Deya overcame business fears by reading "The Mountain Is You" about self-sabotage, turning her planning passion into a $200K freelance career. The book taught her to identify self-destructive patterns and develop emotional intelligence for business success. MORE

Dr. Michael Levin shares unconventional advice for academic misfits pursuing interdisciplinary research and big ideas that challenge mainstream thinking. His insights cover finding mentors, handling criticism, and maintaining creativity while navigating the practical realities of scientific careers. MORE

Hacking Gemini: A Multi-Layered Approach. Valentino discovered a clever exploit in Google's Gemini chat that could steal Workspace data by manipulating how text gets converted from plain text to Markdown to HTML. By carefully placing special characters and crafting malformed links, he created a chain attack that bypassed multiple security layers and earned him $20,000. MORE

MCP Hacking Guide. Rhynorater breaks down the Model Context Protocol (MCP) specification and identifies multiple attack vectors including arbitrary file read, tool hijacking, and prompt injection vulnerabilities. The deep dive reveals how MCP servers can expose sensitive resources and how malicious servers could exploit client trust through instruction injection and elicitation attacks. MORE

Curated GitHub repo features 238+ high-quality Black Friday deals on developer tools, productivity apps, AI software, and SaaS platforms - all carefully vetted to exclude low-quality products. MORE

Beehiiv just launched their biggest feature drop ever, transforming from a newsletter platform into a complete "operating system for the content economy" with zero-commission digital products, AI website building, native podcasts, and advanced automation tools. The platform now lets creators build websites, sell products, host podcasts, and monetize audiences all in one place while keeping 100% of their revenue. MORE

Google's security team shares how they've nearly eliminated Cross-Site Scripting attacks in new codebases through "Secure by Design" principles that make secure coding the easiest path. They're now contributing to W3C standards and released Auto-CSP for Angular v19+ to automatically generate hash-based Content Security Policies during build time. MORE

This new gaming console uses Arch btw. Valve's Steam Machine is a compact 6-inch gaming PC launching in early 2026, packing over 6x the power of Steam Deck with 4K/60fps gaming capability. The $TBD console runs SteamOS and connects your entire Steam library to the big screen with built-in Steam Controller support. MORE

Trail of Bits released Slither-MCP, a tool that supercharges LLMs with Slither's static analysis engine for Solidity smart contracts. This lets AI assistants quickly find critical code, navigate complex codebases, and dramatically improve smart contract auditing without relying on basic grep searches. MORE

Should you join an AI startup right now? Swizec Teller argues that joining an AI startup in 2025 is like joining crypto in 2019 - lots of hype but most will fail since AI is commoditized. He advises focusing on companies with real business models and distribution rather than just AI features, as the secret sauce is traditional product development, not the AI itself. MORE

Comparing interviews at 8 large tech companies. A software engineer completed 60+ interviews across 11 major tech companies in 3 months, revealing key insights about hiring processes at Amazon, Google, Uber, and others. His experience shows that algorithmic coding skills and behavioral interviews are crucial for senior roles, even in today's tough job market. MORE

Practical programming principles that self-taught front-end developers can immediately apply to write better code. It focuses on actionable rules like the "rule of three" for refactoring, "make it work, make it right, make it fast" for prioritization, and keeping functions simple with single responsibilities - all designed to help you avoid common pitfalls and write more maintainable code. MORE

Naval Ravikant breaks down why recruiting is the most critical founder skill that can't be outsourced - from finding "undiscovered talent" before competitors to building teams where only geniuses want to work with other geniuses. He argues the best people won't tolerate mediocrity and shares unconventional tactics for breaking every recruiting rule to land exceptional talent. MORE

Goal Pillars offers a Harada Method-based goal generator that helps users create comprehensive achievement plans across 8 key life areas. The platform showcases 788 recently created goals ranging from business ventures to personal development, providing inspiration and structured frameworks for ambitious professionals. MORE

Ryder Carroll, creator of the Bullet Journal Method, explains why traditional goal-setting often leads to disappointment even when we succeed. He introduces "intentional goals" that focus on who you want to become rather than what you want to achieve. MORE

Powerful Obsidian workspace trick that lets you instantly switch between four specialized modes with one click - turning your note-taking app into a productivity superpower. MORE

Dan Abramov, React core team veteran and Bluesky engineer, is seeking a new software engineering role in Japan with visa sponsorship. The JavaScript expert wants to relocate to Kyoto and is open to remote work with international companies operating there. MORE

