Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension. The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its developers' systems was hacked in the
Aggressive AI scrapers are making it kinda suck to run wikis
Comments
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure. The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score of 6.5 out of 10.0, per CVE.org. Drupal said the vulnerability resides in a database abstraction API that is
Twelve Ways to Be Wrong About AI-Assisted Coding
Comments
OpenAI to confidentially file for IPO as soon as Friday
Article URL: https://www.cnbc.com/2026/05/20/openai-ipo-filing.html Comments URL: https://news.ycombinator.com/item?id=48217052 Points: 28 # Comments: 0
Haskell Foundation 2026 Update
Article URL: https://discourse.haskell.org/t/haskell-foundation-2026-update/14136 Comments URL: https://news.ycombinator.com/item?id=48216983 Points: 17 # Comments: 3
What is Demand Coop and why tech workers should join one
Article URL: https://cahootzcoops.com/blog/what-is-a-demand-coop Comments URL: https://news.ycombinator.com/item?id=48216619 Points: 40 # Comments: 41
The Mislabeled Bricks of Utopia
Comments
Intuit to lay off over 3k employees to refocus on AI
Article URL: https://techcrunch.com/2026/05/20/intuit-to-lay-off-over-3000-employees-to-refocus-on-ai/ Comments URL: https://news.ycombinator.com/item?id=48216278 Points: 82 # Comments: 48
LAN-LOK: The Antarctic DOS Sabotage Game Lost for 34 Years
17 points, 0 comments on Hacker News
The Letter S, by Donald Knuth (1980) [pdf]
Article URL: https://gwern.net/doc/design/typography/1980-knuth.pdf Comments URL: https://news.ycombinator.com/item?id=48216016 Points: 71 # Comments: 7
Show HN: I reverse engineered Apple's video wallpapers
Ever since Apple introduced their video wallpapers I wanted to be able to put custom videos there. I decided to reverse engineer and see what I can do. I built Phosphene to sell it, but the existing competitors were polished enough that the time it would have taken to catch up wasn't going to pay off. So I'm open-sourcing it. WallpaperExtensionKit.framework is what powers macOS wallpapers. It controls what’s shows in the Settings app. It took a lot of trial and error to replicate the behavior, but the result is that your custom wallpapers appear alongside everything else. I wanted to have an “add” button there too, but I couldn’t find a way to do so, so there’s a companion app that will put your video where it needs to be. Unlike Apple's Aerials, the video keeps playing on the desktop (not just the lock screen). The renderer drives AVSampleBufferDisplayLayer directly with PTS-offset gapless looping, and pauses or downshifts based on thermal state, battery level, brightness, and window
DOS Zone
Article URL: https://dos.zone/ Comments URL: https://news.ycombinator.com/item?id=48215418 Points: 134 # Comments: 27
Starship's Twelfth Flight Test
13 points, 1 comments on Hacker News
Google Declaring War on the Web
43 points, 7 comments on Hacker News
Show HN: CPU-only transcription for YouTube, TikTok, X, Instagram videos
Article URL: https://github.com/kouhxp/yapsnap Comments URL: https://news.ycombinator.com/item?id=48214399 Points: 40 # Comments: 14
My two-part desk setup (2025)
152 points, 100 comments on Hacker News
PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play
18 points, 1 comments on Hacker News
Investigating unauthorized access to GitHub’s internal repositories
If any impact is discovered, customers will be notified via established incident response and notification channels. The post Investigating unauthorized access to GitHub’s internal repositories appeared first on The GitHub Blog.
What is the history of the ERROR_ARENA_TRASHED error code?
32 points, 9 comments on Hacker News
Anthropic is expanding to Colossus2. Will use GB200
https://xcancel.com/nottombrown/status/2057194829986300375 Comments URL: https://news.ycombinator.com/item?id=48214017 Points: 201 # Comments: 183
SpaceX S-1
Article URL: https://www.sec.gov/Archives/edgar/data/1181412/000162828026036936/spaceexplorationtechnologi.htm Comments URL: https://news.ycombinator.com/item?id=48213933 Points: 68 # Comments: 34
Chromium publishes fixed exploit 4 years later, turns out it's actually unfixed
Comments
Colorado Amended SB051 (Age Verification Bill) to Exclude Open Source Projects
Article URL: https://legiscan.com/CO/bill/SB051/2026 Comments URL: https://news.ycombinator.com/item?id=48213651 Points: 5 # Comments: 1
A Wayland Compositor in Minecraft
23 points, 3 comments on Hacker News
Why does the arrow (->) operator in C exist?
Comments
Not alive, but not dead: disembodied human brains used for drug testing
72 points, 48 comments on Hacker News
XSS Is Deadly for Passkeys: The Hidden Risk of Attestation None
Comments
An OpenAI model has disproved a central conjecture in discrete geometry
470 points, 304 comments on Hacker News
Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333)
Comments
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles