HN Reader

Ask HN: Do you have a side project you're getting tired of?

13 points by gdulli 5h ago 8 comments

Ask HN: Agent / workflow frameworks or roll your own?

3 points by dennisy 4h ago 0 comments

Ask HN: Conversational AI to Learn a Language

76 points by edweis 5d ago 56 comments

Ask HN: How do you promote your personal projects with a limited budget?

115 points by javafactory 1d ago 86 comments

We sold our first AI agent to a legacy industry–now we're stuck. Help us Advice?

7 points by goldmanX 8h ago 10 comments

Ask HN: What makes a programming language great for code generation?

3 points by keithasaurus 6h ago 2 comments

Ask HN: Places in the UK / Europe Related to computers

7 points by sailorganymede 14h ago 7 comments

Ask HN: Has anyone been able to overcome crippling executive dysfunction?

36 points by justanything 23h ago 35 comments

Ask HN: How to Make Friendster Great?

84 points by ca98am79 1d ago 124 comments

Tell HN: Mozilla is preparing to remove bookmark keywords

13 points by RheingoldRiver 4h ago 1 comments

I spent 15 years developing a tool to make sense of software version numbers

30 points by a1tern 2d ago 5 comments

Ask HN: Pros and cons of offering a self-hosted version of your SaaS?

12 points by DavyCreddy 1d ago 2 comments

Ask HN: Engineering Statics and Dynamics book recommendation

7 points by areoform 1d ago 2 comments

I'm Peter Roberts, immigration attorney, who does work for YC and startups. AMA

255 points by proberts 6d ago 452 comments

More than 1,500 AI projects are now vulnerable to a silent exploit

3 points by mykytamudryi 3h ago 1 comments

Ask HN: How are you using LLMs for research on a library of journal articles?

3 points by jopizio 1d ago 0 comments

Modern Python Boilerplate – good package basic structure

7 points by lambda-science 1d ago 0 comments

Ask HN: Where to find UX design resources?

10 points by bindd 1d ago 4 comments

What If Every Picture You've Ever Seen Already Exists?

16 points by cin4ed 2d ago 27 comments

Tell HN: The Hetzner Experience - Invisible Outages

34 points by AmazingTurtle 2d ago 12 comments

Ask HN: Don't You Mind That LLMs Are Mostly Proprietary?

18 points by dakiol 3d ago 17 comments

Built an AI Tool? List It for Free on Aisofto.com

6 points by rahulbstomar 1d ago 0 comments

Is this necassary to fail at first time? No money with 280 Users

3 points by gurpreet_codes 1d ago 5 comments

Ask HN: Does the languages we speak affect the way we think?

7 points by Genius_um 2d ago 19 comments

Big Beautiful Bill R&D Tax: Will tech go on a hiring spree again?

20 points by jbverschoor 3d ago 19 comments

Ask HN: Anyone working in traditional ML/stats research instead of LLMs?

21 points by itsmekali321 5d ago 11 comments

How to Fix the Gaming Industry

3 points by azyLum 2d ago 10 comments

Ask HN: Do people actually pay for small web tools?

56 points by scratchyone 4d ago 65 comments

Ask HN: When do you just give up and ship it?

16 points by 90s_dev 2d ago 14 comments

More than 1,500 AI projects are now vulnerable to a silent exploit

3 mykytamudryi 1 5/22/2025, 7:39:06 PM
According to the latest research by ARIMLABS[.]AI, a critical security vulnerability (CVE-2025-47241) has been discovered in the widely used Browser Use framework — a dependency leveraged by more than 1,500 AI projects.

The issue enables zero-click agent hijacking, meaning an attacker can take control of an LLM-powered browsing agent simply by getting it to visit a malicious page — no user interaction required.

This raises serious concerns about the current state of security in autonomous AI agents, especially those that interact with the web.

Comments (1)

Proofread0592 · 3h ago
Here's the issue on the github advisory database with an example

https://github.com/advisories/GHSA-x39x-9qw5-ghrf

> The core issue stems from the line domain = domain.split(':')[0], which allows an attacker to manipulate basic authentication credentials by providing a username:password pair. By replacing the username with a whitelisted domain, the check can be bypassed, even though the actual domain remains different.

So consider https://example.com:pass@google.com

This URL goes to google.com (paste it in your browser to see), but the library will consider this a URL that goes to example.com, which it doesn't.