frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

More than 1,500 AI projects are now vulnerable to a silent exploit

3•mykytamudryi•4h ago
According to the latest research by ARIMLABS[.]AI, a critical security vulnerability (CVE-2025-47241) has been discovered in the widely used Browser Use framework — a dependency leveraged by more than 1,500 AI projects.

The issue enables zero-click agent hijacking, meaning an attacker can take control of an LLM-powered browsing agent simply by getting it to visit a malicious page — no user interaction required.

This raises serious concerns about the current state of security in autonomous AI agents, especially those that interact with the web.

Comments

Proofread0592•4h ago
Here's the issue on the github advisory database with an example

https://github.com/advisories/GHSA-x39x-9qw5-ghrf

> The core issue stems from the line domain = domain.split(':')[0], which allows an attacker to manipulate basic authentication credentials by providing a username:password pair. By replacing the username with a whitelisted domain, the check can be bypassed, even though the actual domain remains different.

So consider https://example.com:pass@google.com

This URL goes to google.com (paste it in your browser to see), but the library will consider this a URL that goes to example.com, which it doesn't.

AI&Futbol

https://github.com/alex86590212/ml-futbol
1•alex86590212•53s ago•1 comments

FTC investigates media watchdog over Musk's X boycott claims, document shows

https://www.theguardian.com/us-news/2025/may/22/ftc-media-matters-x-investigation
1•mitchbob•2m ago•0 comments

The Future of Flatpak

https://lwn.net/Articles/1020571/
1•dxs•2m ago•0 comments

Only elites used hallucinogens in ancient Andes society

https://arstechnica.com/science/2025/05/only-elites-used-hallucinogens-in-ancient-andes-society/
1•PaulHoule•3m ago•0 comments

Show HN: Various ChatGPT Clients Written by Codex

https://github.com/DavidLiedle/ChatGPT
1•DavidCanHelp•3m ago•0 comments

Fire Breaks Out at a Data Center Leased by Elon Musk's X

https://www.wired.com/story/elon-musk-x-datacenter-fire/
1•coloneltcb•6m ago•0 comments

Kuo: Jony Ive's Futuristic OpenAI Device Like a Neck-Worn iPod Shuffle

https://www.macrumors.com/2025/05/22/ming-chi-kuo-on-openai-device-design/
1•herbertl•9m ago•1 comments

Entity-db: in-browser vector database

https://github.com/babycommando/entity-db
1•simonpure•16m ago•0 comments

Goodbye, Pocket

https://blog.kaplich.me/goodbye-pocket/
1•skaplich•17m ago•1 comments

Shopify just launched a racing game built in threejs and React

https://www.shopify.com/ca/editions/summer2025/drive
4•sss111•18m ago•5 comments

Yet "Another Highly Technical Talk" – Hanselman and Toub [video]

https://www.youtube.com/watch?v=J3IQBI5HVOw
1•eterm•19m ago•1 comments

Indie developers may save the video game industry from itself

https://www.freethink.com/consumer-tech/indie-game-development
2•mdp2021•24m ago•1 comments

The Monster-Slaying Game You Can Play Almost Anywhere

https://www.nytimes.com/2025/05/21/arts/play-doom-ports.html
1•sanj•27m ago•1 comments

Buying a Robot Cat and Falling into the Weird World of Animal-Robot Research

https://thereader.mitpress.mit.edu/the-weird-world-of-animal-robot-research/
2•EA-3167•28m ago•1 comments

'It was so unreal': Norwegian man wakes to cargo ship in his garden

https://www.theguardian.com/world/2025/may/22/it-was-so-unreal-norwegian-man-wakes-to-cargo-ship-in-his-garden
1•zeristor•28m ago•0 comments

ErlangSwitchboard

https://github.com/DavidLiedle/ErlangSwitchboard
1•DavidCanHelp•31m ago•0 comments

Simple wildcard DNS lookup script

https://gist.github.com/jgbrwn/7dd4b262c544f750cb0291161b2ecd7e
1•indigodaddy•32m ago•0 comments

Management = Bullshit (LLM Edition)

http://funcall.blogspot.com/2025/05/management-bullshit.html
1•dxs•32m ago•0 comments

Sketchy Calendar

https://www.inkandswitch.com/ink/notes/sketchy-calendar/
2•surprisetalk•34m ago•0 comments

Image of dead 'white farmers' came from Reuters footage in Congo

https://www.reuters.com/world/africa/trumps-image-dead-white-farmers-came-reuters-footage-congo-not-south-africa-2025-05-22/
8•petethomas•35m ago•3 comments

32 Bits That Changed Microprocessor Design

https://spectrum.ieee.org/bellmac-32-ieee-milestone
2•mdp2021•35m ago•0 comments

Zurich Airport found a smart new way to squeeze out more solar power

https://electrek.co/2025/05/22/zurich-airport-solar-power/
4•gnabgib•38m ago•2 comments

Verizon asks for an end to its phone unlocking requirements

https://www.lightreading.com/smartphones-devices/verizon-asks-for-an-end-to-its-phone-unlocking-requirements
3•pseudolus•38m ago•0 comments

Common antidepressants could help the immune system fight cancer

https://newsroom.ucla.edu/stories/antidepressants-could-help-immune-system-fight-cancer-ucla-study-finds
1•hackernj•41m ago•0 comments

Which Way Round – test your ability to follow object rotations

https://www.luduxia.com/whichwayround/
2•fidotron•42m ago•0 comments

14k years ago most powerful solar storm ever recorded hit Earth

https://www.space.com/astronomy/sun/14-000-years-ago-the-most-powerful-solar-storm-ever-recorded-hit-earth-this-event-establishes-a-new-worst-case-scenario
2•bookofjoe•45m ago•0 comments

Show HN: MerchantIQ – Al for eCommerce conversions and support

https://www.merchantiq.ai
1•Pushpendra121•45m ago•0 comments

Hydra: Vehicles on the island – 'After the works they abandon them here'

https://en.protothema.gr/2025/05/19/hydra-see-photos-of-vehicles-on-the-island-after-the-works-they-abandon-them-here-say-residents/
1•gnabgib•47m ago•0 comments

Stop Flirting with Me Just Because I'm Breathing

https://malusokay.substack.com/p/stop-flirting-with-me-just-because
4•nivethan•50m ago•0 comments

Ask HN: Giving public access to banking system for test?

1•Lopsii•52m ago•0 comments