Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
AEPs: API Enhancement Proposals
10 points, 4 comments on Hacker News
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria. "TrickMo relies on a runtime-loaded APK (dex.module),
UnDUNE II
Article URL: https://liquidream.itch.io/undune2 Comments URL: https://news.ycombinator.com/item?id=48107404 Points: 90 # Comments: 16
Any app on recent Android versions can leak certain traffic
Comments
Text Blaze (YC W21) Is Hiring for a No-AI Summer Internship
Article URL: https://www.ycombinator.com/companies/text-blaze/jobs/P4CCN62-the-blaze-no-ai-summer-internship Comments URL: https://news.ycombinator.com/item?id=48107024 Points: 0 # Comments: 0
GitHub Expands Secret Scanning with General Availability of MCP Server Integration
GitHub has announced the general availability of secret scanning support through its MCP Server, extending automated credential detection and remediation capabilities into AI-assisted and agent-driven development workflows. By Craig Risi
Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help
Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ones no one is investigating. A recent report from The Hacker News examined why certain high-risk alert categories - WAF, DLP, OT/IoT, dark web intelligence, and supply chain signals- consistently
AdonisJS v7 Ships End-to-End Type Safety, Reworked Starter Kits and Zero-Config OpenTelemetry
AdonisJS version 7 introduces end-to-end type safety and reworked starter kits, alongside improved documentation. The release includes 45+ updated packages and three new ones for OpenTelemetry, typed content. It requires Node.js 24, allowing the use of native APIs. The framework emphasizes a convention-over-configuration approach while offering tools for routing, ORM, and authentication. By Daniel Curtis
EU to crack down on TikTok, Instagram's 'addictive design' targeting kids
Article URL: https://www.cnbc.com/2026/05/12/tiktok-instagram-social-media-addictive-eu-crack-down.html Comments URL: https://news.ycombinator.com/item?id=48106534 Points: 348 # Comments: 289
Unison In Anger
Comments
Coursera and Udemy are now one company
Article URL: https://blog.coursera.org/coursera-and-udemy-are-now-one-company-creating-the-worlds-most-comprehensive-skills-platform/ Comments URL: https://news.ycombinator.com/item?id=48106367 Points: 130 # Comments: 55
Why Agentic AI Is Security's Next Blind Spot
Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow it, restrict it, or monitor it? However, that framing misses the point. The more urgent
Learning Software Architecture
Article URL: https://matklad.github.io/2026/05/12/software-architecture.html Comments URL: https://news.ycombinator.com/item?id=48106024 Points: 17 # Comments: 0
A Technical Guide to Compiling Emacs for Performance on Linux and Unix systems
Comments
Article: Time-Series Storage: Design Choices That Shape Cost and Performance
Every time-series database makes a set of storage design decisions: how to lay out rows, when to compress, what to partition on. These decisions determine cost and query performance more than the choice of database itself. This article works through those fundamentals from first principles, using widely available tools like PostgreSQL and Apache Parquet to make each trade-off measurable. By Nirmesh Khandelwal
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been modified to include an obfuscated JavaScript file ("router_init.js") that's designed to profile the execution
Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution
Two recent Linux kernel vulnerabilities have been disclosed: Copy Fail (CVE-2026-31431) on April 29, 2026, and Dirty Frag (CVE-2026-43284 and CVE-2026-43500) on May 7, 2026. Both allow local users to gain root access, affecting multiple Linux distributions. These vulnerabilities exploit flaws in the page cache via different subsystems, necessitating immediate patching by affected organizations. By Matt Saunders
The Problem of Pedagogy in Advanced Mathematics
Comments
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an update shared on Monday, the Utah-based firm said it "reached an agreement with the unauthorized actor involved in
Toxicity on Social Media – The Noisy Room
Article URL: https://thenoisyroom.com Comments URL: https://news.ycombinator.com/item?id=48105297 Points: 7 # Comments: 1
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. "Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across
CSS & vertical rhythm for text, images, and tables
Comments
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a "cross-industry effort" to replace traditional SMS with a more secure alternative. To that end, E2EE RCS messaging is rolling out to iPhone users running iOS 26.5 with supported carriers and Android users on the latest version of Google Messages.
Screenshots of Old Desktop OSes
Article URL: http://www.typewritten.org/Media/ Comments URL: https://news.ycombinator.com/item?id=48104428 Points: 176 # Comments: 48
Extremely Low Frequencies
Article URL: https://computer.rip/2026-05-09-extremely-low-frequencies.html Comments URL: https://news.ycombinator.com/item?id=48104041 Points: 76 # Comments: 2
Popular Go library fsnotify raises supply chain alarms after maintainer access changes
Comments
Extraordinary Ordinals
Comments
Software Internals Book Club
18 points, 1 comments on Hacker News
Fake building: Claude wrote 3k lines instead of import pywikibot
36 points, 18 comments on Hacker News
Claude Platform on AWS
57 points, 29 comments on Hacker News
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles