Engineering &
Security Wire
Curated from Hacker News, Lobsters, Krebs on Security, and other top sources. Updated every 6 hours.
TanStack NPM Packages Compromised
Article URL: https://github.com/TanStack/router/issues/7383 Comments URL: https://news.ycombinator.com/item?id=48100706 Points: 110 # Comments: 20
I let AI build a tool to help me figure out what was waking me up at night
Article URL: https://martin.sh/i-let-ai-build-a-tool-to-help-me-figure-out-what-was-waking-me-up-at-night/ Comments URL: https://news.ycombinator.com/item?id=48100662 Points: 31 # Comments: 24
Interaction Models
Article URL: https://thinkingmachines.ai/blog/interaction-models/ Comments URL: https://news.ycombinator.com/item?id=48100524 Points: 19 # Comments: 1
GitLab Announces Workforce Reduction and End of Their CREDIT Values
Article URL: https://about.gitlab.com/blog/gitlab-act-2/ Comments URL: https://news.ycombinator.com/item?id=48100500 Points: 76 # Comments: 17
If AI writes your code, why use Python?
263 points, 271 comments on Hacker News
Show HN: E2a – Open-source email gateway for AI agents
We were building an agent system and wanted email as a trigger. We decided to take it out and made it a standalone service. The primary email features we wanted and used for our own agent system: 1. Email threading stays consistent with agent conversation threading 2. Human in the loop review for outbound emails (especially during testing phase) 3. Quick onboarding/offboarding email addresses for agents within minutes 4. Websocket for local agents and at-least-once webhook delivery for Cloud agents Not yet: DMARC (only SPF/DKIM today), scoped API keys, HA/multi-region (single VM + single Postgres), app-layer email data encryption, compliance attestations (SOC 2/HIPAA). GitHub: https://github.com/Mnexa-AI/e2a Hosted: https://e2a.dev/ Appreciate any feedback / contributions. Comments URL: https://news.ycombinator.com/item?id=48100227 Points: 6 # Comments: 0
Show HN: OpenGravity – A zero-install, BYOK vanilla JS clone of Antigravity
Hi. I’m a high school student studying for my GCSEs. I was using Google Antigravity heavily for my side projects, but I kept hitting the usage limits, and getting random "agent terminated" errors. So I decided to try build my own version of the IDE. I love the UI, so I copied it as accurately as possible, and then hooked up some logic into it, including the INCREDIBLY finicky webcontainer api. I tried to keep it super lightweight, no build steps, or dependencies, and now that its open source, I'm hoping people can build things on top of it that arent possible with closed source tools, like complex custom agent workflows. Some screenshots: - https://github.com/ab-613/OpenGravity/blob/main/examples/scr... - https://github.com/ab-613/OpenGravity/blob/main/examples/htm... What it's made from: - Pure Vanilla JS: no react, vue, or build step. Built entirely in plain HTML/CSS/JS to keep it super lightweight. - WebContainer API and xterm.js: Instead of faking a terminal, I (after much pain) ho
Linux Terminal Memory Usage
Article URL: https://gilesorr.com/blog/linux-terminal-memory-usage.html Comments URL: https://news.ycombinator.com/item?id=48099790 Points: 22 # Comments: 20
The Tree House: A voyage to the source of a backyard dream
46 points, 4 comments on Hacker News
Red Hot Chili Peppers ink $300M deal with Warner Music to sell catalog
https://guitar.com/news/industry-news/red-hot-chili-peppers-... Comments URL: https://news.ycombinator.com/item?id=48099665 Points: 50 # Comments: 46
Library for fast mapping of Java records to native memory
Article URL: https://github.com/mamba-studio/TypedMemory Comments URL: https://news.ycombinator.com/item?id=48099616 Points: 75 # Comments: 21
Gram 2.0.0 released
Comments
An unusually practical update for EYG
Comments
Golden Testing a CAD Library
4 points, 0 comments on Hacker News
Fighting Hyrum's Law in LLVM
Comments
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously," the cybersecurity company said in a statement over the weekend. As of writing, Checkmarx has released
Can someone please explain whether Cloudflare blackmailed Canonical?
Article URL: https://www.flyingpenguin.com/can-someone-please-explain-whether-cloudflare-blackmailed-canonical/ Comments URL: https://news.ycombinator.com/item?id=48098537 Points: 182 # Comments: 91
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM) that could result in an authentication bypass and allow remote attackers to gain elevated control of the control
UCLA discovers first stroke rehabilitation drug to repair brain damage (2025)
Article URL: https://stemcell.ucla.edu/news/ucla-discovers-first-stroke-rehabilitation-drug-repair-brain-damage Comments URL: https://news.ycombinator.com/item?id=48098261 Points: 94 # Comments: 25
Bild AI (YC W25) Is Hiring Founding Product Engineers
Article URL: https://bild.ai/jobs Comments URL: https://news.ycombinator.com/item?id=48098122 Points: 0 # Comments: 0
Porting 3D Movie Maker to Linux
39 points, 8 comments on Hacker News
Coder Agents Enable Running AI Coding Workflows on Self-Hosted Infrastructure
Coder Agents is a model-agnostic platform designed to let organizations run AI coding agents on their own infrastructure, rather than relying on cloud-based services. This allows teams to maintain full control over code, data, and execution environments. By Sergio De Simone
"Respectful" YAML patching in Rust
Comments
Interfaze: A new model architecture built for high accuracy at scale
Article URL: https://interfaze.ai/blog/interfaze-a-new-model-architecture-built-for-high-accuracy-at-scale Comments URL: https://news.ycombinator.com/item?id=48097078 Points: 87 # Comments: 19
Chess puzzle I found in my dad's old book
34 points, 7 comments on Hacker News
GitHub for Beginners: Getting started with OSS contributions
Learn how to find opportunities to contribute to the open source community. The post GitHub for Beginners: Getting started with OSS contributions appeared first on The GitHub Blog.
CUDA-oxide: Nvidia's official Rust to CUDA compiler
Article URL: https://nvlabs.github.io/cuda-oxide/index.html Comments URL: https://news.ycombinator.com/item?id=48096692 Points: 325 # Comments: 101
How are we going to get out of Meta? (Or social media in general)
Article URL: https://hugoib.beehiiv.com/p/how-are-we-going-to-get-out-of-meta-or-social-media-in-general Comments URL: https://news.ycombinator.com/item?id=48096622 Points: 3 # Comments: 0
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation. The activity is said to be the work of cybercrime threat actors who appear to
Moving from lsp-mode in GNU Emacs to Eglot
Comments
Aggregated from public RSS feeds & the Hacker News API · All links point to original sources · Clawship does not republish full articles