frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

One Token to rule them all – Obtaining Global Admin in every Entra ID tenant

https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
47•colinprince•3h ago

Comments

jwpapi•1h ago
Was there a bounty?
cr125rider•51m ago
Wow the keys to all the enterprise castles! That’s wild!
userbinator•33m ago
failed to properly validate the originating tenant

One wonders whether those who designed all this ever considered what that field in the token is for.

The word "tenant" is also very telling --- you're just renting, and the "landlord" always has the keys.

rootsudo•23m ago
Oh man, I was close with this a few times as I ran powershell in different ISE windows and sometimes copied/pasted things over for different tenants, darn - it really seemed so obvious of an exploit!

Slack is extorting us with a $195k/yr bill increase

https://skyfall.dev/posts/slack
163•JustSkyfall•46m ago•54 comments

Meta Ray-Ban Display

https://www.meta.com/blog/meta-ray-ban-display-ai-glasses-connect-2025/
118•martpie•1h ago•155 comments

WASM 3.0 Completed

https://webassembly.org/news/2025-09-17-wasm-3.0/
704•todsacerdoti•8h ago•276 comments

Hypervisor 101 in Rust

https://tandasat.github.io/Hypervisor-101-in-Rust/
21•pykello•1h ago•0 comments

A postmortem of three recent issues

https://www.anthropic.com/engineering/a-postmortem-of-three-recent-issues
196•moatmoat•5h ago•72 comments

Apple Photos app corrupts images

https://tenderlovemaking.com/2025/09/17/apple-photos-app-corrupts-images/
980•pattyj•15h ago•370 comments

Boring is good

https://jenson.org/boring/
64•zdw•2d ago•15 comments

One Token to rule them all – Obtaining Global Admin in every Entra ID tenant

https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
47•colinprince•3h ago•4 comments

What's New in C# 14: Null-Conditional Assignments

https://blog.ivankahl.com/csharp-14-null-conditional-assignments/
76•ivankahl•2d ago•49 comments

DeepMind and OpenAI win gold at ICPC

https://codeforces.com/blog/entry/146536
173•notemap•8h ago•176 comments

Optimizing ClickHouse for Intel's 280 core processors

https://clickhouse.com/blog/optimizing-clickhouse-intel-high-core-count-cpu
150•ashvardanian•7h ago•36 comments

YouTube addresses lower view counts which seem to be caused by ad blockers

https://9to5google.com/2025/09/16/youtube-lower-view-counts-ad-blockers/
279•iamflimflam1•11h ago•561 comments

Ton Roosendaal to step down as Blender chairman and CEO

https://www.cgchannel.com/2025/09/ton-roosendaal-to-step-down-as-blender-chairman-and-ceo/
241•cma•9h ago•47 comments

Tinycolor supply chain attack post-mortem

https://sigh.dev/posts/ctrl-tinycolor-post-mortem/
132•STRiDEX•9h ago•51 comments

Drought in Iraq reveals tombs created 2,300 years ago

https://www.smithsonianmag.com/smart-news/severe-droughts-in-iraq-reveals-dozens-of-ancient-tombs...
101•pseudolus•9h ago•16 comments

U.S. investors, Trump close in on TikTok deal with China

https://www.wsj.com/tech/details-emerge-on-u-s-china-tiktok-deal-594e009f
355•Mgtyalx•1d ago•458 comments

Gluon: a GPU programming language based on the same compiler stack as Triton

https://github.com/triton-lang/triton/blob/main/python/tutorials/gluon/01-intro.py
58•matt_d•6h ago•16 comments

Understanding Deflate

https://jjrscott.com/to-deflate-or-not/
41•ingve•3d ago•4 comments

Ask HN: What's a good 3D Printer for sub $1000?

148•lucideng•2d ago•191 comments

Launch HN: RunRL (YC X25) – Reinforcement learning as a service

https://runrl.com
51•ag8•10h ago•16 comments

Alibaba's new AI chip: Key specifications comparable to H20

https://news.futunn.com/en/post/62202518/alibaba-s-new-ai-chip-unveiled-key-specifications-compar...
253•dworks•16h ago•266 comments

How to join or concat ranges, C++26

https://www.cppstories.com/2025/join_concat_ranges/
8•ibobev•3d ago•0 comments

Tau² benchmark: How a prompt rewrite boosted GPT-5-mini by 22%

https://quesma.com/blog/tau2-benchmark-improving-results-smaller-models/
163•blndrt•13h ago•50 comments

DeepSeek writes less secure code for groups China disfavors?

https://www.washingtonpost.com/technology/2025/09/16/deepseek-ai-security/
225•otterley•8h ago•137 comments

Event Horizon Labs (YC W24) Is Hiring

https://www.ycombinator.com/companies/event-horizon-labs/jobs/U6oyyKZ-founding-engineer-at-event-...
1•ocolegro•9h ago

Infinite Mac: Resource Fork Roundtripping

https://blog.persistent.info/2025/09/infinite-mac-resource-forks.html
34•tobr•1d ago•8 comments

UUIDv47: Store UUIDv7 in DB, emit UUIDv4 outside (SipHash-masked timestamp)

https://github.com/stateless-me/uuidv47
148•aabbdev•12h ago•68 comments

Grade 2 Braille

https://en.wikipedia.org/wiki/English_Braille
12•admp•3d ago•5 comments

Determination of the fifth Busy Beaver value

https://arxiv.org/abs/2509.12337
249•marvinborner•15h ago•106 comments

Just for fun: animating a mosaic of 90s GIFs

https://alexplescan.com/posts/2025/09/15/gifs/
46•Bogdanp•1d ago•10 comments