Rambull Gift Guide: 2025 Holiday Gift Guide. A collection of gift recommendations from the Rob & individual profiles from 2024 - 2025. MORE

Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101). MORE

Kulkan Security researchers analyzed the attack surface of remote Model Context Protocol (MCP) servers, finding familiar web vulnerabilities like command injection, SSRF, and IDOR in this new AI integration format. The team shares practical testing methods using tools like MCP Inspector and HTTP bridges to help security professionals assess these emerging AI infrastructure components. MORE

Critical SQL Injection Vulnerability in Django (CVE-2025-64459). MORE

Critical flaw in Netskope's "Secure Enrollment" feature that allowed attackers to bypass authentication and enroll unauthorized users in any organization's network. By using a valid enrollment token from one organization, attackers could impersonate users and gain network access to completely different organizations without their knowledge or permission. MORE

Catchify discovered a critical unauthenticated remote code execution vulnerability in UniFi Access systems that earned them a $25,000 bug bounty. The flaw allowed attackers to gain full system access through a misconfigured backup API endpoint, potentially compromising door controls and NFC credentials. MORE

Daily logic puzzles that start easy on Monday and build to "devilishly difficult" by Sunday. Their two main games are Fields (fill grids with colorful fields that never connect) and Stars (pure logic puzzles with no guessing required). MORE

TIL you can pin Raycast emojis. MORE

Mitchell Hashimoto has revolutionized his workflow by using voice transcription to capture hours of rambling thoughts while away from his computer, then using AI to organize them into coherent plans. He's even dictating most of his messages and tweets now, finding transcription quality has improved dramatically enough to replace traditional note-taking methods. MORE

Elon Musk announced that Grok can now search and analyze content across X (formerly Twitter), allowing users to ask questions and get AI-powered summaries. The feature lets users query topics and have Grok rank or summarize the responses it finds on the platform. MORE

Community as Minimum Viable World Building. Design small-scale examples of how society could work better for everyone. MORE

40-minute guided meditation helps you visualize your life 1, 3, and 5 years from now to make better decisions today. The technique involves detailed future self visualization to pull insights back into the present for goal-setting and planning. MORE

Street artist fnnch shares hard-won lessons on turning art into a $1M+ business, emphasizing that successful artists must embrace being entrepreneurs first. The key insight: find your "Image-Market Fit" through experimentation, then build a recognizable brand through strategic repetition rather than constant novelty. MORE

Find Space. Just like youth soccer players swarming the ball, tech workers often crowd around hot projects where individual impact gets diluted. The smartest career move is finding those important but less crowded areas where your skills can actually make a meaningful difference. MORE

Tyler Hogge sparked debate on X by listing America's five most broken systems: national debt, healthcare, tax code, K-12 education, and obesity rates. Replies suggested housing costs and monetary policy as root causes behind many of these interconnected problems. MORE

Josh Branchaud's "Today I Learned" repository contains over 1,600 bite-sized programming tips across 60+ technologies including Git, JavaScript, Rails, and Vim. This massive collection of practical coding knowledge has earned 13.9k stars and serves as a searchable reference for developers looking to expand their toolkit with real-world solutions. MORE

Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. MORE

Lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. MORE

Automate your recon: a Python scanner that rips through JS files to surface hidden keys and endpoints, plus a Burp add-on that lets you script smarter fuzzing instead of babysitting Intruder.

Hack your year: a PTO optimizer that turns 2025 holidays into long, strategic breaks with minimal vacation days spent.

Upgrade your offline life: a privacy-first macOS music player that speaks FLAC and obscure formats, and a terminal window manager with vim-style controls and SSH-powered workspaces.

Watch designers use AI to ship real products in minutes, founders explain why “donkey corn” million-dollar businesses beat chasing unicorns, and a demo of an entire retro OS built with prompts.

Go deep: from La Rinconada, the world’s highest (and brutal) gold-mining city, to a wild cursor effect powered by ML-generated head poses.

Listen in on how Humans of New York was really built, and get a concrete, step-by-step teardown of a LinkedIn profile that actually attracts recruiters.

Rethink dev workflows with AI that writes and tests its own docs, URLs as full-blown state containers, and a TypeScript media toolkit that runs entirely in the browser.

For fun (and perspective): an interactive “map of human ideas,” an AI library where books don’t exist until you find them, the botched Nike–Steph Curry pitch that cost millions, the surprisingly radical history of the dishwasher, and a tech founder’s detailed 4.67g psilocybin trip about whether death is just the next “solved” problem.