Comments URL: https://news.ycombinator.com/item?id=47662658 Points: 71 # Comments: 20
AI singer now occupies eleven spots on iTunes singles chart
89 points, 95 comments on Hacker News
A cryptography engineer's perspective on quantum computing timelines
Article URL: https://words.filippo.io/crqc-timeline/ Comments URL: https://news.ycombinator.com/item?id=47662234 Points: 111 # Comments: 36
Doing Impressions: Monet's Early Caricatures (ca. late 1850s)
30 points, 1 comments on Hacker News
I won't download your app. The web version is a-ok
Article URL: https://www.0xsid.com/blog/wont-download-your-app Comments URL: https://news.ycombinator.com/item?id=47661439 Points: 652 # Comments: 356
What Does It Mean to "Write Like You Talk"?
9 points, 1 comments on Hacker News
I Tried Vibing an RSS Reader and My Dreams Did Not Come True
Comments
Claude Code is unusable for complex engineering tasks with the Feb updates
Article URL: https://github.com/anthropics/claude-code/issues/42796 Comments URL: https://news.ycombinator.com/item?id=47660925 Points: 376 # Comments: 268
Will I ever own a zettaflop?
21 points, 6 comments on Hacker News
Book review: There is no antimemetics division
Article URL: https://www.stephendiehl.com/posts/no_antimimetics/ Comments URL: https://news.ycombinator.com/item?id=47660853 Points: 125 # Comments: 82
Using Discord on Plan 9
Comments
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move across Windows endpoints, executive MacBooks, Linux infrastructure, and mobile devices, taking advantage of the fact that many SOC workflows are still fragmented by platform. For security leaders, this creates a
PostHog (YC W20) Is Hiring
Comments URL: https://news.ycombinator.com/item?id=47660343 Points: 0 # Comments: 0
What being ripped off taught me
Article URL: https://belief.horse/notes/what-being-ripped-off-taught-me/ Comments URL: https://news.ycombinator.com/item?id=47660286 Points: 222 # Comments: 135
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there. One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New bugs, faster use, less time to react. That’s this week. Read&
Ask HN: How do systems (or people) detect when a text is written by an LLM
Hello guys, just curious about how can people or systems (computers) detect when a text was written by an LLM. My question is mainly focused to if there is some API or similar to detect if a text was written by an LLM. Thanks!!! Comments URL: https://news.ycombinator.com/item?id=47659807 Points: 4 # Comments: 0
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents. In March 2026, the TeamPCP threat actor proved just how valuable developer machines are. Their supply chain attack on
Tiny Corp's Exabox
Article URL: https://twitter.com/__tinygrad__/status/2040944508402360592 Comments URL: https://news.ycombinator.com/item?id=47659609 Points: 11 # Comments: 0
The Intelligence Failure in Iran
Article URL: https://www.theatlantic.com/national-security/2026/04/iran-war-intelligence-failure-trump/686694/ Comments URL: https://news.ycombinator.com/item?id=47659461 Points: 24 # Comments: 7
Is Germany's gold safe in New York ?
Article URL: https://www.dw.com/en/is-germanys-gold-safe-in-new-york/video-75766873 Comments URL: https://news.ycombinator.com/item?id=47659252 Points: 122 # Comments: 109
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles