news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Max severity Flowise RCE vulnerability now exploited in attacks

https://www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/

3•andreadev•1h ago

Comments

JoshBlythe•1h ago

In app builders using LLM's you would expect proper prompt injection procedures to be in place - but surprise surprise, it's not usually the case. AI tools tend to ship fast and security is alwasy an aferthought.

I see this pattern constantly in my day job (I work in cyber for a FTSE 100 bank). I keep seeing tools that just prioritise developer experience over actual input validation, then act surprised when someone exploits it.

I've also been building a drop in solution for this exact issue outside of work. Happy to see this stuff (in the best way possible) as it acts as affirmation that what I'm doing is valuable.

A scam compound on Thailand-Cambodia border

https://apnews.com/article/online-scams-cambodia-thailand-o-smach-complex-f78f091462a35c4c8e79b2b...

1•fodmap•1m ago•0 comments

Computer Science House Turns 50

https://csh.rit.edu

1•slackwill•1m ago•1 comments

Mailmate

https://freron.com/

1•remywang•2m ago•0 comments

Liquid or solid? Oobleck droplets are both

https://www.nature.com/articles/d41586-026-01109-3

1•Brajeshwar•2m ago•0 comments

Framework NextGen Event Announcement

https://frame.work/nextgen

2•starkparker•6m ago•0 comments

Datadog: We built a real-world evaluation platform for SRE agents at scale

https://www.datadoghq.com/blog/engineering/bits-ai-eval-platform/

2•SpaceJudas•8m ago•0 comments

Vercel Claude Code plugin wants to read your prompt

https://akshaychugh.xyz/writings/png/vercel-plugin-telemetry

3•akshay2603•9m ago•0 comments

Show HN: Cognitox – open-source Amazon Cognito emulator written in Rust

https://github.com/unvalley/cognitox

2•unvalley•11m ago•1 comments

Greece to ban social media for under-15s from next year

https://www.bbc.com/news/articles/ckgx1x742x5o

2•thunderbong•11m ago•0 comments

Claude mythos is the first model Anthropic didn't release

https://blog.alcazarsec.com/tech/posts/claude-mythos-the-first-model-anthropic-didnt-really-release

1•alcazar•12m ago•0 comments

The Dark Factory Harness: From Autonomous Hill-Climbing to Autonomous Research

https://sotaverified.org/blog/improving-autoresearch-dark-factory-harness

1•uberdavid•12m ago•1 comments

iPad at 16 – Redundant or Post-PC?

https://asymco.com/2026/04/09/ipad-at-16/

2•ndr42•12m ago•0 comments

How HTTPS Works

https://howhttps.works/

1•sebg•13m ago•0 comments

Workingasync.io – A job board for asynchronous remote jobs

https://workingasync.io

1•Log007•14m ago•1 comments

An Agent Skill that implements Karpathy's LLM-wiki on personal GitHub Repo

https://github.com/rarce/git-wiki

2•rarce•14m ago•0 comments

NASA Built Artemis II's Fault-Tolerant Computer

https://cacm.acm.org/news/how-nasa-built-artemis-iis-fault-tolerant-computer/

2•speckx•14m ago•0 comments

LLM agents shouldn't execute blindly – this one plans first and stays editable

https://cuddlytoddly.com/

2•philiparxist•14m ago•0 comments

Masjesu botnet targets IoT devices while evading high-profile networks

https://securityaffairs.com/190548/malware/masjesu-botnet-targets-iot-devices-while-evading-high-...

1•lschueller•14m ago•0 comments

Sociotechnical Archaeology

https://jensrantil.github.io/posts/sociotechnical-archaeology/

1•JensRantil•16m ago•0 comments

The M×N problem of tool calling and open-source models

https://www.thetypicalset.com/blog/grammar-parser-maintenance-contract

1•remilouf•19m ago•0 comments

Show HN: AI agents are bad at API integrations – we fixed it

https://www.apimatic.io/product/context-plugins/showcase

3•sohaibtariq•20m ago•2 comments

A Server That Forgets: Exploring Stateless Relays

https://blog.torproject.org/exploring-stateless-relays/

1•ahlCVA•20m ago•0 comments

Study: Google's AI Overviews show wrong answers every hour

https://www.popsci.com/technology/ai-overview-inaccuracy-google/

1•Brajeshwar•21m ago•0 comments

'Snoopy', 'Adolf' and 'Password': The Hungarian Government Passwords Exposed

https://www.bellingcat.com/news/2026/04/09/the-hungarian-government-passwords-exposed-online/

4•lschueller•21m ago•2 comments

Pipeline Architecture System Design

https://dvcoolarun.com/2026/04/09/Pipeline-architecture-system-design.html

2•dvcoolarun•22m ago•0 comments

Need Advice. Should I Give Up My CS Degree in the Last Semester?

1•jornbess•22m ago•0 comments

AI Code Security Scanner – static analysis for 14 languages, OWASP Top

https://github.com/astro717/ai-code-security-scanner

1•astro717•22m ago•0 comments

Using AI in Blogging

https://cagrimmett.com/2026/02/16/on-using-ai-in-blogging/

1•speckx•22m ago•0 comments

Real Time Tide Data Novaa

https://tidesandcurrents.noaa.gov/map/

1•prakashqwerty•23m ago•0 comments

A complete GPT language model in ~600 lines of C#, zero dependencies

https://github.com/milanm/AutoGrad-Engine

2•evo_9•23m ago•0 comments