frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Turn-Based Structural Triggers: Prompt-Free Backdoors in Multi-Turn LLMs

https://arxiv.org/abs/2601.14340
1•PaulHoule•12s ago•0 comments

Show HN: AI Agent Tool That Keeps You in the Loop

https://github.com/dshearer/misatay
1•dshearer•1m ago•0 comments

Why Every R Package Wrapping External Tools Needs a Sitrep() Function

https://drmowinckels.io/blog/2026/sitrep-functions/
1•todsacerdoti•1m ago•0 comments

Achieving Ultra-Fast AI Chat Widgets

https://www.cjroth.com/blog/2026-02-06-chat-widgets
1•thoughtfulchris•3m ago•0 comments

Show HN: Runtime Fence – Kill switch for AI agents

https://github.com/RunTimeAdmin/ai-agent-killswitch
1•ccie14019•6m ago•1 comments

Researchers surprised by the brain benefits of cannabis usage in adults over 40

https://nypost.com/2026/02/07/health/cannabis-may-benefit-aging-brains-study-finds/
1•SirLJ•7m ago•0 comments

Peter Thiel warns the Antichrist, apocalypse linked to the 'end of modernity'

https://fortune.com/2026/02/04/peter-thiel-antichrist-greta-thunberg-end-of-modernity-billionaires/
1•randycupertino•8m ago•2 comments

USS Preble Used Helios Laser to Zap Four Drones in Expanding Testing

https://www.twz.com/sea/uss-preble-used-helios-laser-to-zap-four-drones-in-expanding-testing
2•breve•13m ago•0 comments

Show HN: Animated beach scene, made with CSS

https://ahmed-machine.github.io/beach-scene/
1•ahmedoo•14m ago•0 comments

An update on unredacting select Epstein files – DBC12.pdf liberated

https://neosmart.net/blog/efta00400459-has-been-cracked-dbc12-pdf-liberated/
1•ks2048•14m ago•0 comments

Was going to share my work

1•hiddenarchitect•18m ago•0 comments

Pitchfork: A devilishly good process manager for developers

https://pitchfork.jdx.dev/
1•ahamez•18m ago•0 comments

You Are Here

https://brooker.co.za/blog/2026/02/07/you-are-here.html
3•mltvc•22m ago•0 comments

Why social apps need to become proactive, not reactive

https://www.heyflare.app/blog/from-reactive-to-proactive-how-ai-agents-will-reshape-social-apps
1•JoanMDuarte•23m ago•1 comments

How patient are AI scrapers, anyway? – Random Thoughts

https://lars.ingebrigtsen.no/2026/02/07/how-patient-are-ai-scrapers-anyway/
1•samtrack2019•23m ago•0 comments

Vouch: A contributor trust management system

https://github.com/mitchellh/vouch
2•SchwKatze•23m ago•0 comments

I built a terminal monitoring app and custom firmware for a clock with Claude

https://duggan.ie/posts/i-built-a-terminal-monitoring-app-and-custom-firmware-for-a-desktop-clock...
1•duggan•24m ago•0 comments

Tiny C Compiler

https://bellard.org/tcc/
1•guerrilla•26m ago•0 comments

Y Combinator Founder Organizes 'March for Billionaires'

https://mlq.ai/news/ai-startup-founder-organizes-march-for-billionaires-protest-against-californi...
1•hidden80•26m ago•2 comments

Ask HN: Need feedback on the idea I'm working on

1•Yogender78•27m ago•0 comments

OpenClaw Addresses Security Risks

https://thebiggish.com/news/openclaw-s-security-flaws-expose-enterprise-risk-22-of-deployments-un...
2•vedantnair•27m ago•0 comments

Apple finalizes Gemini / Siri deal

https://www.engadget.com/ai/apple-reportedly-plans-to-reveal-its-gemini-powered-siri-in-february-...
1•vedantnair•28m ago•0 comments

Italy Railways Sabotaged

https://www.bbc.co.uk/news/articles/czr4rx04xjpo
6•vedantnair•28m ago•2 comments

Emacs-tramp-RPC: high-performance TRAMP back end using MsgPack-RPC

https://github.com/ArthurHeymans/emacs-tramp-rpc
1•fanf2•29m ago•0 comments

Nintendo Wii Themed Portfolio

https://akiraux.vercel.app/
2•s4074433•34m ago•2 comments

"There must be something like the opposite of suicide "

https://post.substack.com/p/there-must-be-something-like-the
1•rbanffy•36m ago•0 comments

Ask HN: Why doesn't Netflix add a “Theater Mode” that recreates the worst parts?

2•amichail•37m ago•0 comments

Show HN: Engineering Perception with Combinatorial Memetics

1•alan_sass•43m ago•2 comments

Show HN: Steam Daily – A Wordle-like daily puzzle game for Steam fans

https://steamdaily.xyz
1•itshellboy•45m ago•0 comments

The Anthropic Hive Mind

https://steve-yegge.medium.com/the-anthropic-hive-mind-d01f768f3d7b
2•spenvo•45m ago•0 comments
Open in hackernews

Mass phishing emails pretending to be Y Combinator right now

65•Tremeschin•4mo ago
Just received quite a smart phishing email/notification coming from "GitHub" by a user created less than a week ago (1) which is currently creating multiple issues a minute tagging many random usernames in a repository (2) with a "ycombinatornotify" app (3). The usual - asking to verify wallets, deposit for authorization as I've been selected for funding, etc. All issues contains the content of the email received, so I'll not paste them here (they're gone, but still, a bad idea to paste it).

