frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Remote Code Execution on Github with a single Git push

https://twitter.com/wiz_io/status/2049153209982140718
3•ramonga•1h ago

Comments

brianmcnulty•54m ago
The tweet is confusing and makes it sound like the RCE was as simple as `git push -o "x;`whatever command`"`, but there are a few more things they have to specify that they mention in their blog post: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-38...

It doesn't look like it's very hard to reproduce or find the bug now (especially with the details they mention in their blog post) but I assume they did not want to publish the actual command line. It looks like it affected both GitHub.com and GitHub Enterprise, and it does look like it literally took one git push command.

Show HN: Open Bias – proxy that enforces agent behavior at runtime

https://github.com/open-bias/open-bias/
1•algomaniac•2m ago•1 comments

Black, Hot Ice May Be Nature's Most Common Form of Water

https://www.quantamagazine.org/black-hot-superionic-ice-may-be-natures-most-common-form-of-water-...
1•whicks•3m ago•0 comments

Most VPS benchmarks are wrong – performance drops after the first run

https://webbynode.com/articles/vps-performance-drops-after-first-run
1•gsgreen•3m ago•0 comments

Try and Notice

https://rishisutra.substack.com/p/3-try-and-notice
1•picklerish•4m ago•0 comments

Anatomy of an Article

https://blog.yaelwrites.com/anatomy-of-an-article/
1•tptacek•4m ago•0 comments

The RCA SelectaVision VideoDisc Web Site – CED Magic

https://www.cedmagic.com/selectavision.html
1•exvi•5m ago•0 comments

Hard Drive Capacity over Time

https://commons.wikimedia.org/wiki/File:Hard_drive_capacity_over_time.svg
1•amelius•7m ago•0 comments

A good AGENTS.md is a model upgrade. A bad one is worse than no docs at all

https://www.augmentcode.com/blog/how-to-write-good-agents-dot-md-files
1•gmays•8m ago•0 comments

Realtek's 10GbE NIC performance revisited

https://kohlschuetter.github.io/blog/posts/2026/04/28/rtl10/
2•geerlingguy•10m ago•0 comments

We Don't Know the 2nd Circuit's Position on Embedding and Copyright Infringement

https://blog.ericgoldman.org/archives/2026/04/we-still-dont-know-the-second-circuits-position-on-...
1•hn_acker•12m ago•1 comments

How AI is reshaping workflows and redefining jobs

https://mitsloan.mit.edu/ideas-made-to-matter/how-ai-reshaping-workflows-and-redefining-jobs
1•ryan_j_naughton•13m ago•0 comments

Rippling launches Vanta/Delve competitor

https://www.rippling.com/blog/get-soc-2-ready-with-rippling-no-assembly-required
1•philip1209•14m ago•1 comments

Open source browser agent that tests your UI

https://github.com/verona-team/verona-atlas
1•menwithoutwomen•17m ago•1 comments

Vicky Osterweil's "The Extended Universe"

https://pluralistic.net/2026/04/27/mouseketeers/
1•hn_acker•18m ago•0 comments

I learned a Scandinavian secret to business brilliance

https://caseorganic.medium.com/the-hbo-succession-subplot-that-reveals-scandinavias-secret-to-bus...
1•SLHamlet•19m ago•0 comments

Slide – Strudel Live Coding

https://slide.merkoba.com/
1•madprops•19m ago•1 comments

Founders/early stage SEs – POC setup efficiency?

1•vocanozomu•19m ago•0 comments

Timeline of Amazon Web Services

https://en.wikipedia.org/wiki/Timeline_of_Amazon_Web_Services
1•marklit•23m ago•0 comments

Show HN: Vibe-coding video games with Claude (Day 15: Mahjong)

https://gamevibe.us/15-emoji-mahjong
2•pzxc•25m ago•0 comments

Waymo in Portland

https://waymo.com/blog/shorts/waymo-in-portland/
6•xnx•26m ago•0 comments

Astronomy Picture of the Day

https://apod.nasa.gov/apod/ap260429.html
1•slow_typist•27m ago•0 comments

Cloudflare Q1 2026 Internet disruption summary

https://blog.cloudflare.com/q1-2026-internet-disruption-summary/
2•Erenay09•28m ago•0 comments

The Feedback Loop in AI SDLC

https://makersbreakers.substack.com/p/the-feedback-loop
1•luka_leskovsek•32m ago•0 comments

A Texas developer got a $2B loan to build Oracle data centers in the 'burbs

https://www.businessinsider.com/databank-financing-dallas-data-center-inference-2026-4
3•ZeidJ•32m ago•0 comments

From CVS to Git: thirty years of source control, lived from inside

https://evilgeniuslabs.ca/blog/from-cvs-to-git-thirty-years-of-source-control
2•birdculture•33m ago•0 comments

Chatbot Act Introduced in Senate

https://512pixels.net/2026/04/chatbot-act-introduced-in-senate/
1•ransom_rs•33m ago•0 comments

Claude.ai is unavailable

https://status.claude.com/incidents/9l93x2ht4s5w
61•shorsher•33m ago•35 comments

Canonical's approach to AI is refreshingly thoughtful-Microsoft should take note

https://www.zdnet.com/article/canonical-ai-approach-thoughtful-microsoft-should-take-note/
2•CrankyBear•35m ago•0 comments

The Americans queueing up to renounce their citizenship

https://www.theguardian.com/us-news/2026/apr/28/americans-queueing-up-renounce-citizenship-dictat...
5•guerrilla•37m ago•0 comments

Humorphism – The Human Interface

https://humorphism.com/
2•gjmveloso•38m ago•0 comments