Feed aggregator

The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1.

The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek.

Article URL: https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data

Comments URL: https://news.ycombinator.com/item?id=47274548

Points: 1

# Comments: 0

Article URL: https://www.youtube.com/watch?v=FzwyGrNpOMU

Comments URL: https://news.ycombinator.com/item?id=47274514

Points: 1

# Comments: 1

Article URL: https://gestrada.dev/posts/bloom-filter/

Comments URL: https://news.ycombinator.com/item?id=47274506

Points: 1

# Comments: 0

Article URL: https://blogs.windows.com/msedgedev/2026/03/05/making-keyboard-navigation-effortless/

Comments URL: https://news.ycombinator.com/item?id=47274502

Points: 1

# Comments: 0

I build this tool for using port forwarding with mosh (if too lazy to open my vscode). Hope it is helpful and hear your help on further improving it.

Comments URL: https://news.ycombinator.com/item?id=47274498

Points: 1

# Comments: 0

Hey HN, I built geo-lint — an open-source linter for content (Markdown/MDX) that checks 92 deterministic rules across SEO, GEO (Generative Engine Optimization), content quality, and technical issues.

GEO is the idea that AI search engines (ChatGPT, Perplexity, Claude) cite content differently than Google ranks it. Things like question-formatted headings, FAQ sections, entity density, E-E-A-T signals, and citation-ready statistics all matter for whether an LLM will pull from your content. geo-lint has 35 rules specifically for this.

The interesting part is the lint loop. It ships as a Claude Code skill — you run /geo-lint audit and it spawns parallel subagents, one per file. Each agent reads the violations, edits the content, re-lints, and repeats until clean (max 5 passes). The linter is fully deterministic (no LLM in the rules themselves), so the agent gets unambiguous violation + suggestion pairs to act on. Zero hallucination risk in the analysis layer.

It also works without Claude Code — npx geo-lint --format=json gives you a flat JSON array any agent (Cursor, Copilot, Windsurf) can consume. The rules are the same either way.

MIT licensed, zero runtime deps beyond gray-matter. npm: @ijonis/geo-lint

GitHub: https://github.com/IJONIS/geo-lint

Comments URL: https://news.ycombinator.com/item?id=47274490

Points: 1

# Comments: 1

Article URL: https://createadaptablelife.com/2026/03/how-can-we-stop-waiting-to-do-what-we-say-matters-to-us.html

Comments URL: https://news.ycombinator.com/item?id=47274484

Points: 1

# Comments: 0

I’m trying to sanity check an idea with people who work with regulated systems.

In many organisations we have scanners for code, monitoring for systems, and multiple layers of controls and audit. But the business process itself is rarely checked for logical vulnerabilities before it goes live.

Processes like KYC onboarding, approvals, payments or compliance workflows are often designed in meetings and documented later. Over time more controls get added and monitoring improves, but the underlying process logic is rarely tested.

Which raises a simple question: can this process be bypassed?

I started experimenting with describing processes as state machines and running static checks on them. Things like reachability, missing review steps, irreversible actions without compensation, and similar structural issues.

The idea is to detect what you might call "business process vulnerabilities by design" before the process is deployed.

The page explains the concept and shows a small prototype. The prototype lets you describe a process as a state machine and run automated checks against rule sets (for example operational risk or resilience rules).

What I’m mainly trying to understand is whether this is actually a real problem in practice.

For people working in fintech, banking, risk or operations:

Do process bypasses or design gaps show up in real systems? How are new processes usually reviewed before they go live? Where do things tend to break down? Paper: veilgovernance.com/research/missing-first-line-of-defence

Comments URL: https://news.ycombinator.com/item?id=47274481

Points: 1

# Comments: 1

Article URL: https://www.pewresearch.org/religion/2026/03/05/in-25-country-survey-americans-especially-likely-to-view-fellow-citizens-as-morally-bad/

Comments URL: https://news.ycombinator.com/item?id=47274464

Points: 2

# Comments: 0

Article URL: https://apnews.com/article/daily-telegraph-axel-springer-paper-buy-german-1386ec56fef373bf5ab5b0f7226bf7bb

Comments URL: https://news.ycombinator.com/item?id=47274453

Points: 2

# Comments: 0

After getting up close to play with this new flavor of MacBook, it's clear Apple has something special here.

