eranation
- Karma
- 0
- Created
- ()
- Submissions
- 0
-
I kept seeing every npm/pnpm/yarn/bun/uv supply chain post end with the same advice (set a minimum release age, turn off install scripts), and while I know cooldowns are "controversial", they do work. But even if you…
-
This is something that has bothered me for quite a while, and I don't see a lot of people talk about it: Agents, in most cases, impersonate the human operator, by design, with no way to enforce, disclose, or control it.…
- Opengrep – an Open Source fork of Semgrep (github.com)
- Hairy Ball Theorem (en.wikipedia.org)
- How to make developers love security (helpnetsecurity.com)
- The Cloud and App Security List (list.latio.tech)
- How to make developers love security (helpnetsecurity.com)
- MPT-7B-StoryWriter-65k+: LLM for super long contexts (Apache 2.0) (huggingface.co)
- What Is Pipelineless Security? (arnica.io)
- Demystifying the Pl0x GitHub Attack (arnica.io)
- Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses [pdf] (leakuidatorplusteam.github.io)
-
Hey fellow HNers, We launched our product to public beta after 8 months of hard work, got lucky on product hunt, Reddit, LinkedIn, and we thought this will resonate well with the HN community, but obviously we screwed…