news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Axios request smuggling via prototype pollution – Critical (CVSS 9.9)

https://github.com/advisories/GHSA-fvcv-3m26-pcqx

3•akhs•1h ago

Comments

akhs•1h ago

Copying the most relevant section from the report:

This vulnerability is unique because it requires Zero Direct User Input.

If an attacker can pollute Object.prototype via any other library in the stack (e.g., qs, minimist, ini, body-parser), Axios will automatically pick up the polluted properties during its config merge.

Because Axios does not sanitise these merged header values for CRLF (\r\n) characters, the polluted property becomes a Request Smuggling payload.

A History of the Early Years of AI at the University of Edinburgh

https://journals.sagepub.com/doi/epdf/10.1177/30504554261417567

1•jeremyscanvic•35s ago•0 comments

Tesla gets FSD Supervised approved in the Netherlands – here's what it means

https://electrek.co/2026/04/10/tesla-fsd-supervised-approved-netherlands-rdw-europe/

1•Someone•3m ago•0 comments

Persistent vs. Stubborn / Genius vs. Intelligent

1•shoman3003•3m ago•0 comments

Show HN: Angel Copilot – open-source tool for assessing startup deals

https://github.com/chouligi/angel-copilot/tree/main

1•chouligi•4m ago•0 comments

Why AI Coding Tools Still Feel Stuck on Localhost

https://kubekattle.github.io/ktl/blog/ai-tools-stuck-on-localhost.html

1•KyleVlaros•5m ago•1 comments

Towards a Science of Scaling Agent Systems

https://arxiv.org/abs/2512.08296

1•gpi•5m ago•0 comments

Is Ireland the worst run country in Europe?

https://www.irishtimes.com/opinion/2026/04/11/david-mcwilliams-ireland-has-too-much-money-and-is-...

3•yawboakye•8m ago•1 comments

Native macOS Multi Agent Development UI

https://super.engineering

1•ksajadi•9m ago•1 comments

Show HN: Bal – a Knights and Knaves logic puzzle game with Glicko rating system

https://bal.sciforge.ai/

1•skaye•12m ago•0 comments

AIs Job Ledger has 2 Columns

https://www.aei.org/economics/ais-job-ledger-has-two-columns/

1•RickJWagner•14m ago•0 comments

Chaoskampf

https://en.wikipedia.org/wiki/Chaoskampf

1•thunderbong•15m ago•0 comments

’Abhorrent’: the inside story of the Polymarket gamblers betting millions on war

https://www.theguardian.com/business/2026/apr/11/polymarket-gamblers-betting-iran-war-ukraine-new...

2•sandebert•15m ago•0 comments

Codex GUI's spinner uses 70% of GPU

https://github.com/openai/codex/issues/16857

1•Einenlum•17m ago•0 comments

Meta is set to pay its top AI executives almost a billion each in bonuses

https://www.msn.com/en-my/news/other/meta-is-set-to-pay-its-top-ai-executives-almost-a-billion-ea...

2•seekdeep•18m ago•0 comments

Škoda Duobell bike bell pierces noise-cancelling headphones

https://www.dezeen.com/2026/04/09/skoda-duobell-bike-bell-noise-cancelling-headphones/

2•trauco•21m ago•0 comments

US intelligence indicates China is preparing weapons shipment to Iran

https://www.cnn.com/2026/04/11/politics/us-intelligence-iran-china-weapons

3•OutOfHere•21m ago•1 comments

Japan's cabinet approved a bill classifying crypto as a financial instrument

https://www.ccn.com/news/crypto/japan-classifies-crypto-financial-instrument-historic-shift/

1•giuliomagnifico•23m ago•0 comments

Show HN: Bunqueue – Saga workflow engine for Bun with embedded SQLite

https://bunqueue.dev/guide/workflow/

1•kernelvoid•24m ago•0 comments

Hungary Is a Laboratory for Illiberal Nationalism. The Results Are In

https://www.cato.org/commentary/hungary-laboratory-illiberal-nationalism-results-are

1•rwmj•25m ago•0 comments

Show HN: I rebuilt a 2000s browser strategy game on Cloudflare's edge

https://kampfinsel.com/

1•parzivalt•25m ago•0 comments

I built a pure WGSL LLM engine to run Llama on my Snapdragon laptop GPU

https://github.com/Beledarian/wgpu-llm

1•Beledarian•27m ago•1 comments

Scaling Managed Agents: Decoupling the brain from the hands

https://www.anthropic.com/engineering/managed-agents

1•jbredeche•32m ago•0 comments

Keyboards

https://mastodon.social/@keyboards

1•doener•32m ago•0 comments

Designing a Programming Language Around Korean's SOV Grammar Instead Of

https://github.com/wwoosshh/geul-lang/releases/tag/v0.7.1

2•birdculture•35m ago•0 comments

Hungarian government creds left in the safe hands of 'FrankLampard'

https://www.theregister.com/2026/04/11/hungary_government_logins_breach/

3•Brajeshwar•36m ago•0 comments

Plastic Pollution Is Bad Enough. Burning It Can Be Worse

https://undark.org/2026/04/10/burning-plastic-pollution-indonesia/

1•cocothem•38m ago•0 comments

Project Zomboid: Patching a Zero Day Exploit

https://store.steampowered.com/news/app/108600/view/494973688019419974

1•uyzstvqs•41m ago•0 comments

PSA Crypto: The P is for Portability

https://danielmangum.com/posts/psa-crypto-portability/

2•hasheddan•42m ago•0 comments

MRRescue

https://www.mrrescue.pro/

2•donihernandez•44m ago•0 comments

AI Datacenters Are Becoming Strategic Targets

https://members.sigmazero.cc/posts/155180337

3•sigmazero•44m ago•0 comments