news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Heap Overflow in FFmpeg EXIF

https://bugs.pwno.io/0014

26•retr0reg•1h ago

Comments

ComputerGuru•1h ago

Nice find.

(I don’t see what this being reported during the Christmas holidays has to do with not revealing the disclosure and patch timeline, a “note that delays should be attributed to Christmas” would have sufficed.)

rvz•44m ago

> Pwno is a AI cybersecurity startup...

We all know that LLMs were used to find these vulnerabilities, specifically on high impact projects. That's fine.

However, my only question is who actually provided the patch: The maintainers of FFmpeg? The LLM that is being used? Or the security researchers themselves after finding the issue?

It seems that these two statements about the issue are in conflict:

> We found and patched 6 memory vulnerabilities in FFmpeg in two days.

> Dec, 2025: avcodec/exif maintainer provided patch.

Show HN: Cistern, a macOS menu bar tool that shows CircleCI builds

https://github.com/atombender/cistern

1•atombender•40s ago•0 comments

MCP Chat Studio – A Postman-Like UI for Testing MCP Servers

https://github.com/JoeCastrom/mcp-chat-studio

1•JoeCastrom•1m ago•1 comments

The man taking over the Large Hadron Collider

https://www.theguardian.com/science/2025/dec/31/large-hadron-collider-head-of-cern-mark-thomson

1•naves•6m ago•0 comments

Cameras and Lenses

https://ciechanow.ski/cameras-and-lenses/

1•sebg•7m ago•0 comments

You Will Be OK

https://www.lesswrong.com/posts/fwQburGDyGoSSweT9/you-will-be-ok

2•sebg•9m ago•0 comments

No iPhone 18 Launch This Year

https://www.macrumors.com/2026/01/01/no-iphone-18-launch-this-year/

1•mfiguiere•10m ago•0 comments

Ask HN: Which cloud service to use for overpass API?

1•nasaeclipse•11m ago•0 comments

Meta enables chronological timelines in the Nederlands after court ruling

https://nltimes.nl/2026/01/01/meta-adjusts-facebook-instagram-timelines-court-ruling-changes-missing

1•giuliomagnifico•11m ago•0 comments

Ex_acv_fast review: "water" fasted 6 days, new record

https://www.exfatloss.com/p/ex_acv_fast-review-water-fasted-6

1•paulpauper•12m ago•0 comments

Taxation in a Strong AI World

https://marginalrevolution.com/marginalrevolution/2026/01/taxation-in-a-strong-ai-world.html

1•paulpauper•12m ago•0 comments

Decision Trees vs. Boosting: The One Expert vs. the Committee

https://mateolafalce.github.io/2026/Decision%20Trees%20vs.%20Boosting_%20The%20One%20Expert%20vs....

1•lafalce•13m ago•0 comments

Autism Hasn't Increased

https://marginalrevolution.com/marginalrevolution/2026/01/autism-hasnt-increased.html

2•paulpauper•13m ago•0 comments

Layoutz – Simple, beautiful CLI output for Haskell

https://flora.pm/packages/@hackage/layoutz

1•PaulHoule•14m ago•0 comments

Technology Is Culture

https://lemire.me/blog/2026/01/01/technology-is-culture/

1•zdw•14m ago•0 comments

Show HN: Handsom.ai – Vibe coding sites you don't have to rebuild

https://handsom.ai/blog/making-vibe-coding-reliable

1•justinThompson•15m ago•0 comments

AI Shifts Expectations for Entry Level Jobs

https://spectrum.ieee.org/ai-effect-entry-level-jobs

1•gmays•16m ago•0 comments

Brain – The Hallucinating Chemist: From Synapse to Self

https://govindchavada.substack.com/p/brain-the-hallucinating-chemist-from

1•Finbarr•18m ago•0 comments

Crypto users forced to share account details with tax officials

https://www.bbc.co.uk/news/articles/ckgl2je65klo

1•iamben•21m ago•1 comments

I made auto-aim for mini golf [video]

https://www.youtube.com/watch?v=JQB8aNKyeao

1•thewavelength•24m ago•0 comments

I Thought 2025 Was Cloudy. 26 Years of Data Proved Me Wrong

https://olekwrites.com/cloudy-year-perception-vs-reality/

2•olek•25m ago•0 comments

FAFO: How we stopped worrying and bought an Electron Microscope [video]

https://www.youtube.com/watch?v=zfPYij2-ry0

3•hmelder•26m ago•0 comments

Show HN: Toy Browser Update (January 2026) [video]

https://www.youtube.com/watch?v=4xdIMmrLMLo

1•logicallee•27m ago•0 comments

New maps reveal post-flood migration patterns across the US

https://kinder.rice.edu/urbanedge/fema-buyouts-vs-risky-real-estate-new-maps-reveal-post-flood-mi...

1•toomuchtodo•27m ago•1 comments

Swapping two blocks of memory inside a larger block, in constant memory

https://devblogs.microsoft.com/oldnewthing/20260101-00/?p=111955

1•ingve•28m ago•0 comments

China drafts strictest rules to end AI-encouraged suicide, violence

https://arstechnica.com/tech-policy/2025/12/china-drafts-worlds-strictest-rules-to-end-ai-encoura...

1•thunderbong•29m ago•0 comments

Show HN: Memoria – Spam exists, but can't climb (A local-first protocol)

https://github.com/Kusaneko-Memoria/memoria-protocol

1•Kusaneko•30m ago•1 comments

The peace of a nation no longer besieged by the third world

https://twitter.com/DHSgov/status/2006472108222853298

5•SilverElfin•31m ago•6 comments

NJ buying flood prone properties

https://dep.nj.gov/blueacres/

1•bnolan001•31m ago•2 comments

Public Domain Day 2026 in Literature

https://standardebooks.org/blog/public-domain-day-2026

3•robin_reala•33m ago•1 comments

WireGuard packet relay for NAT traversal

https://github.com/weiiwang01/wpex

1•progval•34m ago•1 comments