frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Better-auth account takeover (CVE-2025-61928) found via ZeroPath

https://zeropath.com/blog/breaking-authentication-unauthenticated-api-key-creation-in-better-auth-cve-2025-61928
6•etlun•2h ago

Comments

etlun•2h ago
Author here, we found it while building & documenting automated dependency assessment workflows for ZeroPath recently. Better-Auth made for a good test case given its popularity (300K weekly downloads).

The vulnerability is a logic error in how the API keys plugin determines user context when a userId is specified. Fix is in version 1.3.26. This is the kind of business logic flaw that traditional dependency vetting (stars, existing CVEs, reputation) doesn't catch. We're working on tooling to make these audits more practical at scale.

adarsharma•1h ago
this is actually so cool
rkusr•7m ago
Interesting, wonder how long this has been latent for

A New Challenge for China's Economy: 'Involution'

https://www.wsj.com/world/china/a-new-challenge-for-chinas-economy-involution-419500f1
1•mudil•10s ago•0 comments

The Scientific Mind of Leonardo da Vinci – With Martin Kemp [video]

https://www.youtube.com/watch?v=TlJ-FpVlgVI
1•jlg23•20s ago•0 comments

Nvidia and TSMC Celebrate First Nvidia Blackwell Wafer Produced in the US

https://blogs.nvidia.com/blog/tsmc-blackwell-manufacturing/
1•jonbaer•47s ago•0 comments

Andrej Karpathy: How I Use LLMs [video]

https://www.youtube.com/watch?v=EWvNQjAaOHw
1•behnamoh•48s ago•0 comments

Becoming AI-first: Lessons from 100s of conversations on building AI products

https://www.ashpreetbedi.com/articles/becoming-ai-first
2•bediashpreet•1m ago•0 comments

Industries being killed by millennials (2018)

https://www.the-independent.com/life-style/millennials-industry-casual-dining-weddings-beer-razor...
1•LouisLazaris•2m ago•0 comments

Speeding up C++ functions with a thread_local cache

https://lemire.me/blog/2025/10/19/speeding-up-c-functions-with-a-thread_local-cache/
1•jjgreen•4m ago•0 comments

Something from "space" may have just struck a United Airlines flight over Utah

https://arstechnica.com/space/2025/10/something-from-space-may-have-just-struck-a-united-airlines...
2•corvad•6m ago•1 comments

Après Moi, Le Déluge

https://en.wikipedia.org/wiki/Apr%C3%A8s_moi,_le_d%C3%A9luge
1•danielschreber•10m ago•0 comments

What Problem Is RAG Solving?

https://www.gojiberries.io/what-problem-is-traditional-rag-solving/
1•neehao•11m ago•0 comments

Liver fat, not weight, predicts health risks in obese children

https://medicalxpress.com/news/2025-09-liver-fat-weight-health-obese.html
2•PaulHoule•11m ago•0 comments

Show HN: Interactive Stress Toy

https://bigjobby.com/pendulum/
1•FatMike•14m ago•0 comments

Inside The Republican network behind big soda's bid to pit Maga against Maha

https://www.theguardian.com/us-news/2025/oct/19/inside-the-republican-network-behind-big-sodas-bi...
9•CrypticShift•19m ago•0 comments

AT Protocol alternatives to popular social media platforms

https://aternative.to/
1•Kye•21m ago•0 comments

We empower communities and nations around the world to map the electrical grid

https://MapYourGrid.org/
1•edward•28m ago•0 comments

AI-powered security engineers and source code scanners

https://joshua.hu/retrospective-zeropath-ai-sast-source-code-security-scanners-vulnerability
1•ingve•28m ago•0 comments

Big trouble if AI and crypto aren't bubbles

https://www.abc.net.au/news/2025-10-20/ai-crypto-bubbles-speculative-mania/105884508
1•chris1993•29m ago•0 comments

Show HN: 18yo first iOS app: blocks distracting apps and unlocks with QR/barcode

https://apps.apple.com/us/app/recode-screen-time-control/id6752352978
10•alhart•31m ago•1 comments

Timing of High-Fat Diets Affects Weight

https://www.medscape.com/viewarticle/timing-high-fat-diets-affects-weight-mouse-study-shows-2025a...
1•wjb3•32m ago•2 comments

What self-hosting advice do you wish you knew earlier?

https://old.reddit.com/r/selfhosted/comments/1o8fpq6/what_selfhosting_advice_do_you_wish_you_knew/
1•sipofwater•32m ago•0 comments

Improving Character Is Easier Than Improving IQ

https://www.robkhenderson.com/p/improving-character-is-easier-than
1•paulpauper•35m ago•0 comments

Yes, I Wrote a Secret Book for Children

https://www.honest-broker.com/p/yes-i-wrote-a-secret-book-for-children
1•paulpauper•35m ago•0 comments

Goodbye, for Now

https://superbowl.substack.com/p/goodbye-for-now
1•paulpauper•35m ago•0 comments

Show HN: Adverse Media Risk API – AI-Powered JSON Profiles for KYC/KYB

https://www.satyapan.xyz/static/adverse-media-api-launch.html
1•mannuiitd•36m ago•0 comments

Git Forges

https://wincent.dev/blog/forges
1•sizediterable•40m ago•0 comments

Show HN: Dashboard tracking which sources Perplexity uses

https://geo-optimization.researchly.at
1•leo_researchly•41m ago•0 comments

Bible and Quran apps flagged NSFW by F-Droid

https://forum.f-droid.org/t/nsfw-flag-incorrectly-added-to-bible-and-quran-apps/33401
32•jtlebigot•41m ago•25 comments

Ibuprofen May Have Anti-Cancer Properties

https://www.sciencealert.com/a-common-pain-relief-drug-may-have-anti-cancer-properties
1•Gaishan•42m ago•0 comments

Human Space Exploration: The Next 50 Years by Michael D. Griffin (2007)

https://web.archive.org/web/20210115153133/https://aviationweek.typepad.com/space/2007/03/human_s...
1•rbanffy•45m ago•0 comments

Electrostatic charges pull roundworms through air to its insect targets

https://www.science.org/content/article/bull-s-eye-static-electricity-pulls-worm-through-air-its-...
2•Gaishan•46m ago•0 comments