frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

The Other Markov's Inequality

https://www.ethanepperly.com/index.php/2026/01/16/the-other-markovs-inequality/
1•tzury•1m ago•0 comments

The Cascading Effects of Repackaged APIs [pdf]

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6055034
1•Tejas_dmg•3m ago•0 comments

Lightweight and extensible compatibility layer between dataframe libraries

https://narwhals-dev.github.io/narwhals/
1•kermatt•6m ago•0 comments

Haskell for all: Beyond agentic coding

https://haskellforall.com/2026/02/beyond-agentic-coding
2•RebelPotato•9m ago•0 comments

Dorsey's Block cutting up to 10% of staff

https://www.reuters.com/business/dorseys-block-cutting-up-10-staff-bloomberg-news-reports-2026-02...
1•dev_tty01•12m ago•0 comments

Show HN: Freenet Lives – Real-Time Decentralized Apps at Scale [video]

https://www.youtube.com/watch?v=3SxNBz1VTE0
1•sanity•14m ago•1 comments

In the AI age, 'slow and steady' doesn't win

https://www.semafor.com/article/01/30/2026/in-the-ai-age-slow-and-steady-is-on-the-outs
1•mooreds•21m ago•1 comments

Administration won't let student deported to Honduras return

https://www.reuters.com/world/us/trump-administration-wont-let-student-deported-honduras-return-2...
1•petethomas•21m ago•0 comments

How were the NIST ECDSA curve parameters generated? (2023)

https://saweis.net/posts/nist-curve-seed-origins.html
2•mooreds•22m ago•0 comments

AI, networks and Mechanical Turks (2025)

https://www.ben-evans.com/benedictevans/2025/11/23/ai-networks-and-mechanical-turks
1•mooreds•22m ago•0 comments

Goto Considered Awesome [video]

https://www.youtube.com/watch?v=1UKVEUGEk6Y
1•linkdd•24m ago•0 comments

Show HN: I Built a Free AI LinkedIn Carousel Generator

https://carousel-ai.intellisell.ai/
1•troyethaniel•26m ago•0 comments

Implementing Auto Tiling with Just 5 Tiles

https://www.kyledunbar.dev/2026/02/05/Implementing-auto-tiling-with-just-5-tiles.html
1•todsacerdoti•27m ago•0 comments

Open Challange (Get all Universities involved

https://x.com/i/grok/share/3513b9001b8445e49e4795c93bcb1855
1•rwilliamspbgops•28m ago•0 comments

Apple Tried to Tamper Proof AirTag 2 Speakers – I Broke It [video]

https://www.youtube.com/watch?v=QLK6ixQpQsQ
2•gnabgib•30m ago•0 comments

Show HN: Isolating AI-generated code from human code | Vibe as a Code

https://www.npmjs.com/package/@gace/vaac
1•bstrama•31m ago•0 comments

Show HN: More beautiful and usable Hacker News

https://twitter.com/shivamhwp/status/2020125417995436090
3•shivamhwp•31m ago•0 comments

Toledo Derailment Rescue [video]

https://www.youtube.com/watch?v=wPHh5yHxkfU
1•samsolomon•34m ago•0 comments

War Department Cuts Ties with Harvard University

https://www.war.gov/News/News-Stories/Article/Article/4399812/war-department-cuts-ties-with-harva...
8•geox•37m ago•1 comments

Show HN: LocalGPT – A local-first AI assistant in Rust with persistent memory

https://github.com/localgpt-app/localgpt
2•yi_wang•38m ago•0 comments

A Bid-Based NFT Advertising Grid

https://bidsabillion.com/
1•chainbuilder•42m ago•1 comments

AI readability score for your documentation

https://docsalot.dev/tools/docsagent-score
1•fazkan•49m ago•0 comments

NASA Study: Non-Biologic Processes Don't Explain Mars Organics

https://science.nasa.gov/blogs/science-news/2026/02/06/nasa-study-non-biologic-processes-dont-ful...
2•bediger4000•52m ago•2 comments

I inhaled traffic fumes to find out where air pollution goes in my body

https://www.bbc.com/news/articles/c74w48d8epgo
2•dabinat•53m ago•0 comments

X said it would give $1M to a user who had previously shared racist posts

https://www.nbcnews.com/tech/internet/x-pays-1-million-prize-creator-history-racist-posts-rcna257768
6•doener•55m ago•1 comments

155M US land parcel boundaries

https://www.kaggle.com/datasets/landrecordsus/us-parcel-layer
2•tjwebbnorfolk•1h ago•0 comments

Private Inference

https://confer.to/blog/2026/01/private-inference/
2•jbegley•1h ago•1 comments

Font Rendering from First Principles

https://mccloskeybr.com/articles/font_rendering.html
1•krapp•1h ago•0 comments

Show HN: Seedance 2.0 AI video generator for creators and ecommerce

https://seedance-2.net
1•dallen97•1h ago•0 comments

Wally: A fun, reliable voice assistant in the shape of a penguin

https://github.com/JLW-7/Wally
2•PaulHoule•1h ago•0 comments
Open in hackernews

SMS phishers pivot to points, taxes, fake retailers

https://krebsonsecurity.com/2025/12/sms-phishers-pivot-to-points-taxes-fake-retailers/
51•todsacerdoti•2mo ago

Comments

s_kierkegaard•2mo ago
This type of stuff is diabolical for old folks who just weren't inoculated to these scams. I feel terrible for them. Get calls often asking me to help interpret.
SoftTalker•2mo ago
Keep it very simple: never give an SMS authentication code to anyone on a phone call, in response to a text message or email, or as part of any checkout or purchase. They are only to be used when logging in to an online account. Anything else is a scam.

