news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Sudo local privilege escalation vulnerabilities fixed

https://www.helpnetsecurity.com/2025/07/01/sudo-local-privilege-escalation-vulnerabilities-fixed-cve-2025-32462-cve-2025-32463/

7•maxloh•5h ago

Comments

baobun•2h ago

CVE-2025-32463 looks bad. Systems with sudo versions 1.9.14 to 1.9.17 and support for /etc/nsswitch.conf (that's most modern dists) allow users not even in sudoers to acquire root by sudo --chroot on a chroot they can write into.

https://seclists.org/oss-sec/2025/q2/288

The --chroot flag is now deprecated. I guess there must be a few build systems affected by that.

BTW is the CSS on TFA making the text unreadably low contrast for others too?

Readable: https://www.stratascale.com/vulnerability-alert-CVE-2025-324...

Apple

https://www.apple.com/

1•behnamoh•42s ago•0 comments

Radxa Unveils Intel N150 SoM and Carrier Board Supporting Six M.2 or U.2 Slots

https://linuxgizmos.com/radxa-unveils-intel-n150-som-and-carrier-board-with-dual-ethernet-and-support-for-six-m-2-or-u-2-devices/

1•chsum•3m ago•0 comments

The "Michael Angelakos Is Passion Pit" Residencies

https://passionpitmusic.substack.com/p/on-the-michael-angelakos-is-passion

1•JojoFatsani•7m ago•0 comments

Clamp / Median / Range

https://dotat.at/@/2025-07-02-cmp.html

2•Bogdanp•9m ago•0 comments

America's Mobile Security Crisis: It's Time for a Secure, Private Alternative

https://puri.sm/posts/americas-mobile-security-crisis-why-its-time-for-a-secure-private-alternative/

5•jethronethro•18m ago•1 comments

Hi, I'm founder. I have 20 domains and a dozen Supabase accounts and earned zero

https://www.dontbuildthat.com/landing

1•dropkick_koala•24m ago•1 comments

RFK Jr.'s health department calls Nature "junk science," cancels subscriptions

https://arstechnica.com/health/2025/07/rfk-jr-s-health-department-calls-nature-junk-science-cancels-subscriptions/

24•duxup•26m ago•6 comments

The Path to Medical Superintelligence

https://microsoft.ai/new/the-path-to-medical-superintelligence/

1•jonbaer•33m ago•0 comments

State of the Spack community: the Road to Version 1.0 [video]

https://indico.fnal.gov/event/69557/

1•teleforce•35m ago•0 comments

Product-Market Fit Is Retrospective Fiction

https://www.thebrokevc.com/p/product-market-fit-is-retrospective-fiction-7c36

2•joanwestenberg•36m ago•0 comments

People are using AI to 'sit' with them while they trip on psychedelics

https://www.technologyreview.com/2025/07/01/1119513/ai-sit-trip-psychedelics/

2•pseudolus•41m ago•0 comments

The Hamburger Menu Is No Longer a Hamburger Menu

https://www.datagubbe.se/dimburger/

5•zdw•43m ago•0 comments

Does education increase intelligence and does it matter? (2024)

https://theinfinitesimal.substack.com/p/does-education-increase-intelligence

1•johntfella•43m ago•0 comments

Hot acetic acid enables full recycling of carbon fiber composite materials

https://phys.org/news/2025-06-hot-acetic-acid-enables-full.html

2•PaulHoule•45m ago•0 comments

The End of the Arctic? Ocean Could Be Ice Free by 2015

https://www.thedailybeast.com/the-end-of-the-arctic-ocean-could-be-ice-free-by-2015/

1•bilsbie•49m ago•0 comments

Castlevania: Symphony of the Night Decompilation Project

https://sotn.xee.dev/

2•retro_guy•52m ago•1 comments

Young Americans Are Spending a Whole Lot Less on Video Games This Year

https://www.gamespot.com/articles/young-americans-are-spending-a-whole-lot-less-on-video-games-this-year/1100-6532877/

4•andsoitis•56m ago•0 comments

Benchmark for Evaluating Text Embeddings

https://huggingface.co/spaces/embedding-benchmark/RTEB

2•fzliu•57m ago•0 comments

Celebrating love in all its forms across identities and relationships

https://childrensbookforall.org/readings/16

1•chbkall•1h ago•1 comments

Qantas customers involved in mammoth data breach

https://www.news.com.au/travel/travel-updates/incidents/qantas-customers-involved-in-mammoth-data-breach

1•aussieguy1234•1h ago•1 comments

New claim added: X opens up to Community Notes written by AI bots

https://www.theverge.com/news/696210/x-community-notes-ai-note-writers

3•bundie•1h ago•0 comments

HTTP: H Is for Hallucinated

https://www.jasonthorsness.com/28

1•jasonthorsness•1h ago•0 comments

The simple act of reading can be a crime in Malaysia. Here's why

https://www.rnz.co.nz/life/books/the-simple-act-of-reading-can-be-a-crime-in-malaysia-here-s-why

8•billybuckwheat•1h ago•0 comments

Hilbert's sixth problem: derivation of fluid equations via Boltzmann's theory

https://arxiv.org/abs/2503.01800

17•nsoonhui•1h ago•4 comments

Wider or Deeper? Scaling LLM Inference-Time Compute with Adaptive Tree Search

https://arxiv.org/abs/2503.04412

3•vrm•1h ago•0 comments

As wave of dementia cases looms, Law School looks to preserve elders’ rights

https://news.harvard.edu/gazette/story/2025/07/as-wave-of-dementia-cases-looms-law-school-looks-to-preserve-elders-rights/

2•gnabgib•1h ago•1 comments

Self-hostable AT Protocol backlink index that runs on a RPi 4

https://github.com/at-microcosm/links/tree/main/constellation

2•ffin•1h ago•0 comments

Cross-Device Flows: Security Best Current Practice

https://www.ietf.org/archive/id/draft-ietf-oauth-cross-device-security-10.html

3•mooreds•1h ago•0 comments

The Eiffel Tower is closed to tourists due to searing heat

https://www.cnn.com/2025/07/01/weather/europe-heat-wave-global-warming

1•mooreds•1h ago•0 comments

Dewdrop: A Java Event Sourcing Framework

https://dewdrop.events/

3•mooreds•1h ago•0 comments