The SSO Wall of Shame – Vendors that treat SSO as luxury feature (sso.tax)

92 points by vinnyglennon 58m ago 44 comments

How we exploited CodeRabbit: From simple PR to RCE and write access on 1M repos (research.kudelskisecurity.com)

315 points by spiridow 4h ago 104 comments

Perfect Freehand – Draw perfect pressure-sensitive freehand lines (perfectfreehand.com)

25 points by NikxDa 43m ago 3 comments

Notion releases offline mode (notion.com)

102 points by ericzawo 2h ago 70 comments

D2 (text to diagram tool) now supports ASCII renders (d2lang.com)

82 points by alixanderwang 2h ago 7 comments

Emacs as your video-trimming tool (xenodium.com)

124 points by xenodium 4h ago 62 comments

Without the futex, it's futile (h4x0r.org)

189 points by eatonphil 6h ago 94 comments

How Figma’s multiplayer technology works (2019) (figma.com)

56 points by redbell 3d ago 25 comments

Candle Flame Oscillations as a Clock (cpldcpu.com)

187 points by cpldcpu 3d ago 38 comments

The new geography of stolen goods (economist.com)

34 points by tlb 1d ago 21 comments

Show HN: OpenAI/reflect – Physical AI Assistant that illuminates your life (github.com)

11 points by Sean-Der 48m ago 2 comments

Why Semantic Layers Matter (and how to build one with DuckDB) (motherduck.com)

32 points by secondrow 3h ago 1 comments

A renovation project in Turkey led to the discovery of a lost city (2023) (atlasobscura.com)

48 points by areoform 5h ago 11 comments

Custom telescope mount using harmonic drives and ESP32 (svendewaerhert.com)

232 points by waerhert 10h ago 84 comments

Lazy-brush – smooth drawing with mouse or finger (lazybrush.dulnan.net)

526 points by tvdvd 4d ago 66 comments

Branch prediction: Why CPUs can't wait? (namvdo.ai)

10 points by signa11 3d ago 0 comments

Launch HN: Uplift (YC S25) – Voice models for under-served languages

72 points by zaidqureshi 8h ago 33 comments

Show HN: Chroma Cloud – serverless search database for AI (trychroma.com)

63 points by jeffchuber 1d ago 15 comments

Geotoy – Shadertoy for 3D Geometry (3d.ameo.design)

82 points by Ameo 1d ago 13 comments

How to Build a Medieval Castle (archaeology.org)

203 points by benbreen 15h ago 59 comments

Positron, a New Data Science IDE (posit.co)

101 points by kgwgk 6h ago 35 comments

CRLite: Certificate Revocation Checking in Firefox (hacks.mozilla.org)

28 points by TangerineDream 4h ago 2 comments

Launch HN: Parachute (YC S25) – Guardrails for Clinical AI

44 points by ariavikram 5h ago 19 comments

Prime Number Grid (susam.net)

251 points by todsacerdoti 13h ago 88 comments

"Remove mentions of XSLT from the html spec" (github.com)

289 points by troupo 5h ago 354 comments

Forklifts require training (zacsweers.dev)

41 points by pandanomic 3h ago 19 comments

Medical cannabis patient data exposed by unsecured database (wired.com)

25 points by hacker_yacker 2h ago 7 comments

PyPI Preventing Domain Resurrection Attacks (blog.pypi.org)

99 points by pabs3 10h ago 37 comments

Vim Macros for Beancount (tangled.sh)

49 points by xarcolade 7h ago 13 comments

Guile bindings for Sway window manager (github.com)

54 points by ducktective 3d ago 7 comments

In 2006, Hitachi developed a 0.15mm-sized RFID chip (hitachi.com)

95 points by julkali 4d ago 53 comments

Show HN: Twick - React SDK for Timeline-Based Video Editing (github.com)

3 points by seekerquest 2h ago 1 comments

Ted Chiang: The Secret Third Thing (linch.substack.com)

