frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Potential session/cache leakage between workspace instances or consumer accounts

https://github.com/anthropics/claude-code/issues/74066
88•chatmasta•1h ago

Comments

Tiberium•1h ago
Sounds like a hallucination unless proven otherwise, even the leading LLMs can do those from time to time, and they will always appear plausible like that. Also could be the session having a lot previous context, like 800K+, which (I think) makes hallucinations more likely.

Relevant comment from the OP which makes a hallucination more likely:

> There is one tool call result that includes a string that printed a pathname including minecraft.py because it was listing the files in a Python virtual environment and the Pygments package has a lexer called minecraft.py

xyzzy_plugh•1h ago
I don't disagree but this sort of thing has to be investigated regardless.

It's unfortunate that there is so little transparency that even if they deny there was a leak we will never know for certain.

macNchz•35m ago
The person posting this claims to have reproduced in a separate context down the thread:

> Same thing just happened on a Claude Mobile session in same Enterprise account. Common theme in both is Sonnet 5, first response after more than 5 minutes (cache miss).

alserio•6m ago
Why? what does make it more likely?
acepl•1h ago
Oh yes, we do not need programmers any more…
emehex•57m ago
"Coding is largely solved"
techpression•50m ago
I love that quote, especially considering the insane amount of bugs that are produced. It’s as easy to debunk as someone claiming ”I can jump to the moon”.
consp•47m ago
While abused by LLM vendors, that phrase in one form or another I've been hearing since the early '00s and it's likely way older.
ethagnawl•22m ago
Sure but have you ever seen it actually play out in practice like it currently is? Whether or not it's true (of course it's not) people are currently behaving as if it is and firing/hiring accordingly.
kylehotchkiss•54m ago
50% unemployment :D
Avicebron•53m ago
In order Fable 5 has rejected:

"Recipe for red-braised pork, I have pork shoulder"

"Write up a framework for MCP patterns I can give to claude code"

"explain the biomechanics of motion in c. elegans" (I get this one, I mostly did it to test and it's related to my hobby project)

Do we get an extra day of functional Fable 5 because it's down?

ec109685•50m ago
Caching doesn’t work the way the bug reporter implies. Caches are shared (at least across the enterprise), but its key is always a function of the input before it.

We achieved significant savings simply by moving everything that varies across individuals out of the system prompt so every session starts from a cache point.

For example you never want your system prompt to start with the time that the session started. Move that to the first user message if needed.

macNchz•39m ago
Caching is not supposed to work like that, but that doesn’t preclude the cache key computation function from having bugs.
marginalia_nu•29m ago
Yeah there's quite a lot of potential bugs that could have this shape. If I were to guess it could be a buffer in a buffer pool not being sized and zeroed correctly, allowing stale data to bleed between sessions.
supriyo-biswas•36m ago
There could just also be a bug where the output tokens of session 1 were shared with session 2, due to a race condition or similar.
Waterluvian•6m ago
There is a massive incentive for optimization, so I expect they’re doing a ton of very clever tricks, all of which make this kind of bug more likely.
jstummbillig•36m ago
Is there anything particular about LLMs that would make separating customer data harder than in all SaaS cases?
27183•22m ago
If I had to hazard a guess, doing anything in a multi-tenant way on a GPU is going to be hard mode compared to most SaaS due to lack of memory safe tooling. I've built multi-tenant SaaS systems, and I've done a little GPU programming (a long time ago), but I've never tried to combine the two disciplines.
woadwarrior01•18m ago
It'd be terribly compute inefficient to not share prefix caches (KV cache) across customers.
acepl•9m ago
What is the probability that two customers will have exactly the same tokens in cache? Wouldnt it require using the exact same CLAUDE.md, skills, MCPs and context? After that it is even worse since the nondeterminism of LLMs and humans
27183•3m ago
I suspect what GP is getting at is there will be a strong incentive to implement some structural sharing across tenants to avoid redundantly storing the same tokens over and over. At least I'd be tempted to do this if I was working with a very precious, constrained resource (e.g. VRAM). Doing this correctly seems.. very difficult.
adam_arthur•
bix6•13m ago
So the options are this amazing tech is so stupid it just randomly brings up Minecraft or it’s got a major security issue?
27183•11m ago
¿Por qué no los dos?
Kapura•7m ago
happy fourth of july everybody!
4m ago
Vibe-coding the implementation.

I haven't had much issue with Codex, but seems Claude Code has major issues being reported nearly on the daily.

They also happen to be the most boastful about not reading or looking at the code.

LLMs are very capable, but not nearly to the level they seem to be messaging.