- (3m in) They seem to have been rate limited or reached a target of 500 issues

- (5m in) Repository was just taken down, hope they automate back a warning

- They have typo-squatted the "y-comb[l]nator [dot] com" domain (with hyphen and L)

Quite urgent actions are needed to stop it, or warn the affected. Will update the submission with more information as time goes.

- [1]: https://github.com/ycombinato/

- [2]: https://github.com/ycombinato/rorg/

- [3]: https://github.com/apps/ycombinatornotify

Comments

rolph•4mo ago
you should email hn@ycombinator.com attn: Dang
tomhow•4mo ago
Thanks, but it's a YC security issue not an HN/dang issue – security@ycombinator.com!
rolph•4mo ago
it seems that i have very recently aquired some new links in my footer, one of them is what your mentioning.

either its something i have changed on this particular agent, somthing changed on HN, or a newly aquired feat due to accumulated X.P.

thanx for pointing at it.

gnabgib•4mo ago
Security's been in the footer for ages (as you can perhaps tell from the log), and it's visible without being logged in (0 karma)
rolph•4mo ago
ah so its just some tweaking of the filtering at my side.
Bender•4mo ago
Be sure to email this to Daniel dang hn@ycombinator.com and flag the email as high priority. Be sure to include all the email headers.

Also report it to github [1] and the Feds [2] in the off chance someone takes it seriously. Be sure to include all the email headers here too.

[1] - https://docs.github.com/en/communities/maintaining-your-safe...

[2] - https://www.ic3.gov/

Tremeschin•4mo ago
Thanks! Just wrote them a warning and forwared the original message.
tomhow•4mo ago
Thanks, but it's a YC security issue not an HN/dang issue – security@ycombinator.com!
tomhow•4mo ago
Thanks, we're getting a lot of emails about this to hn@ycombinator.com.

The best email address for anything like this is security@ycombinator.com, as they handle security issues for all of YC, including applications.

Thanks everyone for letting us know about this.

Tremeschin•4mo ago
And another round of mass user tagging at a 'gitcoin-org' username, same message vibe, stopped at 500 issues. This is now a GitHub's duty I assume. Potentially more, I see a couple different names on r/github. Yup, via https://github.com/orgs/community/discussions/174283
DaxSudo•4mo ago
Yea I just saw this notif on my GH app.
domdfcoding•4mo ago
Still at it with a different repo and app that hasn't (yet) been nuked, but I have reported to GitHub.
domdfcoding•4mo ago
The repo, the app, and the user account behind each have now all been nuked by GitHub.
om8•4mo ago
Also got it, found this thread by googling "ycombiinator"
aanet•4mo ago
I also received the notification / phishing attack.

Have reported it to Github

WeMoveOn•4mo ago
I just got it a few mins ago
tfarias•4mo ago
I got it too from yccombinator/-notification. They keep trying with different account/repo names.
gbrayut•4mo ago
Worth reporting the phishing domain(s) so they can potentially be red-banned https://safebrowsing.google.com/safebrowsing/report_phish/
mulka•4mo ago
Done :-)
mulka•4mo ago
Stil active repo with issues: https://github.com/ycommbbinator/-co/issues
wonger_•4mo ago
How will this kind of attack be prevented in the future?
its-all-waves•4mo ago
Add "ycombinatoor" to the list
muhuk•4mo ago
Also `ycombbinator/-co`
britta•4mo ago
For anyone at GitHub looking at this thread: please update your documentation page about how to report abuse (https://docs.github.com/en/communities/maintaining-your-safe...). I tried to follow the instructions, but I ran into a bunch of dead ends that slowed me down - I couldn't find the report abuse buttons for issues, comments, or repositories, only for the user profile page. I'm on Chrome on a Mac laptop, logged into GitHub.

Also, on the report abuse page that I got to from the user profile page, the green submit button is nearly hidden by the grey footer, even when I scroll the page around and complete the captcha.

yb0000•4mo ago
I almost thought it was real, since I’ve never received an actual email from YC. Can anyone share how to apply to YC and what the notification process looks like if you’re selected?
e1g•4mo ago
To remove resulting notifications, see instructions here https://github.com/orgs/community/discussions/174283#discuss...

These spam repositories have been deleted, but I still had lingering notifications stuck on GitHub, and I couldn't see them in the UI to remove them (but the small blue notification dot was constantly on). The API hack resolved this problem.

jakesomething•4mo ago
Came here looking for this. Thank you - removed the annoying blue notification now.
sdpy•4mo ago
I've received it from ycoommbinator/-co
shakibamoshiri•4mo ago
Got it this morning both mail INBOX and Github notif
mavdotj•4mo ago
Just got one a minute ago from ycombinator-notify/ycombinator and a bot named mail-notifaction-automatic
rossant•4mo ago
Also got it. Redirects to https://y-comblnator.com/apply which is still live. CAREFUL this is a scam.