Andrej Karpathy discusses how AI, particularly large language models (LLMs), is fundamentally transforming software development. He explains the shift from traditional programming to AI-assisted and AI-generated code, highlighting the emergence of "Software 3.0" where developers increasingly collaborate with AI systems. Karpathy explores how LLMs are changing programming workflows, the implications for software engineering careers, and provides practical advice for developers to adapt to this new paradigm. MORE

Web design pioneer Ethan Marcotte is helping design Unbreaking.org, a new project that documents attacks on American institutions by researching and organizing news into clear, comprehensive issue pages. The site aims to cut through information overload by providing rigorously cited explanations of government changes and their impacts. MORE

Netflix Vulnerability: Dependency Confusion in Action. From a jet-lagged 2 AM brainstorm in Tokyo to a full-blown Remote Code Execution proof on Netflix, this journey shows just how wild the modern supply-chain frontier can be. MORE

Kent Beck explores the transformation of Test-Driven Development (TDD) and software engineering through the lens of AI coding tools. Drawing from his experiences at Facebook and current work with AI agents, he examines how emerging technologies are reshaping developer workflows, feedback mechanisms, and code creation processes. MORE

A developer with ADHD discovered that breaking tasks into micro-steps and using a thermal receipt printer to print daily to-dos mimics video game feedback loops, curing his 20-year procrastination problem. The physical act of crumpling completed task receipts and tossing them in a jar provides the dopamine hits that keep him consistently productive. MORE

The State of CSS 2025 survey is now open, asking developers which new CSS features like subgrid, :has(), and scroll-driven animations they've actually adopted versus just heard about. MORE

OWASP Noir v0.22.0 adds GraphQL file analysis and Koa.js detection capabilities to help security teams identify web application endpoints and APIs. The release also improves performance and validates HTTP methods for more accurate vulnerability scanning. MORE

Microsoft open-sourced Edit, a new lightweight command-line text editor coming to Windows 11. The 250kB modeless editor supports multiple files, find/replace, and mouse controls. Solving the problem of 64-bit Windows lacking a built-in CLI editor. MORE

OpenCode, a powerful AI coding assistant, has completed its major rewrite and now supports Claude Pro/Max, 75+ LLM providers, and features a beautiful terminal interface with shareable session links. The tool offers zero-config LSP support and works with both cloud and local AI models for seamless development workflows. MORE

A seasoned infosec pro shares career advice for young adults worried about AI taking jobs, emphasizing building public brands and critical thinking skills over traditional education paths. MORE

How to Deal with a Bad Manager? Leave. A tech worker at a large company (think FAANG) got stuck with a terrible new manager after a reorganization and is seeking advice on how to handle micromanagement, poor communication, and lack of support. MORE

A comprehensive guide to managing ADHD through practical strategies and tactics, covering everything from medication as the foundation to specific productivity techniques. The author shares personal systems for memory management, energy optimization, and overcoming procrastination through tools like todo lists, timers, and environmental design. MORE

Most AI presentation tools excel at creating beautiful slides but miss the critical part: uncovering insights that actually matter. Jeff demonstrates how to bridge the gap between insight generation and presentation design by recreating an actual Google sales pitch deck. MORE

Lauren describes transitioning from digital productivity apps to a four-notebook analog system using the Bullet Journal method. By dedicating separate notebooks for daily planning, work, personal reflections, and reading, she reduced screen time, enhanced focus, and developed a more intentional approach to tracking tasks and goals. MORE

Develop original thinking through this four-step framework: First, cultivate a unique perspective by identifying and articulating admired original work like "Hotel Cactus" by Kaori Ekuni. Second, master taking smart notes and morning journaling. Third, learn to sit with your thoughts, prioritizing self-expression over self-censorship. Finally, explore writing fiction to enhance creative thinking and AI-proof your intellectual approach. MORE

Jo Franco reveals her 15-year journaling odyssey, highlighting how writing helped her navigate emotions, manifest goals, and craft a purposeful life. She explores diverse journaling methods like morning pages and gratitude logs, stressing that the practice is deeply personal and adaptable to individual preferences. MORE

Gunnar announced he's the new HackerOne Brand Ambassador for the US Midwest region, encouraging local cybersecurity professionals to connect with him. MORE

Bug bounty hunter ArtSec crushed their $10,000 annual goal in just two weeks during a recent HackerOne community event. MORE

Bug bounty hunter Mert dominated Bugcrowd's May leaderboards, ranking #1 in critical vulnerabilities and overall severity while hitting 500 total P1 findings. He discovered 33 security flaws across 9 programs, including 16 critical issues, proving consistent excellence. MORE

A lone coder from Boston rewrote the BIOS in 1984, prompting IBM to consider legal action. The programmer's clever loophole established a model for legally defensible reverse engineering. You’ve likely been using his descendants ever since. This is how Phoenix Technologies managed to succeed. MORE

