HN Reader

Code review can be better (tigerbeetle.com)

80 points by sealeck 3h ago 25 comments

SK hynix dethrones Samsung as world’s top DRAM maker (koreajoongangdaily.joins.com)

50 points by ksec 3d ago 5 comments

Show HN: I was curious about spherical helix, ended up making this visualization (visualrambling.space)

622 points by damarberlari 12h ago 112 comments

How to stop feeling lost in tech: the wafflehouse method (yacinemahdid.com)

19 points by research_pie 53m ago 4 comments

A statistical analysis of Rotten Tomatoes (statsignificant.com)

28 points by m463 2h ago 7 comments

Gemma 3 270M re-implemented in pure PyTorch for local tinkering (github.com)

307 points by ModelForge 12h ago 47 comments

Why are anime catgirls blocking my access to the Linux kernel? (lock.cmpxchg8b.com)

280 points by taviso 11h ago 326 comments

Show HN: PlutoPrint – Generate PDFs and PNGs from HTML with Python (github.com)

87 points by sammycage 5h ago 17 comments

Launch HN: Channel3 (YC S25) – A database of every product on the internet

91 points by glawrence13 10h ago 56 comments

SimpleIDE (github.com)

27 points by impendingchange 3h ago 19 comments

Introduction to AT Protocol (mackuba.eu)

136 points by psionides 7h ago 67 comments

Zedless: Zed fork focused on privacy and being local-first (github.com)

382 points by homebrewer 7h ago 230 comments

An Update on Pytype (github.com)

147 points by mxmlnkn 9h ago 49 comments

Visualizing distributions with pepperoni pizza and JavaScript (ntietz.com)

7 points by cratermoon 2d ago 0 comments

Sequoia backs Zed (zed.dev)

295 points by vquemener 14h ago 192 comments

Show HN: Luminal – Open-source, search-based GPU compiler (github.com)

86 points by jafioti 10h ago 46 comments

Coris (YC S22) Is Hiring (ycombinator.com)

1 points by smaddali 5h ago 0 comments

Pixel 10 Phones (blog.google)

350 points by gotmedium 8h ago 662 comments

OPA maintainers and Styra employees hired by Apple (blog.openpolicyagent.org)

118 points by crcsmnky 10h ago 42 comments

Lean proof of Fermat's Last Theorem [pdf] (imperialcollegelondon.github.io)

73 points by ljlolel 7h ago 46 comments

Parallel Reduce and Scan on the GPU (cachemiss.xyz)

3 points by coffeeaddict1 3d ago 0 comments

French firm Gouach is pitching an Infinite Battery with replaceable cells (arstechnica.com)

46 points by pabs3 3d ago 44 comments

Vibe coding creates a bus factor of zero (mindflash.org)

147 points by AntwaneB 4h ago 78 comments

Tidewave Web: in-browser coding agent for Rails and Phoenix (tidewave.ai)

264 points by kieloo 16h ago 47 comments

Visualizing GPT-OSS-20B embeddings (melonmars.github.io)

68 points by melonmars 3d ago 21 comments

Closer to the Metal: Leaving Playwright for CDP (browser-use.com)

140 points by gregpr07 10h ago 97 comments

AWS in 2025: Stuff you think you know that's now wrong (lastweekinaws.com)

282 points by keithly 10h ago 172 comments

Mirrorshades: The Cyberpunk Anthology (1986) (rudyrucker.com)

144 points by keepamovin 18h ago 84 comments

Learning about GPUs through measuring memory bandwidth (evolvebenchmark.com)

45 points by JasperBekkers 11h ago 4 comments

Understanding Moravec's Paradox (hexhowells.com)

17 points by hexhowells 3d ago 2 comments

The Rise and Fall of Music Ringtones: A Statistical Analysis (statsignificant.com)

51 points by gmays 3d ago 73 comments

Show HN: Anchor Relay – A faster, easier way to get Let's Encrypt certificates (anchor.dev)

61 points by geemus 10h ago 53 comments

Analysis of the GFW's Unconditional Port 443 Block on August 20, 2025 (gfw.report)

190 points by kotri 21h ago 145 comments

Linear scan register allocation on SSA (bernsteinbear.com)

34 points by surprisetalk 3d ago 4 comments

Improvements to OCaml code editing: the basics of a refactor engine (tarides.com)

90 points by nukifw 12h ago 18 comments

How to Draw a Space Invader (muffinman.io)

507 points by abdusco 1d ago 52 comments

Databricks is raising a Series K Investment at >$100B valuation (databricks.com)

157 points by djhu9 20h ago 180 comments

MapLibre Tile: A next generation geospatial format optimized for rendering (arxiv.org)

138 points by mtremmel 2d ago 13 comments

Show HN: Nestable.dev – local whiteboard app with nestable canvases, deep links (nestable.dev)

33 points by anorak27 8h ago 19 comments

Best Options for Using AI in Chip Design (semiengineering.com)

41 points by rbanffy 9h ago 11 comments

Show HN: What country you would hit if you went straight where you're pointing (apps.apple.com)

62 points by brgross 10h ago 36 comments

The Block Stacking Problem (sites.pitt.edu)

122 points by lisper 2d ago 32 comments

Meta Freezes AI Hiring After Blockbuster Spending Spree (wsj.com)

14 points by polrjoy 1h ago 10 comments

Copilot broke audit logs, but Microsoft won't tell customers (pistachioapp.com)

757 points by Sayrus 1d ago 279 comments

Show HN: Project management system for Claude Code (github.com)

152 points by aroussi 15h ago 99 comments

Modern CI is too complex and misdirected (2021) (gregoryszorc.com)

190 points by thundergolfer 22h ago 177 comments

Ask HN: Why does the US Visa application website do a port-scan of my network?

489 points by mbix77 20h ago 224 comments

AGENTS.md – Open format for guiding coding agents (agents.md)

784 points by ghuntley 1d ago 372 comments

Show HN: Bizcardz.ai – Custom metal business cards (github.com)

18 points by rhodey 8h ago 29 comments

The End of Handwriting (wired.com)

120 points by beardyw 2d ago 291 comments

CVE-2025-54988: Apache Tika XXE vulnerability

1 yakovsh2 1 8/20/2025, 8:24:56 PM lists.apache.org ↗

Comments (1)

yakovsh2 · 5h ago
Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.

Users are recommended to upgrade to version 3.2.2, which fixes this issue.