Hacker News

Article URL: https://openclaw.ai/blog/virustotal-partnership

Comments URL: https://news.ycombinator.com/item?id=47056760

Points: 1

# Comments: 0

I spent 20 years in security, most recently leading 100+ engineers at AWS building pentesting infrastructure across thousands of services. The same problem everywhere: pentests take weeks, cost $15-50k, and the results are stale before they ship.

I built Cipher to fix that. It's an AI agent that reasons like an attacker — maps the target, finds vulnerabilities, chains them into exploits, and proves they're real. Every finding ships with a reproducible Python script. If the script doesn't break your system, we don't report it.

How it works: Cipher defines security invariants ("User A can't access User B's data"), then multiple agents attack in parallel to violate them. A separate judge agent tries to disprove every finding — if it can't reproduce the exploit 3 times, the finding dies. You never see it.

$999 per assessment. Results in ~2 hours. Unlimited retesting.

Honest limitations: complex multi-step auth flows (SSO with MFA) still need manual setup like providing JWT credentials. We're working on it.

I'll run Cipher free for the first 15 HN readers who want to try it. Drop your email or sign up at https://apxlabs.ai/. Happy to answer any questions about the approach.

Comments URL: https://news.ycombinator.com/item?id=47056759

Points: 1

# Comments: 1

Article URL: https://peps.python.org/pep-0814/

Comments URL: https://news.ycombinator.com/item?id=47056746

Points: 2

# Comments: 0

Built an MCP server that turns Reddit sentiment into options signals. 185k LOC, 9-stage AI pipeline, now live with 90 users on just day 1.

Wall Street pays millions for retail sentiment data. It's free on Reddit. I realized: instead of another dashboard, just expose it as an MCP tool. Users ask Claude "what's unusual in options right now" and get structured signals instantly.

Results: 9,000 GitHub clones in 5 days, 52% win rate on 50 live trades (backtest was 58.8% on 129 trades—classic overfitting), 18.4% visitor→signup conversion.

https://web-production-71423.up.railway.app/mcp-server

Comments URL: https://news.ycombinator.com/item?id=47056745

Points: 2

# Comments: 0

Article URL: https://www.frbsf.org/research-and-insights/publications/economic-letter/2026/02/unauthorized-immigration-effects-on-local-labor-markets/

Comments URL: https://news.ycombinator.com/item?id=47056730

Points: 4

# Comments: 1

Article URL: https://www.npr.org/2026/02/14/nx-s1-5711441/ai-chatgpt-openai-love-betrayal-delusion-chatbot

Comments URL: https://news.ycombinator.com/item?id=47056728

Points: 1

# Comments: 0

Article URL: https://arstechnica.com/science/2026/02/dna-inspired-molecule-breaks-records-for-storing-solar-heat/

Comments URL: https://news.ycombinator.com/item?id=47056725

Points: 3

# Comments: 0

Article URL: https://arxiv.org/abs/2602.15763

Comments URL: https://news.ycombinator.com/item?id=47056696

Points: 1

# Comments: 0

Article URL: https://byteofmelon.com/blog/2026/making-of-gamebyte

Comments URL: https://news.ycombinator.com/item?id=47056683

Points: 2

# Comments: 0

Article URL: https://medium.com/@cliffrob25/how-i-built-a-roguelike-rpg-with-compose-multiplatform-and-skipped-traditional-engines-c19c3fc6e310

Comments URL: https://news.ycombinator.com/item?id=47056670

Points: 1

# Comments: 0

I wanted a way to make websites without using a massive framework, so I built yawdl. It uses Ohm.js to parse a custom syntax (like UI { } and Script { }) and compiles everything directly in the browser.

It's basically a Single Page Application (SPA) engine that doesn't need a server. You just write .yawdl files and the engine handles the routing and metadata.

It’s still pretty unstable and finicky, but I’ve been using it for my own blog and it's actually kind of fun to use. It's built with Bun and Ohm.js.

I'd love to know what people think or if the compiler breaks on your system.

Repo: https://github.com/chersbobers/yawdl

Comments URL: https://news.ycombinator.com/item?id=47056667

Points: 1

# Comments: 0

Article URL: https://gist.github.com/datagrok/8577287

Comments URL: https://news.ycombinator.com/item?id=47056665

Points: 1

# Comments: 1

Article URL: https://www.youtube.com/watch?v=Sm1HjdmoeeA

Comments URL: https://news.ycombinator.com/item?id=47056657

Points: 1

# Comments: 0

Comments URL: https://news.ycombinator.com/item?id=47056647

Points: 1

# Comments: 1

But it's not the hype you guys make it out to be.

Comments URL: https://news.ycombinator.com/item?id=47056496

Points: 1

# Comments: 0

Article URL: https://michaelnotebook.com/whichfuture/

Comments URL: https://news.ycombinator.com/item?id=47056475

Points: 1

# Comments: 0

Someone I know just had their Google account compromised, but the normal recovery methods don't work for an interesting reason: the attacker has made the account into a "child" account subordinate to an attacker-controlled "parent" account. This apparently blocks the ability to use any of the Google account recovery methods (backup phone number or email address etc) without parental consent.

Apparently this person I know isn't alone, if you search you can find other people reporting they've been victims of this. And of course, Google support is nonexistent for ordinary users, so there's no real recourse. Let this be a warning about the consequences of ill-thought-out "child safety features"?

Comments URL: https://news.ycombinator.com/item?id=47056472

Points: 1

# Comments: 0

Article URL: https://www.theatlantic.com/culture/2026/02/iron-lung-markiplier-youtuber-movie-review/686020/

Comments URL: https://news.ycombinator.com/item?id=47056467

Points: 1

# Comments: 0

Article URL: https://www.raymondloewy.com/out-of-the-blue-a-look-back-at-air-force-ones-classic-design/

Comments URL: https://news.ycombinator.com/item?id=47056454

Points: 1

# Comments: 1

I built devday because I use multiple AI coding tools (OpenCode, Claude Code, Cursor) and wanted a single command to see what I actually accomplished each day. It reads local session data, cross-references with git commits, and optionally generates standup-ready summaries via OpenAI or Anthropic.

Everything runs locally — no data leaves your machine unless you opt into LLM summaries.

Install with npm install -g devday.

Currently supports OpenCode, Claude Code, and Cursor on macOS. Would love feedback on what other tools to support.

Comments URL: https://news.ycombinator.com/item?id=47056453

Points: 1

# Comments: 0