frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Client-Side Path Traversal: Exploiting CSRF in Header-Based Auth Scenarios

https://blog.kulkan.com/client-side-path-traversal-exploiting-csrf-in-header-based-auth-scenarios-31c26a1baece
1•laserspeed•2h ago

Comments

laserspeed•2h ago
In this detailed blog post, Lucas Cebrero Lell walks us through CSPT vulnerabilities and how valuable they are in order to exploit CSRF in apps which have moved away from the typical auth Cookies. There's also a Lab available in github based on React and Node which serves as a sample vulnerable app to try and exploit CSPT.

The AI Industry's Scaling Obsession Is Headed for a Cliff

https://www.wired.com/story/the-ai-industrys-scaling-obsession-is-headed-for-a-cliff/
1•danaris•2m ago•0 comments

Go Subtleties You May Not Know

https://harrisoncramer.me/15-go-sublteties-you-may-not-already-know/
1•rbanffy•7m ago•0 comments

China Has Overtaken America – Paul Krugman

https://paulkrugman.substack.com/p/china-has-overtaken-america
3•rbanffy•9m ago•0 comments

US out of 10 most powerful passports list for first time in 20 years

https://www.theguardian.com/us-news/2025/oct/15/most-powerful-passports-world-list
1•mitchbob•10m ago•1 comments

Apple and Google Warn: Texas Age Verification Law Destroys Privacy [video]

https://www.youtube.com/watch?v=jP-kqEHirTM
1•technojunkie•11m ago•1 comments

Cheap DIY solar fence design

https://joeyh.name/blog/entry/cheap_DIY_solar_fence_design/
1•kamaraju•13m ago•0 comments

Automating HTB Exploits: LLM-Driven N8n Agent's Hacking Ability

https://luciuswayne.com/blog/automating-hack-the-box-with-llm-n8n-agent/
1•Vandolin•14m ago•1 comments

A Simple Way to Know When the Economy's About to Turn

https://writings.alethia.news/the-biggest-piece-of-the-recession-puzzle/
1•truelson•14m ago•1 comments

Dynamic Levels of Detail in Evolve

https://www.evolvebenchmark.com/blog-posts/dynamic-levels-of-detail-in-evolve
1•ibobev•14m ago•0 comments

Real-Time Rendering with JPEG-Compressed Textures

https://github.com/elias1518693/jpeg_textures
1•ibobev•15m ago•0 comments

My First Months in Cyberspace

https://www.gyford.com/phil/writing/2025/10/15/1995-internet/
1•edent•15m ago•0 comments

Recommended resources for growing in game development

https://owlcat.games/learninga
1•ibobev•15m ago•0 comments

Amazon is planning a new wave of layoffs, sources say

https://fortune.com/2025/10/14/amazon-layoffs-pxt-hr-andy-jassy/
5•rainhacker•16m ago•0 comments

Bits-per-Byte (BPB): a tokenizer-agnostic way to measure LLMs

https://dipkumar.dev/posts/llm/bits-per-byte/
1•immortal3•18m ago•0 comments

Amp Free, Agentic coding is now free for everyone.

https://ampcode.com/free
3•nwjsmith•19m ago•0 comments

Chinese National Who Deployed KillSwitch Code on Empl Network Sentenced to 4 Yrs

https://www.justice.gov/opa/pr/chinese-national-who-deployed-kill-switch-code-employers-network-s...
1•737min•22m ago•0 comments

Grow your Reddit authority with helpful replies!

https://reddinbox.com
1•eletopp•28m ago•0 comments

Show HN: Genesis DB is now officially listed on dbdb.io

https://dbdb.io/db/genesis-db
1•patriceckhart•29m ago•0 comments

EU to propose short-term rental rules to tackle social crisis in housing

https://www.theguardian.com/world/2025/oct/15/eu-executive-short-term-rental-rules-affordable-hou...
2•hansmayer•31m ago•0 comments

A Gemma model helped discover a new potential cancer therapy pathway

https://blog.google/technology/ai/google-gemma-ai-cancer-therapy-discovery/
3•alexcos•32m ago•0 comments

The problem with LLMs isn't hallucination, it's context specific confidence

https://www.signalfire.com/blog/llm-hallucinations-arent-bugs
3•kerwioru9238492•33m ago•1 comments

Kong Releases Volcano, an MCP-Native SDK for Building AI Agents

https://thenewstack.io/kong-releases-volcano-an-mcp-native-sdk-for-building-ai-agents/
1•fosk•34m ago•0 comments

A JavaScript engine written in Zig

https://codeberg.org/kiesel-js/kiesel
2•cod1r•35m ago•0 comments

I am sorry, but everyone is getting syntax highlighting wrong

https://tonsky.me/blog/syntax-highlighting/
8•robenkleene•36m ago•2 comments

Since Katrina, infrastructure shortcomings create resiliency fatigue

https://lailluminator.com/2025/08/26/katrina-resiliency/
3•mooreds•38m ago•0 comments

We're Securing the AI Frontier

https://blog.google/technology/safety-security/ai-security-frontier-strategy-tools/
1•mooreds•39m ago•0 comments

Cat

https://www.getty.edu/art/collection/object/1DSBYM
2•mooreds•41m ago•0 comments

Blocked bays and failed handshakes: many 'online' EV chargers are unusable

https://theconversation.com/blocked-bays-and-failed-handshakes-many-public-ev-chargers-are-unusab...
4•gnabgib•41m ago•0 comments

YouTube appears to be making some old videos with low views inaccessible

https://old.reddit.com/r/DataHoarder/comments/1o6t6yy/youtube_either_by_human_error_or_otherwise_...
3•hexage1814•42m ago•0 comments

Detailed look at the rare Lego MRI scanner

https://jaysbrickblog.com/news/detailed-look-at-the-rare-lego-mri-scanner-4000041-set-instruction...
2•madaxe_again•43m ago•0 comments