AI Humanoid Robot Companions

https://www.reuters.com/technology/chinas-ubtech-launches-ai-powered-lifelike-companion-robots-20...
1•takerofnaps•1m ago•0 comments

Sitting for more than 30 minutes increases the risk of dying from cancer

https://journals.plos.org/plosmedicine/article?id=10.1371%2Fjournal.pmed.1004767
2•BiosIT•8m ago•0 comments

Simple White Line Is America's Greatest Unsung Innovation

https://www.wsj.com/business/white-line-road-invention-america-250-8ce6bb89
1•erex78•9m ago•1 comments

When the ability to smell goes away

https://arstechnica.com/science/2026/07/when-the-ability-to-smell-goes-away/
1•Brajeshwar•11m ago•0 comments

Static Types Come to the Beam – Annette Bieniusa and Guillaume Duboc [video]

https://www.youtube.com/watch?v=X_CPDt3PeDE
1•markoutso•11m ago•0 comments

Positioning Without Satellites or Base Stations

https://hackaday.com/2026/07/01/positioning-without-satellites-or-base-stations/
1•DarkContinent•12m ago•0 comments

Do Wavy Walls Use Fewer Bricks? I Tested It in Blender

https://blog.tymscar.com/posts/crinklecranklewalls/
1•tymscar•15m ago•0 comments

It's time to go back to the founding text

https://www.theguardian.com/us-news/ng-interactive/2026/jul/04/250-years-declaration-of-independence
2•classified•17m ago•0 comments

Show HN: Home Page as a Chatbot

https://github.com/haltakov/chatbot-page
1•vladoh•17m ago•0 comments

Show HN: World Release Notes – Every country as a software project

https://worldreleasenotes.com/
1•7rin0•21m ago•0 comments

New York City Real-Time Subway Status Visualization

https://subway.joonas.wtf/
1•bookofjoe•24m ago•0 comments

Show HN: GREF – Interactive search and replace for terminal and Vim

https://github.com/albertize/gref
1•albertize•25m ago•0 comments

Where's the holistic AI productivity data?

https://rachelandrew.co.uk/archives/2026/06/11/wheres-the-holistic-ai-productivity-data/
1•tobr•27m ago•0 comments

Sylix, an free alternative of Cursor & Copilot

https://sylixide.com/
1•Sai-09•29m ago•0 comments

Show HN: I built a personalized AI newsletter you configure by replying to it

https://briefednewsletter.com/
1•tozcoded•33m ago•0 comments

Is Israel's 'buffer zone' inside Lebanon an attempt to grab gas reserves?

https://www.aljazeera.com/features/2026/6/12/is-israels-buffer-zone-inside-lebanon-an-attempt-to-...
2•hebelehubele•36m ago•0 comments

Show HN: Thèque, a private visual library for the things you save

https://theque.app
2•ecuzmici•37m ago•0 comments

An Analyst's Missed Remark Surfaced in Deadly Iran School Strike Probe

https://www.bloomberg.com/news/features/2026-06-26/an-analyst-s-missed-remark-surfaced-in-deadly-...
1•r721•38m ago•1 comments

Windows CE Dreamcast Community Edition (wince-dc)

https://github.com/maximqaxd/wince-dc
3•msephton•38m ago•0 comments

Towards a formal theory of computer insecurity: a language-theoretic approach [video]

https://www.youtube.com/watch?v=AqZNebWoqnc
1•binyu•40m ago•0 comments

Why AI Gurus Are Building Toys While the World Needs Architects

https://medium.com/@alanscottencinas/the-scale-wall-why-ai-gurus-are-building-toys-while-the-worl...
2•encinas88•40m ago•1 comments

1666 Great Fire of London

https://en.wikipedia.org/wiki/Great_Fire_of_London
2•simonebrunozzi•41m ago•0 comments

Introduction to Conditional Flow Matching – Part I, Normalizing Flows

https://huet.ing/posts/cfm_part_i/
1•DeanMoriarty123•42m ago•1 comments

Tell HN: Check your subscription renewals (VPNs, etc.). They cost too much

2•simonebrunozzi•44m ago•1 comments

China's electromagnetic rocket launch technology

https://timesofindia.indiatimes.com/science/chinas-electromagnetic-rocket-launch-technology-could...
3•Tomte•47m ago•0 comments

How little exercise can you get away with?

https://www.economist.com/science-and-technology/2026/07/03/how-little-exercise-can-you-get-away-...
4•Brajeshwar•48m ago•2 comments

I found a malware hiding in my TailwindCSS config file

https://infosecwriteups.com/i-found-north-korean-dprk-malware-hiding-in-my-tailwind-config-js-45a...
6•donohoe•48m ago•3 comments

The Android's Dream; a Love Letter to the Bomb

https://kyleobrien.me/the-androids-dream-a-love-letter-to-the-bomb/
1•kyo3•50m ago•0 comments

The Secret History of Polymarket

https://unlimitedhangout.com/2026/06/investigative-series/the-secret-history-of-polymarket-part-1/
2•tilltheend•52m ago•0 comments

Trace Institute

https://traceinstitute.org/
1•mpartel•54m ago•0 comments