Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
Microsoft Introduces MDASH for Large-Scale AI Vulnerability Research
Microsoft has introduced a new AI-driven vulnerability discovery system called MDASH, a multi-model agentic security platform designed to automate large-scale code auditing across Windows and other Microsoft software environments. The system combines more than 100 specialized AI agents that work together to scan, validate, debate, and prove vulnerabilities across complex codebases. By Robert Krzaczyński
Toshifumi Suzuki, founder of Seven-Eleven Japan, has died
59 points, 28 comments on Hacker News
Using AI to write better code more slowly
Comments
The Open/Closed Problem in AI
Comments
GitHub for Beginners: Getting started with Git and GitHub in VS Code
Discover how to use VS Code to interact with GitHub and maintain your projects. The post GitHub for Beginners: Getting started with Git and GitHub in VS Code appeared first on The GitHub Blog.
My new obsession: A horse-racing board game of pure luck
15 points, 6 comments on Hacker News
Launch HN: Chert (YC P26) – Twilio for iMessage
11 points, 21 comments on Hacker News
The Ask
28 points, 17 comments on Hacker News
A Simple Makefile Tutorial (2008)
Comments
Why Ctrl+V won't paste images in Claude Code on WSL, with a fix
26 points, 11 comments on Hacker News
Hive (YC S14) is hiring sr back-end developers (CA/US remote OK)
1 points, 0 comments on Hacker News
The Cost of Safetyism
Article URL: https://stevemagness.substack.com/p/the-cost-of-safetyism Comments URL: https://news.ycombinator.com/item?id=48267290 Points: 21 # Comments: 14
C extensions, portability, and alternative compilers
42 points, 5 comments on Hacker News
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should've patched years ago. Good times. Phishing crews are getting smarter too - less obvious scam junk, more targeted stuff that actually
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
104 points, 13 comments on Hacker News
2026 HIPAA Security Rule Update
48 points, 37 comments on Hacker News
The Most Unlikely School Bag
49 points, 16 comments on Hacker News
Pope Leo XIV says AI must serve humanity, not the powerful few
270 points, 114 comments on Hacker News
Pope Leo: opaque AI run by few firms risks "New Forms of Dehumanization"
118 points, 10 comments on Hacker News
Microsoft pulls plug on plans for 244-acre data center in Caledonia
52 points, 33 comments on Hacker News
Article: The Schema Proliferation Problem in Kafka and Flink Pipelines: How to Solve It
Schema proliferation builds slowly and gets expensive fast. One schema per event type feels right until there are ten tables, union queries spanning all of them, and a single field rename touching every schema. Discriminator-based schema consolidation collapses that to two tables, turning multi-table unions into a single query, while new variants are additive and don't break existing consumers. By Spoorthi Basu
Search engines alternatives now that Google isn't Google anymore
Article URL: https://techcrunch.com/2026/05/21/six-search-engines-worth-trying-now-that-google-isnt-really-google-anymore/ Comments URL: https://news.ycombinator.com/item?id=48266051 Points: 428 # Comments: 370
The social contract of writing
Comments
Leave Me Behind
197 points, 146 comments on Hacker News
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the
The Pack That Killed the Pack Mule
10 points, 3 comments on Hacker News
Host-Tuned GCC for Faster Compilation
Comments
Presentation: From Legacy to Sovereignty: Driving the Future of Insurance through Platform Engineering
Sergiu Petean discusses the strategic journey of evolving DevOps into platform engineering within heavily regulated enterprise environments. He explains how to maximize efficiency using dynamic reference architectures, align platform KPIs directly with board-level business goals, reduce cognitive load via custom team topologies, and maintain innovation sovereignty through open-source technology. By Sergiu Petean
Seeing Around Corners Using Smartphone-Grade Lidar
53 points, 12 comments on Hacker News
The Alert Firehose Finally Meets Its Match
Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positives. The old complaint lingers in part because reputations are sticky, and because NDR has evolved
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles