Feed aggregator

Article URL: https://www.space.com/space-exploration/mars-rovers/strange-sphere-studded-rock-on-mars-found-by-nasas-perseverance-rover

Comments URL: https://news.ycombinator.com/item?id=43495725

Points: 1

# Comments: 0

Article URL: https://customercare.23andme.com/hc/en-us/articles/30923345523863-Account-Access-Issues

Comments URL: https://news.ycombinator.com/item?id=43495724

Points: 1

# Comments: 0

Article URL: https://www.computer.org/csdl/journal/ts/2025/03/10821013/23d1xvEsT6M

Comments URL: https://news.ycombinator.com/item?id=43495708

Points: 3

# Comments: 1

Article URL: https://www.mozilla.org/en-US/security/advisories/mfsa2025-19/

Comments URL: https://news.ycombinator.com/item?id=43495706

Points: 1

# Comments: 0

Article URL: https://www.sciencedirect.com/science/article/pii/S2950160125000051

Comments URL: https://news.ycombinator.com/item?id=43495704

Points: 1

# Comments: 0

So just now I had to make a migration to add a new table between two other tables that previously were joined with each other in a fairly early stage app I'm building.

I already had data in the tables and another dev working on it now, so I didn't want to nuke the database. So I got prisma to make the first migration (which it autogenerates from the new prisma schema file).

It warned me that it couldn't "just do this", because the existing data would be left with empty foreign keys, but that I could do the "just make the migration" step and not run it yet.

So I did that, opened the migration file. I changed the FK column to have a default of 0 where it was added. Then I got chatGPT to make me a SQL data migration to create default entries in the new table for each org (we're multi-tenant), then link the other table to the new default. Which was almost a stored proc in its own right.

Then I took a deep breath and told prisma to run the migration.

Pleasantly surprising: the schema+data migration ran successfully...

Extra nice bonus:

Prisma automatically made another new migration to cleanup the FK column by removing the DEFAULT! (The kind of thing you usually need to remember to do after a migration like this, but could be forgiven for forgetting)

I mean, it's just doing its usual thing really, keeping the db schema in sync with the prisma schema, but the whole thing was pretty pleasant DX for what can be a nerve wracking thing to do.

It's a really solid and mature library, as ORM's go I can really recommend it.

Comments URL: https://news.ycombinator.com/item?id=43495701

Points: 2

# Comments: 0

Patapon and Everybody's Golf are heading to Nintendo's console.

This 15 watt OtterBox wireless charging stand is a staggering $80 off at Woot for a limited time.

Barça could go 3 points clear at the top with a win in this rescheduled clash.

Just days before the official Switch 2 Reveal, the company is giving fans a way to get all their Nintendo news.

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life.

The real website of the Ukrainian paramilitary group “Freedom of Russia” legion. The text has been machine-translated from Russian.

Researchers at the security firm Silent Push mapped a network of several dozen phishing domains that spoof the recruitment websites of Ukrainian paramilitary groups, as well as Ukrainian government intelligence sites.

The website legiohliberty[.]army features a carbon copy of the homepage for the Freedom of Russia Legion (a.k.a. “Free Russia Legion”), a three-year-old Ukraine-based paramilitary unit made up of Russian citizens who oppose Vladimir Putin and his invasion of Ukraine.

The phony version of that website copies the legitimate site — legionliberty[.]army — providing an interactive Google Form where interested applicants can share their contact and personal details. The form asks visitors to provide their name, gender, age, email address and/or Telegram handle, country, citizenship, experience in the armed forces; political views; motivations for joining; and any bad habits.

“Participation in such anti-war actions is considered illegal in the Russian Federation, and participating citizens are regularly charged and arrested,” Silent Push wrote in a report released today. “All observed campaigns had similar traits and shared a common objective: collecting personal information from site-visiting victims. Our team believes it is likely that this campaign is the work of either Russian Intelligence Services or a threat actor with similarly aligned motives.”

Silent Push’s Zach Edwards said the fake Legion Liberty site shared multiple connections with rusvolcorps[.]net. That domain mimics the recruitment page for a Ukrainian far-right paramilitary group called the Russian Volunteer Corps (rusvolcorps[.]com), and uses a similar Google Forms page to collect information from would-be members.

Other domains Silent Push connected to the phishing scheme include: ciagov[.]icu, which mirrors the content on the official website of the U.S. Central Intelligence Agency; and hochuzhitlife[.]com, which spoofs the Ministry of Defense of Ukraine & General Directorate of Intelligence (whose actual domain is hochuzhit[.]com).

