Feed aggregator
Introducing-Perplexity-Computer
Article URL: https://www.perplexity.ai/hub/blog/introducing-perplexity-computer
Comments URL: https://news.ycombinator.com/item?id=47215810
Points: 1
# Comments: 0
Ganak: The making of a high-performance model counter
Article URL: https://www.msoos.org/2026/03/ganak-the-making-of-a-versatile-high-performance-model-counter/
Comments URL: https://news.ycombinator.com/item?id=47215800
Points: 1
# Comments: 1
The Fall of Samakin Altwalker and the Dark Side of OpenAI
Article URL: https://greggbayesbrown.substack.com/p/the-fall-of-samakin-altwalker-and
Comments URL: https://news.ycombinator.com/item?id=47215794
Points: 1
# Comments: 0
Rolv.ai: Universal sparse compute primitive, back end-agnostic reproducibility
Article URL: https://rolv.ai
Comments URL: https://news.ycombinator.com/item?id=47215784
Points: 1
# Comments: 0
John Carmack – a tech god of tech illiterates
Article URL: https://boards.4chan.org/g/thread/108271937/the-gospel-of-the-axe-deconstructing-the-divine
Comments URL: https://news.ycombinator.com/item?id=47215778
Points: 1
# Comments: 0
Benzene changed chemistry forever – with Judy Wu [video]
Article URL: https://www.youtube.com/watch?v=0kYMUFzylOs
Comments URL: https://news.ycombinator.com/item?id=47215770
Points: 1
# Comments: 0
I Didn't Like App Launchers for Arch Linux, So I Wrote My Own in Rust
Article URL: https://rafaelzimmermann.com/posts/app-launcher-rust.html
Comments URL: https://news.ycombinator.com/item?id=47215737
Points: 2
# Comments: 0
OpenPencil – AI-native design editor. Open-source Figma alternative
Article URL: https://github.com/open-pencil/open-pencil
Comments URL: https://news.ycombinator.com/item?id=47215736
Points: 1
# Comments: 0
Understanding Rope: From Rotary Embeddings to Context Extension
Mobile Is Not a Smaller Web App
Article URL: https://dinkomarinac.dev/blog/common-mobile-ux-mistakes-i-see-in-almost-every-project/
Comments URL: https://news.ycombinator.com/item?id=47215718
Points: 1
# Comments: 0
UKI: Unified kernel images for booting Linux from UEFI
Article URL: https://uapi-group.org/specifications/specs/unified_kernel_image/
Comments URL: https://news.ycombinator.com/item?id=47215711
Points: 2
# Comments: 0
FinMind Universal Deployment (Docker and K8s and Tilt)
Article URL: https://github.com/rohitdash08/FinMind/pull/283
Comments URL: https://news.ycombinator.com/item?id=47215707
Points: 1
# Comments: 0
Kuva: A scientific plotting library in Rust
Article URL: https://github.com/Psy-Fer/kuva
Comments URL: https://news.ycombinator.com/item?id=47215692
Points: 1
# Comments: 0
Vercel down in Dubai, EU affected also
Article URL: https://www.vercel-status.com
Comments URL: https://news.ycombinator.com/item?id=47215683
Points: 1
# Comments: 2
Overlooked and overexploited: Extensive conversion of grasslands and wetlands
Article URL: https://www.pnas.org/doi/10.1073/pnas.2521183123
Comments URL: https://news.ycombinator.com/item?id=47215679
Points: 1
# Comments: 0
Open source Bluetooth dynamometer for climbing training
Article URL: https://crimpdeq.com/
Comments URL: https://news.ycombinator.com/item?id=47215657
Points: 1
# Comments: 1
Anything that expands quickly can attract bubble accusations, and the market for cloud services in an AI age doesn’t look to be different
Executives in the West consistently underestimate technological progress in China - and the country's differing approach to AI development will lead to a significant advantage if Western leaders fail to learn
Purchase order attachment isn’t a PDF. It’s phishing for your password
An attachment named New PO 500PCS.pdf.hTM, posing as a purchase order in PDF form, turned out to be something entirely different: a credential-harvesting web page that quietly sent passwords and IP/location data straight to a Telegram bot controlled by an attacker.
Imagine you’re in accounts payable, sales, or operations. Your day is a steady flow of invoices, purchase orders, and approvals. An email like this may look like just another item in your daily queue.
“Dear Seller
I hope this message finds you well!
I am interested in purchasing this product and I would appreciate it if you could provide me with a quotation for the following attached below:
Quantity: [f16940-500PCS]
Any specific specifications or details, if applicable
Additionally, I would like to inquire about the estimated delivery time once the order is confirmed. Kindly include your usual delivery schedule and any relevant terms.
Please let me know the total cost, including any applicable taxes or fees, and any other relevant terms.
Thank you very much for your assistance. I look forward to your prompt response.”
What immediately jumps out is the double file extension. Attachments with extensions like .pdf.htm are classic phishing tactics. These files are usually disguised as documents (PDF), but they’re actually HTML files that open in a browser and can contain malicious scripts or phishing forms.
But let’s suppose you didn’t notice that. What happens when you open the attachment?
You’re shown a password prompt in front of a blurred background. The recipient’s email address is already filled in. In the background, the phishing script grabs some environment details—IP, geolocation, and user agent—and sends them to the attacker along with any details you filled out.
After a short “Verifying…” message, you get a familiar-looking error:
“Your account or password is incorrect. Try again.”This is a psychological trick:
- It’s believable (typos happen).
- It encourages a second password attempt, perhaps to try to harvest another, different password.
You type your password again and click Next and this one appears to be accepted.
Instead of opening a real document, you’re redirected to a blurry image that looks like an invoice hosted on ibb[.]co. That’s a shortened domain for ImgBB, a legitimate image-hosting and sharing service. That unexpected image may confuse you just enough to stop you from immediately changing your credentials or immediately alerting your IT department.
Rather than emailing stolen credentials or logging them on a server that might be blocked by security software, the page sends them using a Telegram bot. The attacker receives:
- Email and password combination
- IP and geolocation
- Browser and operating system details
Telegram is encrypted, widely used, and often not blocked by organizations, which makes it a popular command and control (C2) channel for phishers.
The unobfuscated SendToTelegram functionAs unprofessional as this phishing attempt may look, each victim sending actual login details to the phisher is a win on a near-to-zero investment. For the target, it can turn into a nightmare ranging from having to change passwords to a compromised Acrobat or other account, which can then be used and sold for more serious attacks.
How to stay safeThe good news: once you know what to look for, these attacks are much easier to spot and block. The bad news: they’re cheap, scalable, and will continue to circulate.
So, the next time a “PDF” asks for your password in a browser, pause to think about what might be hiding under the hood.
Beyond avoiding unsolicited attachments, here are a few ways to stay safe:
- Only access your accounts through official apps or by typing the official website directly into your browser.
- Check file extensions carefully. Even if a file looks like a PDF, it may not be.
- Enable multi-factor authentication for your critical accounts.
- Use an up-to-date, real-time anti-malware solution with a web protection module.
Pro tip: Malwarebytes Scam Guard recognized this email as a scam.
We don’t just report on scams—we help detect them
Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard. Submit a screenshot, paste suspicious content, or share a link, text or phone number, and we’ll tell you if it’s a scam or legit. Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.