frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

"Slippery Zips and Sticky Tar-Pits" from Python's Security Dev Seth Larson [pdf]

https://alpha-omega.dev/wp-content/uploads/sites/22/2025/10/ao_wp_102725a.pdf
2•AlSweigart•1h ago

Comments

AlSweigart•1h ago
The Python Software Foundation Security Developer-in-Residence, Seth Larson, published a new white paper with Alpha-Omega titled "Slippery ZIPs and Sticky tar-pits: Security & Archives" about work to remediate 10 vulnerabilities affecting common archive format implementations such as ZIP and tar for critical Python projects.

PDF link: https://alpha-omega.dev/wp-content/uploads/sites/22/2025/10/...

PSF Blog: https://pyfound.blogspot.com/2025/10/slippery-zips-and-stick...

Alpha-Omega.dev: https://alpha-omega.dev/blog/slippery-zips-and-sticky-tar-pi...

Ask HN: Typical tech job interview in late 2025?

1•dakiol•2m ago•0 comments

Valve Announces Steam Machine

https://store.steampowered.com/hardware/steammachine
1•metayrnc•2m ago•0 comments

The Overly Humble Programmer

https://jimmyhmiller.com/overly-humble-programmer
2•tobr•3m ago•0 comments

As 'Dorian Gray' ages, its relevance only grows

https://www.washingtonpost.com/books/2025/11/08/dorian-gray-oscar-wilde-history/
2•apollinaire•4m ago•0 comments

Is your electric bill going up? AI is partly to blame

https://www.npr.org/2025/11/06/nx-s1-5597971/electricity-bills-utilities-ai
2•ilamont•5m ago•0 comments

Ryanair tries forcing app downloads by eliminating paper boarding passes

https://arstechnica.com/gadgets/2025/11/ryanair-tries-forcing-app-downloads-by-eliminating-paper-...
3•sipofwater•5m ago•0 comments

Train On Your Groupchat: LoRA and in-browser inference to fine-tune your friends

https://www.brimtown.com/train-on-your-groupchat
1•brimtown•5m ago•0 comments

When Builders Became Bullies

https://blog.con.rs/2025/11/12/when-builders-became-bullies.html
1•conrs•6m ago•1 comments

Bark Air FAQ

https://air.bark.co/pages/faq
1•mooreds•8m ago•0 comments

Understanding high-entropy random number generation

http://memosisland.blogspot.com/2025/11/leymosun-high-entropy-randomness.html
1•northlondoner•9m ago•1 comments

How Should Shareholders Vote?

https://www.bloomberg.com/opinion/newsletters/2025-11-12/how-should-shareholders-vote
1•ioblomov•10m ago•0 comments

Looking for Hidden Gems in Scientific Literature

https://elicit.com/blog/literature-based-discovery
1•ravenical•11m ago•0 comments

I Sued my landlord and maybe you should too

https://medium.com/@brendan.salisbury/i-sued-my-landlord-maybe-you-should-too-af7fc938c530
1•hprotagonist•13m ago•0 comments

You won't believe the excuses lawyers have after getting busted for using AI

https://arstechnica.com/tech-policy/2025/11/lawyers-keep-giving-weak-sauce-excuses-for-fake-ai-ci...
1•sipofwater•16m ago•0 comments

Reproachfully Presenting Resilient Recursive Descent Parsing

https://thunderseethe.dev/posts/parser-base/
2•adamch•18m ago•0 comments

From ExoPlayer2 to Media3: Lessons from a Full Playback Rewrite

https://www.patreon.com/posts/from-exoplayer2-to-media3-143429708
1•patreon-eng•19m ago•1 comments

Our first look at the Steam Machine, Valve's ambitious new game console

https://www.theverge.com/tech/818111/valve-steam-machine-hands-on-preview-specs-announcement
1•DavideNL•20m ago•1 comments

Show HN: ShellDash – Browser server dashboard with SSH and globe monitoring

https://shelldash.com
1•mannders•20m ago•0 comments

The Marines and Tet: The Battle That Changed the Vietnam War

https://newseumed.org/tools/artifact/marines-and-tet-battle-changed-vietnam-war
1•gmays•20m ago•0 comments

More Synthetic, Functional Phages

https://www.pnas.org/doi/10.1073/pnas.2523871122
1•ahessel•20m ago•1 comments

GPT-5.1: A smarter, more conversational ChatGPT

https://openai.com/index/gpt-5-1/
61•tedsanders•20m ago•63 comments

Show HN: HumaLab – The Intelligence Validation Platform

https://humalab.ai/
1•juhgiyo•21m ago•0 comments

X goes down with a security 'Yubikey' error affecting Twitter users

https://www.windowscentral.com/software-apps/live/x-goes-down-hard-with-a-security-yubikey-error-...
6•mfiguiere•22m ago•0 comments

A Domain for the Queer Community, by the Queer Community

https://www.dotmeow.org/en/what
1•birdculture•23m ago•0 comments

Soft Exosuit Based on Fabric Muscle to Assist Shoulder Joint Movements

https://ieeexplore.ieee.org/document/11177570
2•PaulHoule•24m ago•0 comments

Research on AI Mental Health

https://www.talktoash.com/posts/connection-hope-and-real-progress-findings-from-our-first-real-wo...
1•neilparikh11•24m ago•1 comments

A tiny probabilistic programming language in Gleam

https://a5s.eu/blog/gleam-ppl/
1•crowdhailer•25m ago•0 comments

Infinite scale: The architecture behind the Azure AI superfactory

https://blogs.microsoft.com/blog/2025/11/12/infinite-scale-the-architecture-behind-the-azure-ai-s...
1•aprdm•27m ago•0 comments

Windows president says platform is evolving into an agentic OS

https://www.windowscentral.com/microsoft/windows-11/windows-president-confirms-os-will-become-ai-...
2•ryandrake•27m ago•3 comments

Synthetic Genomics is a BOOM in waiting

https://supernaturalselection.substack.com/p/life-is-a-program-that-continuously
1•ahessel•27m ago•0 comments