According to Edwards, there are no signs that these phishing sites are being advertised via email. Rather, it appears those responsible are promoting them by manipulating the search engine results shown when someone searches for one of these anti-Putin organizations.

In August 2024, security researcher Artem Tamoian posted on Twitter/X about how he received startlingly different results when he searched for “Freedom of Russia legion” in Russia’s largest domestic search engine Yandex versus Google.com. The top result returned by Google was the legion’s actual website, while the first result on Yandex was a phishing page targeting the group.

“I think at least some of them are surely promoted via search,” Tamoian said of the phishing domains. “My first thread on that accuses Yandex, but apart from Yandex those websites are consistently ranked above legitimate in DuckDuckGo and Bing. Initially, I didn’t realize the scale of it. They keep appearing to this day.”

The results of a search at DuckDuckGo on Mar. 27, 2025 for “Freedom of Russia legion” shows the first result returned is a phishing domain.

Tamoian, a native Russian who left the country in 2019, is the founder of the cyber investigation platform malfors.com. He recently discovered two other sites impersonating the Ukrainian paramilitary groups — legionliberty[.]world and rusvolcorps[.]ru — and reported both to Cloudflare. When Cloudflare responded by blocking the sites with a phishing warning, the real Internet address of these sites was exposed as belonging to a known “bulletproof hosting” network called Stark Industries Solutions Ltd.

Stark Industries Solutions appeared two weeks before Russia invaded Ukraine in February 2022, materializing out of nowhere with hundreds of thousands of Internet addresses in its stable — many of them originally assigned to Russian government organizations. In May 2024, KrebsOnSecurity published a deep dive on Stark, which has repeatedly been used to host infrastructure for distributed denial-of-service (DDoS) attacks, phishing, malware and disinformation campaigns from Russian intelligence agencies and pro-Kremlin hacker groups.

In March 2023, Russia’s Supreme Court designated the Freedom of Russia legion as a terrorist organization, meaning that Russians caught communicating with the group could face between 10 and 20 years in prison.

Tamoian said those searching online for information about these paramilitary groups have become easy prey for Russian security services.

“I started looking into those phishing websites, because I kept stumbling upon news that someone gets arrested for trying to join [the] Ukrainian Army or for trying to help them,” Tamoian told KrebsOnSecurity. “I have also seen reports [of] FSB contacting people impersonating Ukrainian officers, as well as using fake Telegram bots, so I thought fake websites might be an option as well.”

Search results showing news articles about people in Russia being sentenced to lengthy prison terms for attempting to aid Ukrainian paramilitary groups.

Tamoian said reports surface regularly in Russia about people being arrested for trying carry out an action requested by a “Ukrainian recruiter,” with the courts unfailingly imposing harsh sentences regardless of the defendant’s age.

“This keeps happening regularly, but usually there are no details about how exactly the person gets caught,” he said. “All cases related to state treason [and] terrorism are classified, so there are barely any details.”

Tamoian said while he has no direct evidence linking any of the reported arrests and convictions to these phishing sites, he is certain the sites are part of a larger campaign by the Russian government.

“Considering that they keep them alive and keep spawning more, I assume it might be an efficient thing,” he said. “They are on top of DuckDuckGo and Yandex, so it unfortunately works.”

Further reading: Silent Push report, Russian Intelligence Targeting its Citizens and Informants.

Does your phone number or home address show up on Google Search? Here's what you can do about it.

Olivier Richters gave me the lowdown on the show's high-adrenaline fight scene.

Article URL: https://www.indiehackers.com/post/starting-up/how-to-use-openais-new-image-gen-model-for-vibe-marketing-10-example-prompts-CBy5LRJdRAUBbFKz0H3E

Comments URL: https://news.ycombinator.com/item?id=43495229

Points: 1

# Comments: 0

Article URL: https://dl.acm.org/doi/abs/10.1145/325334.325242

Comments URL: https://news.ycombinator.com/item?id=43495228

Points: 1

# Comments: 0

Article URL: https://the-way-of-emacs.com/index.html

Comments URL: https://news.ycombinator.com/item?id=43495225

Points: 1

# Comments: 0

Article URL: https://masilotti.com/bridge-component-library/

Comments URL: https://news.ycombinator.com/item?id=43495223

Points: 1

# Comments: 0

Article URL: https://iamsweeper.com/2503-chat-based-interaction-with-llms-is-suboptimal/

Comments URL: https://news.ycombinator.com/item?id=43495202

Points: 1

# Comments: 0

Article URL: https://julian.digital/2025/03/27/the-case-against-conversational-interfaces/

Comments URL: https://news.ycombinator.com/item?id=43495191

Points: 1

# Comments: 0