267 points by pseudolus 20h ago 127 comments

Mark Zuckerberg Shakes Up Meta's A.I. Efforts, Again (nytimes.com)

20 points by voxadam 2h ago 7 comments

Why I'm all-in on Zen Browser (werd.io)

96 points by benwerd 6h ago 93 comments

Tiny-tpu: A minimal tensor processing unit (TPU), inspired by Google's TPU (github.com)

259 points by admp 1d ago 13 comments

Attention Is the New Big-O: A Systems Design Approach to Prompt Engineering (alexchesser.medium.com)

65 points by alexc05 7h ago 42 comments

X-ray scans reveal Buddhist prayers inside tiny Tibetan scrolls (popsci.com)

159 points by Hooke 2d ago 65 comments

OpenMower – An open source lawn mower (github.com)

544 points by rickcarlino 20h ago 169 comments

Netflix Revamps Tudum's CQRS Architecture with Raw Hollow In-Memory Object Store (infoq.com)

71 points by NomDePlum 3d ago 80 comments

Critical Cache Poisoning Vulnerability in Dnsmasq (lists.thekelleys.org.uk)

100 points by westurner 7h ago 68 comments

Show HN: Python file streaming 237MB/s on $8/M droplet in 507 lines of stdlib (bellone.com)

14 points by b_llc 6h ago 6 comments

The Life and Death of London's Crystal Palace (2021) (heritagecalling.com)

43 points by zeristor 4d ago 14 comments

Obsidian Bases (help.obsidian.md)

655 points by twapi 23h ago 221 comments

The Great SSL Certificate Panic (redmonk.com)

12 points by chillax 2h ago 2 comments

Spice Data (YC S19) Is Hiring a Product Associate (New Grad) (ycombinator.com)

1 points by richard_pepper 23h ago 0 comments

EloqKV, a distributed database with Redis compatible API (GPLv2 and AGPLv3) (github.com)

44 points by cloudsql 1d ago 31 comments

Show HN: We started building an AI dev tool but it turned into a Sims-style game (youtube.com)

147 points by maxraven 1d ago 72 comments

Octopolis and Octlantis (en.wikipedia.org)

25 points by eatonphil 4h ago 8 comments

The myth of Scouse exceptionalism (unherd.com)

5 points by drankl 1h ago 0 comments

Medical cannabis patient data exposed by unsecured database

25 hacker_yacker 7 8/19/2025, 6:30:57 PM wired.com ↗

Comments (7)

shifty1 · 1h ago

https://archive.is/Mp0qt

0cf8612b2e1e · 12m ago

  Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about an unencrypted and non-password-protected database that contained 957,434 records. The database belongs to an Ohio-based organization that helps individuals obtain physician‑certified medical marijuana cards. The database held PII, drivers licenses, medical records, documents containing SSNs, and other internal potentially sensitive information.

So, the absolute bare minimum was not followed. Just wide open database containing medical information.

sailfast · 29m ago

So are people storing these things in a non-HIPAA-compliant way or is this mostly attributable to some other vector that would not have been helped by compliance?

What a terrible leak - med records and marijuana use, especially in some circles - could be very useful blackmail material. :/

hacker_yacker · 2h ago

Nearly a million records, which appear to be linked to a medical-cannabis-card company in Ohio, included Social Security numbers, government IDs, health conditions, and more.

yieldcrv · 12m ago

free bank accounts for money laundering

(new account online, new coinbase account online, stuff new account with cash, transfer to coinbase, transfer onchain, swap to monero, wait, access all with new mac address, new wifi, new browser session, or Tor if the services allow)

daily reminder that KYC is a joke, the institutions and enforcement agencies that think it works, don’t know when its not working as long as a real id and ssn and address is used

riffic · 25m ago

my neighborhood weed guy would never betray my trust in this way.

No comments yet

cpursley · 25m ago

Mongo?