🐝 Hive Five 221 - Underdoing the Competition

Hi friends,

Greetings from the hive!

I'm still running daily, but I've swapped some days for walking with a weighted vest.

The main limitation I'm currently facing is the lack of muscle in my legs to sustain longer runs.

I also did yard work, which, depending on its size and condition, is always nice and humbling.

Additionally, there has been a significant surge in new subscribers. Welcome to all 🙏

Let's take this week by swarm!

🐝 The Bee's Knees

• How to Predict the Future With Kevin Kelly, Cofounder of Wired. They talk about Annie Dillard's writing, AI's potential, comparing it to early electricity discoveries, and more. MORE

• Shaan on Underdoing the Competition, such as Slate, a simple $25k electric truck with old-school features like roll-up windows and knobs, and compares it to Nintendo's Wii. Instead of competing head-on, they "underdo" the competition and dominate a different niche. MORE

• Tae'lur Alexis shares her journey from fast food to cybersecurity, revealing how she taught herself to code and break into systems. MORE

• Web App Hacking 101 with Ciarán Monke Cotter. Watch Ciarán break down web application hacking—what it is, how it works, and why it matters in today’s security landscape. MORE

• Gumroad's CEO uses AI tools like v0, Cursor, and Devin to boost his team's productivity by 40x. He believes AI will transform engineering, making designers more capable to ship features. MORE

Interested in sponsoring the Hive Five? Secure your spot.

📰 Updates

✅ Changelog

• TikTok is testing "Footnotes," like X's Community Notes, to let users add context to posts, but it factors in bias. This aims to improve accuracy, but divisive topics might still spread misinformation. MORE

• Obsidian Desktop 1.8.10 is out. It fixes annoying issues with numbered lists and choppy resizing. MORE

• Xnldorker v1.4 fixes a bug where Bing's changes broke the "Next page" link, which stopped the tool from working. The code now re-fetches the link just before clicking, ensuring it stays active. MORE

• GAP-Burp-Extension v5.7 is out! It grabs links from S3 buckets and fixes a bug to ensure URLs are checked correctly. MORE

• Binary Ninja 5.0 "Gallifrey" brings major updates for reverse engineering, like improved iOS and firmware support. New features include better analysis, debugging, and even open-sourced tools. MORE

💼 Work

💰 Career

• Michelle Eggers shares her career journey and how she broke into one of pentesting's most niche specialties: hacking mainframes. MORE

• The web developer job market is tough, with layoffs and AI hype creating uncertainty. Experts say skills diversification and unionizing can help developers navigate this challenging landscape. MORE

• Hunter Isacson, app guru with 250M+ downloads, shares his playbook for hitting \$1M MRR without venture capital! He breaks down how simple ideas, creator partnerships, and understanding new platform features can lead to massive growth. MORE

• Useful resources for SOC Analyst and SOC Analyst candidates. MORE

• Want to make your portfolio shine? Danny reviews portfolio sites and gives actionable tips to help you stand out from the crowd, so potential employers will notice you. MORE

🚀 Productivity

• Task-driven development and memory banks as strategies to reduce errors in complex coding projects using Cursor, enabling more efficient iteration and better integration with existing code. MORE

• Theo shares some of the cool tools he uses daily for development and content creation. It covers browser extensions like Refined GitHub, diagramming tools like Excalidraw, API testing tools like Bruno and Yak, productivity tools like Raycast and SVGL. MORE

• Matt writes his lectures by talking to his watch, then has "Diane" (an AI assistant) turn it into an outline! He embeds instructions in his speech, inspired by Twin Peaks, for a super cool workflow. MORE

• Unlock the power of Obsidian's dataview plugin with this handy cheatsheet. Write powerful queries using Dataview Query Language (DQL) in Obsidian. MORE

• Hours is a command-line tool for tracking time spent on tasks and projects. It's designed for nerds who want a simple, no-frills way to keep track of their time in the terminal. MORE

🌎 Community

🎉 Celebrate

• Zseano and team (@JonathanBouman @fransrosen @avlidienbrunn) had lots of fun and managed to win another amazon event. Congrats! MORE

