HN Reader

Pocket watch: Verifying exabytes of data (dropbox.tech)

1 points by rmason 1m ago 0 comments

Conversations I've Had with Code (donraab.medium.com)

1 points by ingve 1m ago 0 comments

Understanding Pin and Self-Referential Data in Rust (medium.com)

1 points by thunderbong 1m ago 0 comments

Redir: A TCP port redirector for Unix (github.com)

1 points by thunderbong 2m ago 0 comments

The key to spotting dyslexia early could be AI-powered handwriting analysis (buffalo.edu)

1 points by geox 3m ago 0 comments

Takeaways from Coding with AI (oreilly.com)

1 points by rmason 4m ago 0 comments

Structure and Wiring Optimized TT/MT Double-Helical Fiber Sensors (advanced.onlinelibrary.wiley.com)

1 points by PaulHoule 4m ago 0 comments

Lock-Free Rust: How to Build a Rollercoaster While It's on Fire (yeet.cx)

1 points by NotSillyEnough 4m ago 0 comments

The Professors Are Using ChatGPT, and Some Students Aren't Happy About It (nytimes.com)

1 points by haider0721128 4m ago 0 comments

Is this program safe? Lessons from Type Theory (brandonrozek.com)

1 points by speckx 6m ago 0 comments

MinorMiner: We turn your kid's maths homework into Bitcoin (robertheaton.com)

1 points by zdw 7m ago 0 comments

I made a daily word game (kmcd.dev)

1 points by ingve 7m ago 0 comments

The Scalar Select Anti-Pattern (matklad.github.io)

1 points by goranmoomin 8m ago 0 comments

Ask HN: Do you turn off web search when asking an AI something difficult?

1 points by amichail 9m ago 0 comments

LangChain4j 1.0.0 (github.com)

1 points by mfiguiere 9m ago 0 comments

Buried Treasure SF (buriedtreasure.carrd.co)

1 points by ChrisArchitect 10m ago 1 comments

Auditory changes in guinea pigs listening to overcompressed music (sciencedirect.com)

1 points by riedel 10m ago 0 comments

The Landscape of Malicious Open Source Packages: 2025 Mid‑Year Threat Report (socket.dev)

1 points by feross 11m ago 0 comments

One More Thing Conference, a community event during WWDC week (omt-conf.com)

1 points by Austin_Conlon 12m ago 0 comments

Grok now inserting text about "white genocide" into unrelated responses (bsky.app)

5 points by jrflowers 13m ago 0 comments

New Python Package for Advanced Calibration Models (already has 3k downloads) (github.com)

1 points by goji_berries 14m ago 0 comments

Bing Search and Bing Custom Search APIs will be retired on 11th August 2025 (microsoft.com)

2 points by the_mitsuhiko 15m ago 0 comments

Rumble Taps Veteran Antitrust Lawyer in Lawsuit Against Google's Monopoly Power (reclaimthenet.org)

1 points by mikece 19m ago 0 comments

Who Owns All the Supplements? (2022) (fanaticcook.com)

1 points by pipiscrew 19m ago 1 comments

How to Use SVG as a Placeholder, and Other Image Loading Techniques (2017) (jmperezperez.com)

2 points by Tomte 23m ago 0 comments

Microsoft Writing Style Guide (learn.microsoft.com)

1 points by Tomte 23m ago 0 comments

Managing Music with Rclone (coryd.dev)

1 points by cdransf 23m ago 0 comments

Apple Filing Protocol client deprecated as of macOS Sequoia 15.5.0 (derflounder.wordpress.com)

1 points by ingve 25m ago 1 comments

North American Land Sailing Association (nalsa.org)

1 points by dsr_ 27m ago 0 comments

Erlang Ecosystem Foundation Becomes CNA for the Hex and Beam Ecosystem (erlef.org)

3 points by maennchen 27m ago 1 comments

A new bill could lift the outdated ban on supersonic flight over land (boomsupersonic.com)

4 points by garrettgarcia 29m ago 1 comments

Show HN: MemoCat – a simple note-taking product(open source) (memocat.com)

1 points by Airyisland 29m ago 1 comments

Show HN: OpenCode – TUI based coding agent (github.com)

1 points by thdxr 29m ago 0 comments

Unitful Quantities in Jax (github.com)

1 points by cl3misch 29m ago 0 comments

Hackers behind UK retail attacks now targeting US companies (bleepingcomputer.com)

1 points by speckx 30m ago 0 comments

Good enough ten-second sum types for Postgres (duckrabbit.tech)

1 points by todsacerdoti 31m ago 0 comments

Show HN: Semantic Calculator (King-Man+woman=?) (calc.datova.ai)

14 points by nxa 33m ago 3 comments

Show HN: Atlas: Independent Evals and Benchmarking for Generative AI Models (app.layerlens.ai)

1 points by Arch223 33m ago 0 comments

Show HN: Landing pages where you control the code (startthelanding.com)

1 points by sanswork 34m ago 0 comments

Remembering IBM Researcher Dick Garwin (research.ibm.com)

2 points by rbanffy 35m ago 0 comments

I Built an AI Bot That Posts and Sells Social Media Tools on Autopilot

1 points by aigoldminerush 36m ago 0 comments

Amazon illegal miners bypass enforcement by smuggling gold into Venezuela (news.mongabay.com)

1 points by PaulHoule 36m ago 0 comments

Intuitive Machines blames dim lighting and dodgy data for second lunar faceplant (theregister.com)

2 points by rntn 38m ago 0 comments

Next Airbnb May Include Room Service and Tamale-Making (nytimes.com)

2 points by nanfinitum 38m ago 1 comments

Proposed Changes to Section 174 R&D Salary Expense Accounting (frazierdeeter.com)

1 points by walterbell 39m ago 0 comments

Show HN: Kasimba – Simple macOS app that converts Windows paths to SMB addresses (github.com)

1 points by bobnarizes 39m ago 0 comments

OXVG: Rust alternative to SVGO and (eventually) InkScape (github.com)

1 points by brianzelip 39m ago 0 comments

Why I wrote the fx web server (huijzer.xyz)

1 points by todsacerdoti 41m ago 0 comments

My 2FA Mule. There are others like it, but this one is mine (2021) (kozubik.com)

2 points by walterbell 42m ago 0 comments

Agent mode has arrived in preview for Visual Studio (devblogs.microsoft.com)

1 points by andyjohnson0 43m ago 0 comments

Wiz hardened, near-zero-CVE base images

4 dschofie 3 5/14/2025, 4:25:59 PM wiz.io ↗

Comments (3)

lysace · 3h ago
> The impact was immediate.

> Critical and high CVEs in base images dropped to near zero. Our vulnerability scanners became quieter, with fewer false positives and less noise.

Are there vulnerability scanners that attempt to look for what is actually used, instead of just what is present?

dschofie · 3h ago
Definitely! A lot of this falls under the "reachability" umbrella. It's just a little harder to say if something is actually used vs just installed. For example, in your app you could exec a script which can be harder for tools to detect with accuracy and there are just quite a few edge cases to handle
lysace · 3h ago
I guess the scanner would need to be provided with runtime data, somehow. I.e. two phases of scanning, before and after deployment. Suddenly it's getting quite complex, especially if you include the security aspects of that scanner running in prod.