frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Demystifying Security Risks of AI-Powered Applications on Pre-Trained Model Hubs

https://arxiv.org/abs/2606.30373
3•runningmike•1h ago

Comments

runningmike•1h ago
Original title: Your Space is My Zone: Demystifying the Security Risks of AI-Powered Applications on Pre-Trained Model Hubs

Remarking conclusion: "Alarmingly, we find thousands of apps leaking credentials, hundreds containing input injection vulnerabilities that allow arbitrary code execution, and tens harboring embedded backdoors—indicating active exploitation." AI use for creating applications seems insecurity by default...

Chu4eeno•30m ago
I wonder how much of this is vibe coded? Didn't see any estimate of that from skimming.

It's a bit surprising, Claude, ChatGPT, Gemini and even Grok writes extremely robust and defensive C and C++ when I test them (various custom parsers and networking clients/servers), you'd think they'd do better in more web-native languages and with frameworks etc.

Grok's Traffic Is Mostly Driven by Adult Content

https://www.forbes.com/sites/maryroeloffs/2026/06/24/groks-traffic-is-mostly-driven-by-adult-cont...
2•sorenjan•2m ago•1 comments

Google pulls the plug on Tenor API, killing GIF pickers around the web

https://9to5google.com/2026/06/30/google-tenor-api-gif-updates/
1•thm•5m ago•0 comments

Something Is Wrong with Modern Longevity Science

https://www.newyorker.com/magazine/2026/07/06/morbid-saul-justin-newman-book-review-eat-your-ice-...
1•nabbed•6m ago•1 comments

The future must belong to Small Language Models

https://unvoid.substack.com/p/the-guilt-machine
1•nullscribe•10m ago•0 comments

CVE-2026-55200: libssh2 memory corruption with possible RCE

https://github.com/advisories/GHSA-R8MH-X5QV-7GG2
1•wildylion•10m ago•0 comments

HTML Me

https://hereforawhile.neocities.org
1•smalltorch•11m ago•1 comments

World Bank to abandon goal to devote 45% of lending to climate change projects

https://www.reuters.com/sustainability/cop/world-bank-abandon-goal-devote-45-lending-resources-cl...
3•littlexsparkee•14m ago•0 comments

Claude Sonnet 5 – benchmark results

https://artificialanalysis.ai/models/claude-sonnet-5
2•lucamark•14m ago•0 comments

Nvidia resurrects older graphics cards as RAM demands impact tech prices

https://mashable.com/tech/nvidia-gpu-rtx-3060-ramageddon
2•ripe•17m ago•0 comments

mRNA vaccines – a new era in vaccinology (2018)

https://www.nature.com/articles/nrd.2017.243
1•downbad_•18m ago•0 comments

Cheaper Than Concrete: Robots and the New Stone Age

https://originals.is/p/cheap-splendor-robots-and-the-new
1•MediaSquirrel•20m ago•0 comments

List of Domesticated Animals

https://en.wikipedia.org/wiki/List_of_domesticated_animals
1•jcmontx•21m ago•0 comments

The best thing that's ever happened for multiplayer games?

https://mas-bandwidth.com/the-best-thing-thats-ever-happened-for-multiplayer-games/
2•gafferongames•24m ago•0 comments

Drone Physics

https://iahmed.me/post/drone-physics/
2•wrxd•25m ago•0 comments

Chad Fowler's "Phoenix Architecture"

https://stevekrouse.com/phoenix
2•stevekrouse•26m ago•0 comments

Show HN: Jensen – a Deus Ex: Human Revolution theme for 30 developer apps

https://tomaytotomato.github.io/jensen/
1•tomaytotomato•27m ago•0 comments

GPT 5.5 uses Grug Brained talk during reasoning for 2x token efficiency

https://www.youtube.com/watch?v=ypO0q_8zhWw
3•m3h•28m ago•0 comments

SlateDB: An Object-Native LSM for Online Systems

https://slatedb.io/blog/introducing-slatedb/
6•agavra•28m ago•0 comments

Why AI Hasn't Cured Anything yet [video]

https://www.youtube.com/watch?v=n-hWHV2ZKOA
1•gurjeet•28m ago•0 comments

Skill.md AI Crawler Visibility

https://github.com/MerqryLabs/ai-crawler-visibility
2•novaesystems•29m ago•0 comments

WordPress Vulnerability Scan Came Back Clean. Are You Still Exposed?

https://blog.wpsec.com/your-wordpress-vulnerability-scan-came-back-clean-are-you-still-exposed/
1•jonasl•30m ago•0 comments

Cinder Dial, a molten forge-machine turning in real time

https://sand-morph.up.railway.app/grand-elemental
1•echohive42•30m ago•0 comments

SCOTUS Decision: Law Enforcement's Use of 'Geofence Warrant' Was a 'Search'

https://daringfireball.net/2026/06/scotus_geofence_warrant_search
1•coloneltcb•31m ago•0 comments

We used coding agents to add RonSQL support to RonDB

http://mikaelronstrom.blogspot.com/2026/06/experiences-from-new-wave-of-ai.html
1•jamesblonde•32m ago•0 comments

Show HN: Frontier AI Lab Jobs – Open Jobs by Function at OpenAI, Anthropic

https://frontierjobs.org/
1•te_ch•34m ago•0 comments

Bromure Agentic Coding: Wrap agent in a VM and proxy that VM, preventing leaks

1•pixdamix•35m ago•0 comments

Tokyo has only two barley tea makers, we visited one to see how mugicha is made

https://soranews24.com/2026/06/30/tokyo-has-only-two-barley-tea-makers-and-we-visited-one-to-see-...
4•zdw•36m ago•0 comments

Learning to Replicate Expert Judgment in Financial Tasks

https://thinkingmachines.ai/news/learning-to-replicate-expert-judgment-in-financial-tasks/
1•dphuang2•37m ago•0 comments

Q&A with Micron's VP and GM of Memory

https://morethanmoore.substack.com/p/q-and-a-with-microns-vp-and-gm-of
1•zdw•37m ago•0 comments

Hologram v0.10: Events and middleware for Elixir running in the browser

https://hologram.page/blog/hologram-v0-10
1•bartblast•38m ago•0 comments