Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Atom Exhaustion Is Not a Footgun. It's One Third of Our CVEs
Comments
I think Anthropic and OpenAI have found product-market fit
Article URL: https://simonwillison.net/2026/May/27/product-market-fit/ Comments URL: https://news.ycombinator.com/item?id=48296794 Points: 491 # Comments: 589
DuckDuckGo search saw 28% more visits after Google said people love AI mode
Article URL: https://www.pcgamer.com/hardware/duckduckgos-ai-free-search-saw-nearly-28-percent-more-visits-in-the-week-following-googles-insistence-that-people-love-ai-mode/ Comments URL: https://news.ycombinator.com/item?id=48296649 Points: 537 # Comments: 272
Stress disrupts hippocampal integration of overlapping events, memory inference
Article URL: https://www.science.org/doi/10.1126/sciadv.aea5496?user_id=66c4bf745d78644b3aa57b08 Comments URL: https://news.ycombinator.com/item?id=48296622 Points: 50 # Comments: 5
MacSurf: NetSurf for Mac OS 9
Comments
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That's according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as well as mobile users in Brazil. The
Training our own AI models
Article URL: https://posthog.com/blog/training-ai-models Comments URL: https://news.ycombinator.com/item?id=48296359 Points: 176 # Comments: 122
A brief note about slot access cost in Common Lisp
Comments
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by Anthropic's Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. The
Last.fm is now independent
Article URL: https://support.last.fm/t/last-fm-is-now-independent/118591 Comments URL: https://news.ycombinator.com/item?id=48295892 Points: 39 # Comments: 2
Interview with Zig creator Andrew Kelley
Comments
Tech CEOs are apparently suffering from AI psychosis
471 points, 242 comments on Hacker News
Corporations can vote in some Delaware elections, judge says
Article URL: https://news.bloomberglaw.com/esg/corporations-have-the-right-to-vote-in-delaware-town-judge-says Comments URL: https://news.ycombinator.com/item?id=48295460 Points: 63 # Comments: 65
Declassified CIA Cartography Maps from the 1980s
Article URL: https://brilliantmaps.com/cia-maps-1980s/ Comments URL: https://news.ycombinator.com/item?id=48294831 Points: 32 # Comments: 14
Show HN: I made an emergency page for my family. You should too
I have a bad memory and can't memorize some important numbers, so I created this project. I've always been concerned about being without my phone (getting robbed - which is common in Brazil - running out of battery, having it break, etc.), so I decided to create a page that sends SMS messages (LLM-summarized) and emails with more detailed information such as geolocation, IP address, and the full message. It’s a simple page that allows sending one or more messages, with recipients being myself and other people - for example, in case I or they need help or need to communicate something important. The source code is available at https://github.com/skhaz/dokku/tree/main/apps/help Comments URL: https://news.ycombinator.com/item?id=48294791 Points: 4 # Comments: 2
The VibeSec Reckoning
Article URL: https://martinfowler.com/articles/vibesec-reckoning.html Comments URL: https://news.ycombinator.com/item?id=48294670 Points: 32 # Comments: 9
Evolving Webflow for the Agentic Web
Article URL: https://webflow.com/blog/evolving-webflow-for-the-agentic-web Comments URL: https://news.ycombinator.com/item?id=48294549 Points: 6 # Comments: 2
Italy region: +200% tax on datacenters built in green/agricultural areas
Article URL: https://en.ilsole24ore.com/art/lombardy-introduces-increased-charges-of-up-to-200-per-cent-for-data-centre-construction-in-green-and-agricultural-areas-AI6Jp4ID Comments URL: https://news.ycombinator.com/item?id=48294401 Points: 102 # Comments: 145
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work. Across most organizations today, employees are running three to five AI tools on any given day. Most were never reviewed by IT. A significant portion connects
Math-to-Manim
5 points, 0 comments on Hacker News
Incident with Pull Requests, Issues, Git Operations and API Requests
Article URL: https://www.githubstatus.com/incidents/xy1tt3hs572m Comments URL: https://news.ycombinator.com/item?id=48293080 Points: 167 # Comments: 135
XLIDE: VBA without excel
Article URL: https://github.com/WilliamSmithEdward/xlide_vscode Comments URL: https://news.ycombinator.com/item?id=48293014 Points: 42 # Comments: 9
Private Equity Bought America's Essential Services
Article URL: https://rubbishtalk.com/economy/how-private-equity-bought-americas-essential-services/ Comments URL: https://news.ycombinator.com/item?id=48292941 Points: 257 # Comments: 309
space-tree: Workspace Management Trees in Emacs
Comments
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since at least early 2025, GlassWorm operators have systematically targeted software developers, a
3 SOC Steps that Shut Down Incident Risks Early
Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulate risk long before anyone labels them an "incident." That changes the role of the SOC entirely. The
Atomically precise mechanosynthesis of carbon structures on hydrogenated Silicon
Article URL: https://arxiv.org/abs/2605.27250 Comments URL: https://news.ycombinator.com/item?id=48292560 Points: 9 # Comments: 0
Cisco and OpenAI redefine enterprise engineering with Codex
Cisco and OpenAI are redefining enterprise engineering with Codex, helping Cisco scale AI-native development, accelerate AI Defense work, and automate defect remediation.
I'm Tired of Talking to AI
Article URL: https://orchidfiles.com/im-tired-of-ai-generated-answers/ Comments URL: https://news.ycombinator.com/item?id=48292224 Points: 1273 # Comments: 651
Gitea Vulnerability Exposes Private Container Images without Authentication
Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials. The vulnerability, tracked as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea prior to 1.26.2
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles