▸ ShinyHunters — the group behind prior AT&T and Ticketmaster breaches — claims to have compromised Instructure's Canvas LMS and is threatening to leak ...
▸ Valve released the full CAD files for the Steam Controller under a Creative Commons license, making it one of the most significant consumer hardware o...
▸ Amazon employees coined 'tokenmaxxing' — inflating AI tool usage stats to satisfy management pressure to adopt AI coding assistants.
▸ Google has reversed its SMS verification flow: instead of receiving a code, new account registration now requires you to scan a QR code and send a tex...
▸ Meta is removing end-to-end encryption from Instagram direct messages, reversing its own privacy commitment made when rolling out E2EE across its mess...
▸ Germany's .de TLD — the world's largest country-code domain with ~17 million registrations — suffered a DNSSEC validation failure, causing resolution ...
▸ Jeff Geerling documents how Bambu Lab built a billion-dollar 3D printer business on GPL-licensed Marlin firmware while failing to release modified sou...
▸ DuckDB's new Quack protocol adds client-server capability to what was previously an embedded-only analytical database.
▸ Bun has begun porting its JavaScript runtime internals from Zig to Rust, confirmed by commits landing in the main oven-sh/bun repository.
▸ Anthropic's Agent Skills spec — a folder with a SKILL.md file — has been adopted by 35+ tools including Cursor, GitHub Copilot, VS Code, OpenAI Codex,...
▸ GitLab is cutting staff and officially retiring CREDIT — the Collaboration, Results, Efficiency, Diversity, Iteration, Transparency framework that def...
▸ AI-generated low-effort content — 'slop' — is flooding Stack Overflow, Reddit, GitHub issues, and technical forums, drowning out genuine human experti...
▸ A developer reported a duplicate UUID v4 in production, sparking an HN thread with 337+ points — but the math makes a true collision essentially impos...
▸ A debian-devel-announce post formally argues Debian must require all shipped packages to be bit-for-bit reproducible — elevating a decade-long 'should...
▸ Alex Kladov (matklad) argues that software architecture is best learned by studying well-built systems — not by reading architecture books or memorizi...
▸ US healthcare marketplace websites embedded tracking pixels that transmitted applicants' citizenship status, race, and ethnicity data to advertising p...
▸ The biggest bottleneck in AI agent reliability isn't prompt quality — it's the absence of deterministic control flow between LLM calls.
▸ Mercury, the fintech startup handling billions in deposits, runs one of the largest known production Haskell codebases at roughly 2 million lines.
▸ Multiple TanStack packages were published with malicious postinstall scripts that exfiltrated environment variables and secrets to an attacker-control...
▸ A malicious Obsidian community plugin was weaponized to deploy the Phantom Pulse remote access trojan, giving attackers persistent access to developer...