How we exploited CodeRabbit: From simple PR to RCE and write access on 1M repos (research.kudelskisecurity.com)

244 points by spiridow 3h ago 77 comments

Notion Releases Offline Mode (notion.com)

27 points by ericzawo 1h ago 15 comments

Emacs as your video-trimming tool (xenodium.com)

99 points by xenodium 3h ago 46 comments

D2 (text to diagram tool) now supports ASCII renders (d2lang.com)

43 points by alixanderwang 1h ago 3 comments

Without the futex, it's futile (h4x0r.org)

175 points by eatonphil 5h ago 86 comments

Figma's Multiplayer Technology (2019) (figma.com)

37 points by redbell 3d ago 16 comments

Candle Flame Oscillations as a Clock (cpldcpu.com)

167 points by cpldcpu 3d ago 32 comments

Positron, a New Data Science IDE (posit.co)

82 points by kgwgk 5h ago 33 comments

A renovation project in Turkey led to the discovery of a lost city (2023) (atlasobscura.com)

42 points by areoform 4h ago 8 comments

Custom telescope mount using harmonic drives and ESP32 (svendewaerhert.com)

221 points by waerhert 9h ago 83 comments

The new geography of stolen goods (economist.com)

15 points by tlb 1d ago 7 comments

Forklifts Require Training (zacsweers.dev)

20 points by pandanomic 2h ago 1 comments

Lazy-brush – smooth drawing with mouse or finger (lazybrush.dulnan.net)

514 points by tvdvd 4d ago 65 comments

Geotoy – Shadertoy for 3D Geometry (3d.ameo.design)

75 points by Ameo 1d ago 11 comments

Show HN: Chroma Cloud – serverless search database for AI (trychroma.com)

50 points by jeffchuber 1d ago 14 comments

Launch HN: Uplift (YC S25) – Voice models for under-served languages

66 points by zaidqureshi 7h ago 32 comments

"Remove mentions of XSLT from the html spec" (github.com)

272 points by troupo 4h ago 329 comments

Prime Number Grid (susam.net)

244 points by todsacerdoti 12h ago 86 comments

Launch HN: Parachute (YC S25) – Guardrails for Clinical AI

36 points by ariavikram 4h ago 17 comments

CRLite: Certificate Revocation Checking in Firefox (hacks.mozilla.org)

21 points by TangerineDream 3h ago 2 comments

Why Semantic Layers Matter (and how to build one with DuckDB) (motherduck.com)

9 points by secondrow 2h ago 0 comments

PyPI Preventing Domain Resurrection Attacks (blog.pypi.org)

93 points by pabs3 9h ago 35 comments

Small Objects, Big Gains: Benchmarking Tigris Against AWS S3 and Cloudflare R2 (tigrisdata.com)

6 points by nethunters 2h ago 1 comments

Guile bindings for Sway window manager (github.com)

48 points by ducktective 3d ago 4 comments

Vim Macros for Beancount (tangled.sh)

44 points by xarcolade 6h ago 12 comments

Critical Cache Poisoning Vulnerability in Dnsmasq (lists.thekelleys.org.uk)

96 points by westurner 6h ago 56 comments

How to Build a Medieval Castle (archaeology.org)

192 points by benbreen 14h ago 55 comments

Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database (wired.com)

10 points by hacker_yacker 1h ago 2 comments

In 2006, Hitachi developed a 0.15mm-sized RFID chip (hitachi.com)

92 points by julkali 4d ago 50 comments

Why I'm all-in on Zen Browser (werd.io)

89 points by benwerd 5h ago 89 comments

Ted Chiang: The Secret Third Thing (linch.substack.com)

261 points by pseudolus 19h ago 117 comments

Tiny-tpu: A minimal tensor processing unit (TPU), inspired by Google's TPU (github.com)

254 points by admp 23h ago 13 comments

Warp sends a terminal session to LLM without user consent

44 points by ykurtov 3h ago 15 comments

Show HN: Python file streaming 237MB/s on $8/M droplet in 507 lines of stdlib (bellone.com)

11 points by b_llc 5h ago 2 comments

X-ray scans reveal Buddhist prayers inside tiny Tibetan scrolls (popsci.com)

159 points by Hooke 2d ago 65 comments

Netflix Revamps Tudum's CQRS Architecture with Raw Hollow In-Memory Object Store (infoq.com)

71 points by NomDePlum 3d ago 79 comments

OpenMower – An open source lawn mower (github.com)

541 points by rickcarlino 19h ago 168 comments

The Great SSL Certificate Panic (redmonk.com)

8 points by chillax 1h ago 2 comments

The Life and Death of London's Crystal Palace (2021) (heritagecalling.com)

42 points by zeristor 4d ago 14 comments

Obsidian Bases (help.obsidian.md)

650 points by twapi 22h ago 219 comments

EloqKV, a distributed database with Redis compatible API (GPLv2 and AGPLv3) (github.com)

43 points by cloudsql 1d ago 30 comments

Spice Data (YC S19) Is Hiring a Product Associate (New Grad) (ycombinator.com)

1 points by richard_pepper 22h ago 0 comments

Octopolis and Octlantis (en.wikipedia.org)

22 points by eatonphil 3h ago 7 comments

The myth of Scouse exceptionalism (unherd.com)

3 points by drankl 36m ago 0 comments

AnduinOS (anduinos.com)

36 points by TheFreim 57m ago 44 comments

Show HN: We started building an AI dev tool but it turned into a Sims-style game (youtube.com)

145 points by maxraven 1d ago 72 comments

Attention Is the New Big-O: A Systems Design Approach to Prompt Engineering (alexchesser.medium.com)

56 points by alexc05 6h ago 42 comments

The rising returns to R&D: Ideas are not getting harder to find (papers.ssrn.com)

129 points by surprisetalk 4d ago 78 comments

Anna's Archive: An Update from the Team (annas-archive.org)

1016 points by jerheinze 1d ago 496 comments

How to Use Snprintf (bernsteinbear.com)

45 points by surprisetalk 3d ago 20 comments

DripDropper Linux malware cleans up after itself – how it works

2 CrankyBear 2 8/19/2025, 1:59:56 PM zdnet.com ↗

Comments (2)

bediger4000 · 5h ago

> it patches the security hole behind it

As the article notes, this isn't unheard of. Max Vision's 1998 worm fixed a BIND vulnerability. That seemed to be the worm's main purpose and motivation. Fixing a vulnerability or two behind malware is rare. There are WordPress-ecosystem malwares that seem to mostly exist to eliminate previously-installed malware.

The question is: why is that rare? Simulations of worms that patch holes as they go shows they easily out-compete worms that don't. Why don't feral software developers include code to fix the vulnerabilities they use to gain access in the first place?

Bender · 5h ago

Why don't feral software developers include code to fix the vulnerabilities they use to gain access in the first place?

These were hacktivists and were mostly grey-hats. In the early internet there are far less monitoring and logging. The risk of being a grey-hat was lower and there were less legal precedent for what happens when caught.

Logging and monitoring is very common now and there are a myriad of court cases that show hacktivists what happens when they are caught. The older former-hacktivists now have something to lose and the younger ones don't want to spend a portion of their life in jail whereas criminals that spread malware for financial gain are often in locations that first world countries can not easily pursue and they have accepted the risks vs. rewards.