I'd rather read the prompt (claytonwramsey.com)

1429 points by claytonwramsey 7d ago 840 comments

From: Steve Jobs. "Great idea, thank you." (blog.hayman.net)

1170 points by mattl 3d ago 290 comments

The curse of knowing how, or; fixing everything (notashelf.dev)

1170 points by Lunar5227 6d ago 440 comments

Show HN: Clippy – 90s UI for local LLMs (felixrieseberg.github.io)

1118 points by felixrieseberg 5d ago 272 comments

Plain Vanilla Web (plainvanillaweb.com)

1114 points by andrewrn 19h ago 517 comments

Void: Open-source Cursor alternative (github.com)

910 points by sharjeelsayed 3d ago 342 comments

Ty: A fast Python type checker and language server (github.com)

897 points by arathore 4d ago 286 comments

Design for 3D-Printing (blog.rahix.de)

831 points by q3k 7d ago 206 comments

Zed: High-performance AI Code Editor (zed.dev)

729 points by vquemener 5d ago 419 comments

Gemini 2.5 Pro Preview (developers.googleblog.com)

701 points by meetpateltech 5d ago 687 comments

The Death of Daydreaming (afterbabel.com)

697 points by isolli 6d ago 263 comments

OpenAI reaches agreement to buy Windsurf for $3B (bloomberg.com)

659 points by swyx 6d ago 570 comments

My new deadline: 20 years to give away virtually all my wealth (gatesnotes.com)

658 points by nrvn 3d ago 640 comments

Claude's system prompt is over 24k tokens with tools (github.com)

625 points by mike210 5d ago 334 comments

ALICE detects the conversion of lead into gold at the LHC (home.cern)

622 points by miiiiiike 2d ago 297 comments

CLion Is Now Free for Non-Commercial Use (blog.jetbrains.com)

618 points by AlexeyBrin 4d ago 384 comments

Matt Godbolt sold me on Rust by showing me C++ (collabora.com)

608 points by LorenDB 5d ago 658 comments

Evolving OpenAI's Structure (openai.com)

600 points by rohitpaulk 6d ago 673 comments

First American pope elected and will be known as Pope Leo XIV (cnn.com)

597 points by saikatsg 3d ago 1028 comments

A critical look at MCP (raz.sh)

593 points by ablekh 1d ago 320 comments

LegoGPT: Generating Physically Stable and Buildable Lego (avalovelace1.github.io)

579 points by nkko 3d ago 136 comments

Waiting for Postgres 18: Accelerating Disk Reads with Asynchronous I/O (pganalyze.com)

571 points by lfittl 4d ago 154 comments

Business books are entertainment, not strategic tools (theorthagonist.substack.com)

559 points by ZeroTalent 2d ago 248 comments

NSF faces shake-up as officials abolish its 37 divisions (science.org)

556 points by magicalist 2d ago 760 comments

Unity’s Open-Source Double Standard: the ban of VLC (mfkl.github.io)

535 points by cempaka 4d ago 161 comments

Vision Now Available in Llama.cpp (github.com)

531 points by redman25 2d ago 102 comments

Reservoir Sampling (samwho.dev)

520 points by chrisdemarco 3d ago 105 comments

Show HN: Real-time AI Voice Chat at ~500ms Latency (github.com)

516 points by koljab 6d ago 226 comments

Ask HN: What are good high-information density UIs (screenshots, apps, sites)?

511 points by troupo 3d ago 369 comments

Leaving Google (airs.com)

508 points by todsacerdoti 1d ago 317 comments

Mistral ships Le Chat – enterprise AI assistant that can run on prem (mistral.ai)

503 points by _lateralus_ 4d ago 157 comments

India launches attack on 9 sites in Pakistan and Pakistani Jammu and Kashmir (reuters.com)

487 points by alephnerd 5d ago 624 comments

High tariffs become 'real' with our first $36K bill (blog.adafruit.com)

475 points by ptorrone 3d ago 391 comments

One-Click RCE in Asus's Preinstalled Driver Software (mrbruh.com)

473 points by MrBruh 1d ago 225 comments

A simple 16x16 dot animation from simple math rules (tixy.land)

461 points by andrewrn 2d ago 91 comments

Curl: We still have not seen a valid security report done with AI help (linkedin.com)

453 points by indigodaddy 5d ago 239 comments

VVVVVV Source Code (github.com)

443 points by radeeyate 5d ago 92 comments

So Much Blood (dynomight.net)

438 points by debesyla 5d ago 209 comments

Replacing Kubernetes with systemd (2024) (blog.yaakov.online)

435 points by birdculture 6d ago 369 comments

The vocal effects of Daft Punk (bjango.com)

431 points by qzervaas 7d ago 112 comments

Observations from people-watching (skincontact.substack.com)

421 points by jger15 1d ago 221 comments

Rust’s dependencies are starting to worry me (vincents.dev)

412 points by chaosprint 3d ago 562 comments

Sneakers (1992) – 4K makeover sourced from the original camera negative (blu-ray.com)

410 points by bredren 6d ago 298 comments

Launch HN: Exa (YC S21) – The web as a database

409 points by willbryk 5d ago 132 comments

US vs. Google amicus curiae brief of Y Combinator in support of plaintiffs [pdf] (storage.courtlistener.com)

408 points by dave1629 1d ago 909 comments

An appeal to Apple from Anukari (anukari.com)

405 points by humbledrone 6d ago 188 comments

Judge said Meta illegally used books to build its AI (wired.com)

405 points by mekpro 7d ago 341 comments

As an experienced LLM user, I don't use generative LLMs often (minimaxir.com)

386 points by minimaxir 6d ago 207 comments

Sofie: open-source web based system for automating live TV news production (nrkno.github.io)

375 points by rjmunro 2d ago 52 comments

RybbitL Open source Google Analytics replacement (github.com)

359 points by samdung 4d ago 162 comments

Backdoor found in popular ecommerce components

41 mooreds 6 5/11/2025, 1:34:02 PM sansec.io ↗

Comments (6)

BoardsOfCanada · 18h ago

The vendor responses seem pretty strange:

> Magesolution (MGS) did not respond, but the backdoored packages can still be downloaded from their site as of Apr 30th.

> Tigren denies to have been hacked, but the backdoored packages are still available on their site as of Apr 30th.

> Meetanshi claims that their software has not been tampered with, but confirmed that their server got hacked.

pixl97 · 17h ago

Not that strange, unless forced by law vendors will commonly deny all knowledge and responsibility.

xiphias2 · 20h ago

These all look like some Adobe plugin (sold by Adobe store)

GenerocUsername · 20h ago

Thanks. I was skimming article but it seemed like it was missing some critical context

blargthorwars · 20h ago

A lot of latent payloads are going to be activated ASAP before automated AI detection becomes the norm. AI ain't perfect, but it's good at this sort of thing.

McGlockenshire · 19h ago

> The $licenseFile can be controlled by the attacker using the adminUploadLicense function

This is just as likely to be an RCE as it is to be a backdoor. Calling `include` on a file the user can write to is just asking for it. This has been a known footgun for decades.