Mitchell Hashimoto laments the decline of platform-native apps, noting how Mac's 2000s golden era featured unapologetically Mac-only software versus today's "least common denominator cross-platform" tools. He's experimenting with his terminal app Ghostty to prove you can be both cross-platform AND platform-native. MORE

Developer Wes asked his followers what AI apps they're currently paying for, sparking a revealing discussion about subscription fatigue in the AI space. Responses showed Claude, ChatGPT, and Cursor dominating developer wallets, with many admitting to "bleeding money" on multiple AI subscriptions they barely use. MORE

Tailscale argues that constant login prompts actually weaken security by creating more opportunities for credential theft and encouraging bad habits like password reuse. Instead of annoying users with frequent reauthentication, modern security should use real-time background checks and device posture monitoring to continuously verify access without interrupting workflow. MORE

Make Self-XSS Great Again: demonstration of how commonly perceived Stored Self-XSS can actually be transformed into a regular Stored XSS using modern browser capabilities. MORE

Trail of Bits researchers found critical security flaws in Go's JSON, XML, and YAML parsers that enable authentication bypasses and data exfiltration in production systems. The parsers' unexpected behaviors like case-insensitive matching and duplicate key handling create dangerous attack surfaces that differ from other languages' parsers. MORE

Bellingcat investigators used open-source intelligence to uncover new leads in the 1971 murder of Texas oilman Bill Richardson, revealing connections between wealthy sportsmen and organized crime. The cold case investigation exposed alleged links to the Dixie Mafia, contract killers, and a high-stakes gambling ring that may have led to Richardson's execution-style killing. MORE

Cato Networks researchers discovered a "Living off AI" attack where hackers can inject malicious prompts into support tickets that get processed by AI tools like Atlassian's MCP. When internal staff use AI to summarize these tickets, the hidden commands execute with their privileges, potentially exposing sensitive data or enabling system access without direct authentication. MORE

Pull Request Playbook helps dev teams eliminate code review bottlenecks and deploy faster through streamlined processes. Learn how to turn slow, frustrating PRs into tools that build stronger teams and ship more reliable code. MORE

Speed up any web video beyond the usual 2x limit by running document.querySelector('video').playbackRate = 2.5 in your browser's DevTools console. This JavaScript trick works on YouTube and most video sites, letting you watch a 40-minute video in just 16 minutes at 2.5x speed. MORE

Derek Sivers shares how keeping a daily diary and topic-specific journals transformed his learning and decision-making over 20+ years. He recommends plain text formats and separate "Thoughts On" files for different subjects to track how your thinking evolves over time. MORE

Before you play the game, study the winners. If you don’t want their life, don’t play their game. MORE

Greg Isenberg shares 15 life-changing strategies that transformed his career, from writing online when nobody read to treating the internet like a testing lab. His approach focuses on building systems that work while you sleep, surrounding yourself with energy-giving people, and turning curiosity into profitable projects. MORE

How to Find Your Life's Purpose explores topics such as what made you unique as a child, when you feel most in the flow, and what your 90-year-old self might regret, offering clarity for those feeling lost or uncertain about their next steps in life. MORE

How Online Publishers Can Survive in a Post-Search World. Online publishers are losing massive traffic to AI overviews that answer questions without clicks - HuffPost lost 50% of search traffic in 3 years. Creative Boom's founder shares how they're surviving by focusing on personality, community, and direct relationships instead of relying on algorithms. MORE

Shane Parrish distills the entire self-help industry into one powerful principle: pursue what makes mornings exciting and nights peaceful. This simple two-question test cuts through all the noise to help you focus on what truly matters in life and work. MORE

Neuroscientist Lisa Feldman Barrett debunks common myths about emotions, revealing how our brains actually construct feelings rather than simply detecting them. This eye-opening talk challenges everything you thought you knew about emotional responses and their impact on decision-making. MORE

Funky chunks: abusing ambiguous chunk line terminators for request smuggling. MORE

Have I Been Squatted helps protect your brand by automatically detecting typosquatted domains that could be used for phishing or fraud. MORE

Dork King is a comprehensive collection of Google dorks and search techniques. This free tool provides ready-to-use search queries to find vulnerabilities like exposed config files, database leaks, login pages, and sensitive documents across the web. MORE

A new Erlang OTP vulnerability (CVE-2025-4748) allows attackers to exploit zip file extraction to overwrite system files through path traversal. Malicious zip archives can escape intended directories and modify critical files like .bashrc for code execution. MORE

This detailed analysis of CVE-2021-26084 demonstrates how to patch diff, debug, and exploit an OGNL injection vulnerability in Confluence Server that allows unauthenticated remote code execution. MORE