Discovered a podcast called Cortex. They explore how creative people think about their work and how they get it done.

Replaced my frontdoor doorknob. Research and getting it at the store took longer than the actual job.

Been cooking more with Cannellini beans lately. Yummy!

Poisoning Claude Code: One GitHub Issue to Break the Supply Chain. A vulnerability in Claude Code's GitHub Actions let any attacker compromise repositories, including Anthropic's own, via prompt injection through a GitHub App bypass. Variants were already exploited in the wild before the fix shipped. MORE

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. Hackers used Meta's AI support chatbot to change email addresses on target accounts with zero authentication. The Obama White House, Sephora, and Space Force accounts were taken over by simply asking. MORE

The Sorry State of Skill Distribution. Trail of Bits bypassed every major skill scanner in under an hour using standard tricks. Public skill marketplaces are flooded with malware that steals credentials, and automated scanning can't catch it. MORE

The Story of C++. The official documentary on the world's most consequential programming language, from Bjarne Stroustrup's early work through its 40-year reign. MORE

Pwning Minecraft: 4-Byte Heap Overflow to RCE. A four-byte heap overflow in Minecraft Bedrock's GIF parser becomes remote code execution through a creative Molang scripting chain and Segment Heap overlap technique. No information leak required. MORE

Negative-Days with Vulnerability Spoiler Alert: Three Months Later. The hobby project that monitors git commits for vulnerability patches has detected 35 CVEs before publication with an average lead time of 2 days. All for $5 per week. MORE

Bug Hunting on Gemini Spark. Google's new Gemini Spark brings persistent agents to the Gemini App. A guide to approaching security testing for this new attack surface, straight from Google's bug hunters. MORE

Lockdown Mode — OpenAI. A new optional security setting that limits outbound network requests in ChatGPT to reduce data exfiltration risk from prompt injection attacks. Disables browsing, deep research, and agent mode. MORE

Update to How 1Password Families Facilitates Member Removal. A quiet but significant change to family account management on 1Password sparked community discussion about trust and account ownership. MORE

Three Ways to Get Paid. Jason Zweig's timeless three-part rule on making a living: lie to those who want lies (rich), tell truth to those who want truth (living), tell truth to those who want lies (broke). The rest is commentary. MORE

Stop Ruining It. Seth Godin on why customer delight isn't something you add -- it's what's left when you stop ruining it. Applies to products, trust, curiosity, and satisfaction at work. MORE

Why Share? When a browser game on HN was trivially remixed by someone else in 35 minutes, it raised hard questions about the "aura" of creative work in the AI age. A meditation on sharing when copying is instant. MORE

Chloe Asked Her Manager Why She Got Laid Off. A former product manager job at Discord shares a candid conversation about the layoff that shook their career. MORE

What Job Is Community Being Hired To Do?. A thoughtful reflection on the surprisingly hard question every community builder faces: "What do you actually do?" MORE

@jackhcable - Ethical hacker, CEO and Co-founder of Corridor, prev CISA and Stanford

@jlengstorf - Makes TV for developers at CodeTV, web dev can be fun

@DannyHatcher - Sports coach, researcher, creator, power user of Obsidian

@thesamparr - Started and sold startups, founder of Hampton, host of My First Million

@JemYoung - EM Platform Engineering at Netflix, co-host of Frontend Happy Hour

All Carve Outs. A directory of every carve out of the Acquired podcast universe. MORE

Protecting Blue Corridors. An interactive map tracking whale migration corridors across the globe, with species data, threat layers, and conservation priorities. Beautiful and urgent. MORE

Eyeball. A precision clicking game built for mouse and trackpad. Simple, addictive, and surprisingly satisfying. MORE

How the Impossible Mario Maker Levels Were Finally Beaten. A group of gamers raced to clear every unbeaten Super Mario Maker level before Nintendo shut down servers. Only to discover the final level was literally designed to be impossible by a cheating uploader. MORE

COLLAPSE of Personal Computing. An investigation into the destruction of ownership in personal computing. Why your computer isn't really yours anymore. MORE

ClawSweeper. OpenClaw's automated issue and PR maintenance bot that reviews backlog and proposes closes with guardrails. Keeps repos tidy without being aggressive. MORE

Lathe. An experiment in using LLMs to teach you rather than think for you. Generates hands-on multi-part tutorials on demand that you work through yourself. MORE

Tuxedo. A lightweight task management TUI that lives in your terminal. Clean, fast, and built for the command line crowd. MORE | TUTORIAL

Window Management in Raycast. A walkthrough of Raycast's keyboard-first window management on macOS and Windows. Move, resize, and arrange without touching your mouse. MORE

stack. Squash-safe stacked PR/MR repair for coding agents working with GitHub or GitLab. Lets agents maintain clean stacked branches without the usual headache. MORE

Marc Documented His SaaS Journey to $20K MRR. A transparent walkthrough of growing DataFast from zero to $20K monthly recurring revenue. The numbers, the strategy, and the hard lessons. MORE

She Vibe Coded an iPhone App With Zero Coding Knowledge. A talent and recruiting professional with no coding background launched a real app to the App Store using AI. Proof that the barrier has never been lower. MORE

How Nick Uses Obsidian and Claude Cowork to Run His Life. A deep walkthrough of using Obsidian as a thinking partner with AI superpowers. Personal knowledge management meets agentic assistance. MORE

AI Runs My Inbox Now. Dan Shipper shows how he set up an AI system that processes his inbox proactively. 30 emails to zero without lifting a finger. MORE

Domain Expertise Has Always Been the Real Moat. The binding constraint has shifted from "can you build it" to "can you tell if it's right." The most valuable engineer now is the one with deep domain knowledge, not just coding skill. MORE

The Eight Levels of AI Adoption. A practical guide from Every mapping AI use from chatbot to orchestrator. Figure out your current level and when it's time to level up. MORE

The SaaS Apocalypse Is a Goldmine With Figma's Matt Colyer. The SaaSpocalypse panic hasn't rattled Figma. Why AI making software easier to build actually creates more opportunity, not less. MORE

Ask HN: What Was Your "Oh Shit" Moment With GenAI?. A sprawling HN thread capturing the moments when AI stopped being amusing and started being genuinely unsettling. MORE

5 CLI Tools That Actually Changed How Mischa Works in 2026. A practical roundup of terminal tools that deliver real productivity gains, not just novelty. MORE