I built DiffDeck because I was struggling to review larger pull requests in GitHub, especially ones with a lot of AI-assisted code.

GitHub's diff view works well for smaller changes, but once a PR gets big I usually want more of an editor-style workflow while reviewing ie see the surrounding code, jump to related symbols and files, and mark off what I have already reviewed and I felt Github's interface was really frustrating me.

DiffDeck opens a GitHub pull request in a review workspace with:

- full file context - go-to-definition and references for TS/JS - review notes - per-file reviewed state and review progress - hide/checkoff reviewed files

One thing I wanted was for it to feel closer to VS Code than a traditional PR tool. You can jump around the codebase while reviewing, and features like go-to-definition are meant to feel familiar if you already spend most of your time in an editor.

Right now it requires GitHub sign-in, because the point is to open pull requests you already have access to and review them with more context than GitHub's diff view gives you. I considered making a public demo, but that felt less representative than letting people try it on their own PRs.

This is an early alpha. Right now the code navigation features are focused on TypeScript and JavaScript codebases. The main thing I'm trying to learn is whether this is actually a better review workflow than staying in GitHub's PR UI. For now you can feel free to review a single PR.

I'd especially like feedback from people who review large PRs or AI-generated code:

- what still feels missing - whether this solves a real problem or just one I personally had

Comments URL: https://news.ycombinator.com/item?id=47274437

Points: 1

# Comments: 0

Article URL: https://www.keycard.ai/blog/i-built-a-secure-planning-agent-with-mcp-and-keycard

Comments URL: https://news.ycombinator.com/item?id=47274421

Points: 1

# Comments: 0

TypR is a statically typed language written in Rust that compiles down to plain R code using S3 classes. The goal is to bring type safety to R without leaving the ecosystem — the generated output is idiomatic R you can drop into any existing project.

The compiler uses monomorphization to resolve generic types at compile time, so there's no runtime overhead. The type system supports structural typing, interfaces, and generics. It's still in alpha, but here's what's available so far:

GitHub: https://github.com/we-data-ch/typr

Binaries (Windows/Mac/Linux): https://github.com/we-data-ch/typr/releases

Online playground: https://we-data-ch.github.io/typr-playground.github.io/

VS Code extension with LSP: https://marketplace.visualstudio.com/items?itemName=wedata-c...

Docs (WIP): https://we-data-ch.github.io/typr.github.io/

Known limitations: the standard library is minimal so the user need to type some existing functions/variables with signatures, error messages need work, and the LSP is basic. Positron and Neovim support are in progress.

Would appreciate feedback on the type system design or ideas for use cases that would make this useful in practice.

Comments URL: https://news.ycombinator.com/item?id=47274404

Points: 1

# Comments: 0

Article URL: https://www.nytimes.com/2026/03/05/arts/pokemon-company-white-house-memes.html

Comments URL: https://news.ycombinator.com/item?id=47274402

Points: 1

# Comments: 0

Article URL: https://bactra.org/weblog/two-kinds-of-kernel-methods.html

Comments URL: https://news.ycombinator.com/item?id=47274401

Points: 1

# Comments: 0

Article URL: https://salespup.com/

Comments URL: https://news.ycombinator.com/item?id=47274398

Points: 1

# Comments: 1

Article URL: https://www.easytripexpenses.com/

Comments URL: https://news.ycombinator.com/item?id=47274390

Points: 1

# Comments: 1

Article URL: https://www.theregister.com/2026/03/06/contractor_son_crypto_arrest/

Comments URL: https://news.ycombinator.com/item?id=47274387

Points: 1

# Comments: 0