Feed aggregator

Article URL: https://hindsight.vectorize.io/blog/2026/06/09/fastest-growing-oss-ai-memory

Comments URL: https://news.ycombinator.com/item?id=48477370

Points: 1

# Comments: 0

Article URL: https://apps.apple.com/us/app/kuji-omikuji-mindful-chat/id6758899526

Comments URL: https://news.ycombinator.com/item?id=48477339

Points: 1

# Comments: 0

Article URL: https://www.deepcleancsv.com/

Comments URL: https://news.ycombinator.com/item?id=48477334

Points: 1

# Comments: 0

Hello HN,

My name is Riccardo and I created AuthAI for indie hackers.

The idea is quite simple: let the end users connect their chatgpt/grok/copilot account and route the AI requests through their AI subscriptions.

This enable a lot of new cool ideas where the business model/unit economics don't always make sense.

The flow is straightforward:

They click on "login with AI", choose their provider, and authorise the device on the provider's website.

Tokens get encrypted using a per-user AES-256-GCM encryption key, which isn't stored anywhere server-side and only exists within the user's JWT session. The whole security model can be found on the website/github.

Here is a demo:

https://demo.authai.io

From a developer's perspective, the objective is to stay as close to the OpenAI SDK as possible:

```ts const openai = new OpenAI({ apiKey: jwt, baseURL: "https://relay.authai.io/v1", defaultHeaders: { "x-authai-secret": process.env.AUTH_AI_SECRET, }, }); ```

Also, there is a React SDK for handling the connection flow.

* It's MIT licensed and completely open-source, there's a hosted relay available, however, the entire stack is self-hostable.

GitHub repo:

https://github.com/authai-io/authai

Would you use something like this for your generated applications and side projects? What else could I add?

Comments URL: https://news.ycombinator.com/item?id=48477326

Points: 1

# Comments: 0

Article URL: https://kerkour.com/stdx

Comments URL: https://news.ycombinator.com/item?id=48477314

Points: 2

# Comments: 0

Article URL: https://alwaysdraft.com/skimming-ai-answer-cost-100-passwords/

Comments URL: https://news.ycombinator.com/item?id=48477307

Points: 2

# Comments: 0

Given the increased use of AI, my experience is that teammates are moving so fast churning out so many changes that it is nigh impossible to review it all. I can't even keep up with the code being generated by my own use of LLMs at times. Granted, I can slow it all down. And I do at times when one of the following is true: 1. It is a new space I want to understand 2. I don't trust the agent for the current domain 3. It is incredibly complex and nuanced work

Leaning on oracles (something that can provide a ground truth that LLMs can check their impls against) gives a lot of confidence and eases my mind when skipping reviews. Expansive testing and formal verification seem like they will displace code review.

Code review also provided mentorship, design feedback, shared ownership. Where is mentorship being redirected? Are people still finding time to design review?

Open Source AI assisted 1k+ line PRs is a whole nother ball of wax. My best trick here is to extract the key ideas from the PR and re-implement it myself.

Comments URL: https://news.ycombinator.com/item?id=48477305

Points: 1

# Comments: 0

Article URL: https://danb.me/blog/tuta-proton-open-source-client/

Comments URL: https://news.ycombinator.com/item?id=48477223

Points: 3

# Comments: 0

Article URL: https://vectorlens.dev/

Comments URL: https://news.ycombinator.com/item?id=48477216

Points: 1

# Comments: 0

Article URL: https://printserver.ink/blog/spoiling-the-kernel/

Comments URL: https://news.ycombinator.com/item?id=48477208

Points: 1

# Comments: 0

It's not just you. Many Google users are encountering "something went wrong" issues on Wednesday.

Speaking at the AI Summit in London, Kanishka Narayan launches a competition to encourage UK datacentre designs people can be proud of

Deputy PM David Lammy announces AI legal assistants for Crown Courts and AI tools for judges to tackle record backlogs

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.

A graphic created and shared by The Gentleman ransomware group administrator Hastalamuerte on Breachforums in May 2026. Credit: ke-la.com.

Experts at the security firm Check Point Software have been closely covering exploits of The Gentlemen, a so-called “ransomware-as-a-service” (RaaS) offering that pays affiliates handsomely to help spread the group’s malware.

“A 90/10 affiliate revenue split — compared to the industry standard 80/20 — is accelerating the group’s growth by attractive experienced operators from competing programs,” the researchers wrote in April.

Check Point found The Gentlemen are the second most active ransomware group by victim count so far this year, claiming at least 332 published victims since the group’s inception in mid-2025 and more than 240 in 2026 alone.

According to Check Point, the group targets Internet-facing devices (VPNs, firewalls) as their entry point, and once inside moves quickly to encrypt entire networks within hours.

Check Point says the administrator and primary operator of the ransomware group uses the nickname Zeta88 on the Russian-language cybercrime forums, and that this individual was previously known under the moniker Hastalamuerte. Check Point noted that a breach of the group’s backend infrastructure made it clear that Hastalamuerte/Zeta88 is the person who assembles the locker and RaaS panel, manages payments, and is essentially the administrator of the entire program who receives 10 percent of all ransoms.

WHO IS HASTALAMUERTE?