• Graham shared their new website, deployed with a custom static site generator. Looks amazing! MORE

• Kylie is joining @WIRED as a senior correspondent covering the business of AI. LFG! MORE

• Mitchell is adding a command palette to Ghostty, a terminal application, using the native UI. It will first be available on macOS, then GTK, with customizable keybindings. Can't wait! MORE

⚡️ Zeitgeist

• cts on AI being like a crutch if you don't learn basic skills first. Knowing how things work yourself is important, so you're not always relying on tech. MORE

• Jason asks: "What’s your 'I could eat this every day' meal?" MORE

• "Normalize gifting intelligence Forget Starbucks and Amazon gift cards." MORE

• Levelsio, who's workflow was made for vice coding, spinned up his own $4.99/mo socal media screenshot service in 2 hours in NodeJS. MORE

💛 Follow
Awesome accounts to follow. Randomly selected from my curated Twitter lists.

• @nbk_2000 | ₦฿₭ - Paw / Pwn / Purr | Space Monkey Mafia.

• @alissaknight | Alissa Knight | Award-winning Film Producer, Director, and Writer | Published Author | Hacker | CISO | CMO.

• @dvassallo | Daniel Vassallo | I'm bad for the economy.

• @irsdl| Soroush Dalili | Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder.

• @jeffrey_way | Jeffrey Way | I am error.

🍄 Level up

📰 Read

• CVE-2025-32433 is a remote code execution vulnerability in the SSH server implementation within Erlang’s OTP libraries. An analysis and AI-free PoC by Greynoise Labs. MORE

• Fontleak is a new technique that steals text from web pages using only CSS and a custom font. By injecting CSS, attackers can quickly extract sensitive info, like secrets from scripts, bypassing security measures. MORE

• How Matthew Used AI to Create a Working Exploit for CVE-2025-32433 Before Public PoCs Existed. MORE

• Nowhere to Run: The Online Footprint of an Alleged Kinahan Cartel Associate. MORE

💡 Tips

• #TIL Inhaled isopropyl alcohol can be used for nausea and vomiting. MORE

• Cool Guide to Rewiring Your Brain for Better Habits and Growth. MORE

• Convert heic to png using the CLI on MacOS: heic2png() { sips -s format png --out "${1%.*}.png" "$1" && echo "Converted $1 to ${1%.*}.png"; } MORE

🧠 Wisdom

• Peter questions the need to carry over digital baggage from past versions of themselves. He embraces the idea of letting go and beginning again, finding comfort in emptiness and the freedom of needing less. MORE

• Joseph discusses self-alignment and maximizing happiness by optimizing longevity, perception, and circumstances. He emphasizes balancing contentment with striving for improvement, and the importance of relationships. MORE

• Merlin Mann's Wisdom Project is a collection of advice, experiences, and observations on life. It encourages self-reflection and challenges conventional thinking with ideas that may contradict each other. MORE

• AI tools can make coding easier, but relying on them too much can hurt your skills. To stay sharp, practice coding on your own and verify AI's work to avoid becoming overly dependent. MORE

• Ashley Willis reflects on her fear of being seen and the pressure to be perfect in the tech world. She encourages readers to share their work, even if it's messy or quiet, and reminds them that being real is enough. MORE

📚 Resources

• Practical CTF is a huge collection of notes on hacking and Capture The Flag challenges. It's inspired by HackTricks and includes lots of copy-paste-ready commands to help you learn. MORE

• Looking for alternatives to big tech? European Alternatives helps you discover local options for digital services and products, focusing on data protection and supporting regional businesses. MORE

• This is a list of awesome README examples to help you make your project stand out. Learn how to use images, GIFs, and formatting to clearly explain your project. MORE

• Midnight Flag CTF 2025 writeups cover forensics, crypto, web, web3, and pwn challenges. MORE

• This repo helps Red Teams collaborate with self-hosted services like password management and document editing. It includes Docker Compose files and randomized secrets to get you started quickly. MORE

The Member Edition