Even that may be too complicated, now that I read it back.

asnyder•2mo ago
Unfortunately there are many companies that actually rely on SMS confirmation codes in real-time, which include reading it back to them.

A legitimate and generally well liked company, and its real helpful service representative used this method to verify my identify before they could finish their support effort.

rolph•2mo ago
yeah someone that gets paid a lot needs to talk to someone whos pay depends on implementing that IT consultants directives.

relaying security codes by voice is how the bad guys do it, dont train your users to think its normal.

its probably not a bright idea to have your phones camera pointed at your screen while 2FA-ing or password resetting, or else someone will watch you login, and will see your codes, and use automation to authenticate with your digits faster than you can move a cursor and click.

SoftTalker•2mo ago
Probably safe if you call them at a well-published number. If they call you, absolutely not.
bobbiechen•2mo ago
I got this interesting pair of messages from Schwab recently - not sure if any other companies do this

On login:

Schwab Watch out for scams. DON'T share this security code with anyone, EVEN IF THEY CLAIM to be from Schwab. Your code for online login is XXXXXX

And then on a later phone call with an agent:

Schwab: XXXXXX is your Schwab security code to confirm your identity with the agent.

This is a nice touch, though I'm not sure how much it would help in a real scam situation for say, my grandma.

toast0•2mo ago
> or as part of any checkout or purchase.

Hope you don't have to do 3D-Secure for a purchase, I guess.

SoftTalker•2mo ago
Never had to do more than CC# and 3-digit security code on the back for an online purchase.
Terr_•2mo ago
A few weeks ago I told them: "I will never be offended or hurt if you ask suspicious questions to check my identify if I suddenly need sketchy wire-transfers or a pile of Amazon gift cards."

Sometimes the best way to defang scams is to attack the social-factors and artificial-urgency they try to exploit.

In a similar vein, no legitimate institution should ever act punitively if you tell them that you're going to call them back through their official number/e-mail/site only.

adriand•2mo ago
I’m super cautious with these messages like I’m sure we all are but on Monday I ordered a printer from Amazon. They said it would arrive on Wednesday. On Wednesday I was working from home and I got a text from “Purolator” saying they’d tried to deliver my package and failed. Shit! I’d been listening to beats too loud to hear the knock on the door! I ran outside to see if the delivery guy was still on my street. No one was around…and then I realized, damn, they got me (to dash outside, anyway).

These things can fail 99.99% of the time but when they land on someone at just the right moment, it’s so easy to just go on autopilot and do the dumb thing.

SoftTalker•2mo ago
Yep when a scam randomly aligns with something you’re expecting it’s much easier to fall into the trap.
anitil•2mo ago
I had an issue on the toll payment device on my car, so I was expecting some 'pay now or you get a fine' message. I got one on my phone, but when I logged in directly to the toll company website my account was in the green. I was _so_ close to following the link I just got lucky that I prefer using my laptop for admin rather than my phone.
donmcronald•2mo ago
Anecdotally, I swear I see an increase in those messages when I have a package on the way. It seems like too much to be a coincidence.
zzyzxd•2mo ago
Exactly. Once I was connecting to my VPN in AWS and was totally prepared for 90% of the websites to throw human verification at me. Then a faked cloudflare one almost got me. It was 3AM and my brain was barely functioning. (it didn't work, only because it instructed me to run a PowerShell command and I was on macOS).
charcircuit•2mo ago
Why don't Google and Apple adopt passcodes to avoid this scam from working? Their operating systems already support passcodes.
ianburrell•2mo ago
What do you mean? How would passcodes help phishing?

The solution is passkeys, which prevent phishing and more secure than passwords. I like how they replace SMS codes. But they are a pain to use and not that many sites support them. Every site that does 2FA should support them.

charcircuit•2mo ago
Yes, I meant passkeys.
nharada•2mo ago
I think we're at the point where both phone and SMS are such insecure and easily spoofed channels that we should basically not be using them for anything related to business or money. Maybe even for communication, given how easily scammers can fake a loved ones voice and phone number.
toast0•2mo ago
The screenshots don't show spoofed SMS. Who is going to spoof a +212 or a +27 phone number when sending to the US. It's not that easy to get spoofed SMS to the US anymore. But it doesn't matter if sending from an international number works just fine. Same thing with email, but often worse ... DMARC makes it hard to spoof email, but most email clients only show sender name and not sender address, so it doesn't matter.

Phone call caller ID is getting harder to spoof, with stir/shaken, but I'm not sure that's fully rolled out either... and calls from a 'random' number still get answered, so spoofing isn't needed for normal scams.