The cyber intelligence firm Intel 471 shows that the user Hastalamuerte is a Russian and English speaking person who registered on almost a dozen cybercrime forums between 2019 and the present day, including Exploit, Breachforums, Ramp_V2, BHF, Raidforums, and Nulled.

Intel 471 reveals that Hastalamuerte registered on Breachforums in January 2025 from an Internet address in Izhvesk, the capital city in western Russia’s Udmurt Republic. Likewise, the user Zeta88 signed up at the English-language cybercrime forum Breached in August 2022 from a different Internet address in Izhvesk.

Intel 471 finds Hastalamuerte registered on Raidforums in 2020 using the email address hastalamuerte1488@protonmail.com (1488 is a common combination of two numeric symbols associated with white supremecy). A lookup on this address at the open source intelligence service Epieos shows it is connected to an account at Apple and to a phone number ending in 04.

Epieos says that Protonmail address is also linked to a GitHub account under the username SantaMuerte. That account is marked private, but a history of this user’s activity shows they are watching and developing a number of malware tools and exploits.

In April 2020, Hastalamuerte said on the crime forum Nulled that they could be contacted at the Telegram instant messenger name @hastalamuerte18, and the threat intelligence company Flashpoint finds this username is assigned the unique Telegram ID number 30907522 [full disclosure: Flashpoint is an advertiser on this blog].

The breach tracking service Constella Intelligence reports that Hastalamuerte’s Telegram ID is connected to another username — “bu4vs” — and to the Russian phone number 79127650004. Pivoting on this phone number in Constella fetches multiple records from hacked Russian government databases showing it is assigned to one Alexander Andreevich Yapaev, a 36-year-old from Izhevsk.

Constella reveals that phone number was used to create an account at the Russian social media platform Pikabu under the name “4apai18,” and shows Mr. Yapaev has signed up at a number of websites using the common surname Ivanov, or else “Chapaev” (the numeral 4 is often used as shorthand for a “ch” sound in Russian).

A search in Intel 471 for cybercrime forum members with the nickname SantaMeurte unearths an account by the same name created in 2020 on the Russian hacking forum Codeby. Intel 471 shows this user originally registered on Codeby with the not-so-subtle nickname Alexandr 4apaev.

Constella finds Mr. Yapaev regularly used the email address bu4vs@mail.ru. Meanwhile, Epieos shows this address is connected to a LinkedIn account for Alexander Yapaev, who lists himself as the head of B2B marketing at the company Uralenergo Udmurtia, one of Russia’s largest suppliers of electrotechnical and lighting products.

Mr. Yapaev did not respond to multiple requests for comment.

Nearly every time we publish one of these Breadcrumbs stories, readers are curious to know why it seems like so many cybercriminals from Russia apparently do little to hide their real life identities. The truth is that — Russian or not — most didn’t exactly set out to be arch criminals, but instead got drawn into the scene gradually over several years as their skills broadened and sharpened.

Another important dynamic is that the Russian government generally either co-opts or ignores cybercriminal activity within its border so long as the hackers do not steal from or attack Russian businesses and citizens. As a result, successful cybercriminals in Russia are usually insulated from prosecution and arrest by foreign law enforcement agencies provided they occasionally pay off the right people and do not travel abroad. And cybercriminals who intend to strictly adhere to those unwritten rules may (at least initially) be less concerned about covering their tracks online.

But the simplest explanation is that cybercriminals of all nationalities tend to make a number of basic operational security mistakes early in their careers, when they are less savvy and have far less to lose by their carelessness. A review of Hastalamuerte’s early posts on the crime forums (circa 2019-2020) shows a relatively unsophisticated and low-skilled hacker still trying to learn the ropes and earn a positive reputation on these communities.

For example, in June 2020 Hastalamuerte’s Telegram account joined a multi-month training program (@pntst) to learn how to use popular penetration testing tools, and their candid posts to this hacker training camp show Hastalamuerte struggling to use these tools effectively. A Google-translated record of Hastalmuerte’s posts to @pntst is here.

If you own a cellular-enabled iPad model, you can get affordable unlimited wireless data for 24 hours.

The ACLU is suing two Florida police departments over the arrest of a Fort Myers man in a child-abduction case, saying officers treated a flawed face-recognition match as a near-certain ID.

As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations.

The post Infostealers Turn Millions of Devices Into Credential Theft Machines appeared first on SecurityWeek.

Cyera is positioned as one of the most valuable privately held cybersecurity firms in the world with total funding topping $2 billion.

The post Cyera Raises $600 Million at $12 Billion Valuation appeared first on SecurityWeek.

Schools on both sides of the Atlantic have been revealed in recent days to have been hit by hackers, reminding all of us that ransomware gangs see educational instituions as targets all year round. Read more in my article on the Hot for Security blog.

Can't decide between a laptop and a tablet? You don't have to. Check out my top picks for the best two-in-one convertibles.