Did I behave according to my principles?

Did I treat the people with whom I interacted with in a friendly and considerate manner?

What vices have I fought?

Have I made myself a better person by cultivating my virtues?

Behind the Scenes Hardening Firefox with Claude Mythos Preview. AI tooling found 271 hidden Firefox bugs—including complex sandbox escapes that traditional fuzzing missed—by pairing better models with automated verification. MORE

Learning on the Shop floor. Shopify's CEO reveals how their AI agent "River" works only in public Slack channels, accidentally creating a company-wide learning environment. When 6,000 employees collaborate with AI in the open, everyone learns from watching experts work - turning the whole company into an apprenticeship program. MORE

CSPT to full account takeover, then 2FA bypass via prototype chain. A client-side path traversal in a URL builder let an attacker change a victim's email, then bypass 2FA by sending __proto__ as the code—worth $15k. MORE

Ghosts of encryption past in Salesforce Marketing Cloud. Researchers chained weak CBC and XOR encryption with template injection to read sent emails across tenants. Salesforce patched and assigned five CVEs. MORE

How to find your thing. Why "follow your passion" is terrible advice and share what actually works: follow your "blisters" - the things you're willing to suffer for repeatedly. They reveal the key is finding work loops you love doing thousands of times, not chasing industries that sound cool. MORE

HTTP desync in Discord's media proxy. A 2022 quirk in media.discordapp.net turned into a request smuggling bug that let a researcher spy on attachments across the platform. MORE

Copirate 365: plundering Microsoft Copilot at DEF CON. CVE-2026-24299 chains HTML preview exfil, memory hijacking, and prompt injection into a persistent Copilot backdoor with no audit trail. MORE

Android notification DoS via a malicious GIF. CVE-2025-48631 was marked fixed in December 2025, but malformed images still crash phones in zero-click loops. Google closed it as Won't Fix. MORE

The lack of community imagination. Rosie Sherry argues we've quietly accepted broken community tools. Real change starts with imagining what better could look like. MORE

Distinguished Gentleman's Ride. Support a global charity ride raising funds for men's mental health and prostate cancer research. MORE

An actual UUID v4 collision. A team flagged a real UUID v4 collision in 15,000 records. HN unpacks broken entropy, bad RNGs, and why v4 isn't bulletproof. MORE

Responsible disclosure critique. Graham argues that intensive vulnerability research often yields poor returns and serves as free marketing for security firms. Sharing his experience with delayed Kubernetes RCE triages at major vendors, he highlights the inefficiency of current systems where clout often outweighs impactful fixes. MORE

@nickgraynews - Founder who sold Museum Hack and FDS Avionics. Now writes, invests, and meets interesting people.

@iqimpz - Full-time bug bounty hunter.

@nlamgade - Founder at Cynical Sec and BugV Security; lead coordinator at BSides Kathmandu.

@gkhck_ - 0x496, security researcher.

Bodega Cats of New York. A new coffee table book from Quarto celebrates NYC's beloved bodega cats with stories and photos from the city's corner shops. MORE

Artemis II photo timeline. NASA's crew shot stunning photos in space with Nikons and iPhones. Browse 13 months of mission imagery in an interactive timeline. MORE

Comparisons as predictable as the sunrise. An interactive analysis of 200,000 similes from popular fiction reveals which noun-adjective pairings dominate—and which stay rare. MORE

What's new in biology: May 2026. The first gene therapy for genetic deafness, real-time protein folding, and a finding that a third of approved antibodies bind unintended targets. MORE

More articles Works in Progress would like to commission. A fresh wishlist of pitches—from Scottish banking to syphilis vaccines—offering a window into where the magazine wants to go. MORE

Using Obsidian Bases For Academic Note Taking. Obsidian bases let you display your digital notes in highly customisable and editable tables, create intelligent filters and automate data collection. MORE

Redis Array Playground. Try Redis's experimental array data structure—storing multiple values in a single key—right in your browser before it ships. MORE

Minimal Twitter. A browser extension that strips X's clutter—hiding trends, promoted posts, and suggestions—while letting you customize timeline width. MORE

GitHub Repo Stats. Drop in any owner/repo URL and instantly see commit counts, contributors, and languages via the GitHub API—no auth required. MORE

Halupedia is an encyclopedia covering topics that have received insufficient attention in mainstream reference works. MORE

Years: your health record, as code. An open-source longevity system built on Claude Code that stores DNA, bloodwork, and history as markdown in a private git repo. MORE

Discrawl. Mirror Discord guilds into local SQLite so you can grep, run AI-powered semantic search, and read offline via Git snapshots. MORE

Using Claude Code: The Unreasonable Effectiveness of HTML. A Claude AI team member explains why they've ditched Markdown for HTML when working with AI agents, citing better information density, visual clarity, and interactive capabilities. HTML allows for richer visualizations, easier sharing, and two-way interaction that makes AI-generated content more engaging and useful for specs, code reviews, and prototypes. MORE

The simplest way to make $10k/month. A breakdown of one of the most accessible online income paths—what it takes, what it doesn't, and how the math actually works. MORE

Andrew Wilkinson: AI agents do my job. Tiny's CEO walks through which executive tasks his AI agents now run for him—and the workflows behind them. MORE

How to make your engineering job application stand out. Lee Robinson, who reviews hundreds of engineering resumes, shares 11 tips to make job applications stand out. Key advice includes keeping resumes to one page, linking a thoughtful personal website, cleaning up social media, showcasing AI/coding skills, and focusing on quality projects over quantity.