frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Trick users and bypass warnings – Modern SVG Clickjacking attacks

https://lyra.horse/blog/2025/12/svg-clickjacking/
19•spartanatreyu•1h ago

Comments

autoexec•23m ago
I already keep SVG disabled for security reasons, but it's increasingly looking like I'll have to find some way to disable CSS too. It's too bad people couldn't leave CSS alone as a nice simple (sort of) way to format text because turning it into another programing langue is begging for it to be abused by hackers and other malicious actors (like advertisers) just like JS
paulpauper•5m ago
nah, that is overkill. the probability of falling for this is still tiny and it cannot break the sandbox, steal session cookies, or anything like that .
scoofy•3m ago
As someone who runs a site that uses inline SVG, this is unfortunate. Hopefully it won't be a problem for me.

AV1 – Now Powering 30% of Netflix Streaming

https://netflixtechblog.com/av1-now-powering-30-of-netflix-streaming-02f592242d80
98•CharlesW•1h ago•49 comments

State of AI: An Empirical 100T Token Study with OpenRouter

https://openrouter.ai/state-of-ai
106•anjneymidha•3h ago•36 comments

CUDA-l2: Surpassing cuBLAS performance for matrix multiplication through RL

https://github.com/deepreinforce-ai/CUDA-L2
77•dzign•4h ago•11 comments

BMW PHEV: When EU engineering becomes a synonym for "unrepairable" (EV Clinic)

https://evclinic.eu/2025/12/04/2021-phev-bmw-ibmucp-21f37e-post-crash-recovery-when-eu-engineerin...
7•mikelabatt•36m ago•0 comments

Multivox: Volumetric Display

https://github.com/AncientJames/multivox
224•jk_tech•8h ago•30 comments

We gave 5 LLMs $100K to trade stocks for 8 months

https://www.aitradearena.com/research/we-ran-llms-for-8-months
144•cheeseblubber•2h ago•118 comments

The Ofcom Files, Part 4: Ofcom Rides Again

https://prestonbyrne.com/2025/12/04/the-ofcom-files-part-4-ofcom-rides-again/
15•parliament32•1h ago•2 comments

It’s time to free JavaScript (2024)

https://javascript.tm/letter
649•pavelai•16h ago•331 comments

Transparent leadership beats servant leadership

https://entropicthoughts.com/transparent-leadership-beats-servant-leadership
364•ibobev•12h ago•172 comments

Thoughts on Go vs. Rust vs. Zig

https://sinclairtarget.com/blog/2025/08/thoughts-on-go-vs.-rust-vs.-zig/
213•yurivish•4h ago•213 comments

Trick users and bypass warnings – Modern SVG Clickjacking attacks

https://lyra.horse/blog/2025/12/svg-clickjacking/
19•spartanatreyu•1h ago•3 comments

Why are 38 percent of Stanford students saying they're disabled?

https://reason.com/2025/12/04/why-are-38-percent-of-stanford-students-saying-theyre-disabled/
466•delichon•7h ago•706 comments

StardustOS: Library operating system for building light-weight Unikernels

https://github.com/StardustOS
20•transpute•2h ago•0 comments

Django 6

https://docs.djangoproject.com/en/6.0/releases/6.0/
221•wilhelmklopp•4h ago•106 comments

How elites could shape mass preferences as AI reduces persuasion costs

https://arxiv.org/abs/2512.04047
490•50kIters•17h ago•477 comments

CSS now has an if() conditional function

https://caniuse.com/?search=if
21•aanthonymax•5d ago•5 comments

Help, My Java Object Vanished (and the GC Is Not at Fault)

https://arraying.de/posts/markword/
16•birdculture•5d ago•1 comments

PyTogether: Collaborative lightweight real-time Python IDE for teachers/learners

https://github.com/SJRiz/pytogether
60•indigodaddy•7h ago•17 comments

Show HN: Onlyrecipe 2.0 – I added all features HN requested – 4 years later

https://onlyrecipeapp.com/?url=https://www.allrecipes.com/turkish-pasta-recipe-8754903
127•AwkwardPanda•10h ago•105 comments

A Cozy Mk IV light aircraft crashed after 3D-printed part was weakened by heat

https://www.bbc.com/news/articles/c1w932vqye0o
218•toss1•4h ago•170 comments

Fighting the age-gated internet

https://www.wired.com/story/age-verification-is-sweeping-the-us-activists-are-fighting-back/
162•geox•12h ago•160 comments

I ignore the spotlight as a staff engineer

https://lalitm.com/software-engineering-outside-the-spotlight/
409•todsacerdoti•14h ago•199 comments

Converge (YC S23) is hiring a martech expert in NYC

https://www.runconverge.com/careers/technical-customer-success-manager
1•janhenr•8h ago

Autism should not be treated as a single condition

https://www.economist.com/science-and-technology/2025/12/03/why-autism-should-not-be-treated-as-a...
201•bookofjoe•9h ago•253 comments

Feynman vs. Computer

https://entropicthoughts.com/feynman-vs-computer
64•cgdl•9h ago•22 comments

Functional Quadtrees

https://lbjgruppen.com/en/posts/functional-quadtree-clojure
114•lbj•12h ago•38 comments

PGlite – Embeddable Postgres

https://pglite.dev/
502•dsego•14h ago•102 comments

Launch HN: Browser Buddy (YC W24) – A recommendation system for Internet writing

https://www.browserbuddy.com/
38•alien0006•8h ago•28 comments

Some models of reality are bolder than others

https://cjauvin.github.io/posts/metaphysical-boldness/
15•cjauvin•2d ago•4 comments

SMS phishers pivot to points, taxes, fake retailers

https://krebsonsecurity.com/2025/12/sms-phishers-pivot-to-points-taxes-fake-retailers/
38•todsacerdoti•2h ago•13 comments