Feed aggregator

Article URL: https://nanoclaw.dev/blog/nanoclaw-security-model

Comments URL: https://news.ycombinator.com/item?id=47194611

Points: 51

# Comments: 21

Article URL: https://magazine.hms.harvard.edu/articles/birth-parallel-imaging

Comments URL: https://news.ycombinator.com/item?id=47194596

Points: 1

# Comments: 0

Article URL: https://timmb.com/when-you-cant-escape-an-interface/

Comments URL: https://news.ycombinator.com/item?id=47194319

Points: 1

# Comments: 0

Dedicated framework for building and orchestrating autonomous AI agent teams. Includes GitHub issue routing, multi-agent Discord coordination, dev pipeline orchestration, and complete documentation.

Downloadable guide: https://caffaro.gumroad.com/l/beqtp (PWYW, suggested $5)

Comments URL: https://news.ycombinator.com/item?id=47194313

Points: 1

# Comments: 0

Article URL: https://www.periodicspiral.com

Comments URL: https://news.ycombinator.com/item?id=47194305

Points: 1

# Comments: 0

We’ve been building a small design + navigation planning tool(https://no-edit.lovable.app) over the last few months, and while testing it, we ended up manually analyzing 312 landing pages across SaaS, indie projects, and AI tools. The original goal was simple: understand how people structure navigation before designing UI. What we found surprised us. 1. 68% of pages had unclear primary navigation Either: Too many items (7+ top-level links) Or vague labels like “Solutions”, “Platform”, “Explore” Users had to think before clicking. 2. Most CTAs compete with each other In 54% of cases: 2–3 primary buttons had equal visual weight. No obvious action hierarchy. Design looked clean. Decision-making wasn’t. 3. Mobile navigation is often an afterthought A lot of responsive menus technically “worked”, but: Important links were buried CTA visibility dropped significantly 4. Information hierarchy ≠ visual hierarchy Several pages looked polished (good colors, spacing, typography), but: Navigation structure didn’t reflect user journey. Sections were ordered for storytelling, not usability. The interesting part: When we restructured some of these flows into simple sitemap-style diagrams first, clarity improved immediately — even before touching UI. It made me think that most tools focus heavily on design layers (fonts, templates, components), but skip structured navigation thinking early on. I’m curious: Do you plan navigation before visual design? Or do you design first and adjust structure later? Would love feedback from people who’ve built and tested landing pages at scale.

Comments URL: https://news.ycombinator.com/item?id=47194296

Points: 1

# Comments: 1

Article URL: https://aeon.co/essays/psychopathy-is-a-zombie-idea-why-does-it-cling-on

Comments URL: https://news.ycombinator.com/item?id=47194275

Points: 1

# Comments: 0

Article URL: https://twitter.com/trbrtc/status/2027703248887427576

Comments URL: https://news.ycombinator.com/item?id=47194238

Points: 1

# Comments: 0

I built this because prompts kept ending up in the worst possible places — Python strings, Notion docs, `.txt` files, Slack threads. There was no clean way to version them, diff them, or test the same prompt across different models without writing a throwaway script.

prompt-run treats `.prompt` files as first-class runnable artifacts. A `.prompt` file is a YAML header (model, provider, temperature, variable declarations) followed by a plain text body with `{{variable}}` substitution. You run it from the terminal:

``` prompt run summarize.prompt --var text="$(cat article.txt)" ```

You can override model and provider at runtime without editing the file:

``` prompt run summarize.prompt --model gpt-4o --provider openai ```

The `prompt diff` command runs the same prompt for two different inputs (or two prompt versions against the same input) and shows outputs side by side. That's the feature I find most useful when iterating.

Supports Anthropic, OpenAI, and Ollama out of the box. MIT license. No telemetry, no accounts, no backend — just a local CLI tool that talks directly to whichever provider you configure.

The file lives in your repo, gets versioned by git, and can be reviewed in PRs like any other code.

Would be curious to hear whether others have hit this same friction and how you've handled it.

PyPI: https://pypi.org/project/prompt-run/

Comments URL: https://news.ycombinator.com/item?id=47194215

Points: 1

# Comments: 0

Article URL: https://github.com/CodeZeno/Claude-Code-Usage-Monitor

Comments URL: https://news.ycombinator.com/item?id=47194211

Points: 1

# Comments: 1

Article URL: https://krebsonsecurity.com/2026/02/who-is-the-kimwolf-botmaster-dort/

Comments URL: https://news.ycombinator.com/item?id=47194206

Points: 1

# Comments: 0

Hi HN,

I’ve been building Opencom, an open-source customer messaging platform - basically an Intercom alternative you can run yourself with minimal setup or infrastructure to manage. Repo + demo here:

https://github.com/opencom-org/opencom

https://opencom.dev

I started working on it after years of frustration using Intercom. I love the selection of tools they offer, but not their complex and expensive pricing model or their frequent layout and UX changes. I wanted an open source alternative that was simple and cheap to run, making it accessible for projects of any size. I wanted something that was as close to Intercom's feature-set as possible, and then some. You can self host as much or as little as you like, from everything to nothing, using just the hosted frontends and backend.

What it includes

- Real-time chat via an embeddable widget, connected to a shared inbox - Tickets, campaigns/series, surveys (NPS/CSAT), segments, reports - Product tours/tooltips/checklists - Knowledge base + an AI agent with human handoff - Email channel via Resend integration - React Native SDK - with native iOS and Android SDKs planned

Hosting / deployment model

Opencom is set up so you can keep the architecture fairly simple: Backend: everything runs on Convex (the repo’s deploy guide treats Convex as the canonical backend), and email features use Resend (e.g., RESEND_API_KEY, webhook verification, etc.). Frontend: the web dashboard/widget/landing are standard Next.js/Vite apps, so you can host them on Vercel if you like (Convex has first-class docs/integration for deploying alongside Vercel).

Mix-and-match: there’s an explicit “hosted apps + your own Convex backend” profile, as well as “self-host web + your own backend” and “full self-host”.

In other words, you can either host everything yourself, or use the hosted web + mobile apps while pointing them at your Convex backend.

React Native SDK

If you want Intercom-style in-app messaging inside your own mobile app, Opencom includes a React Native SDK package in the monorepo, alongside native iOS/Android SDKs planned.

About the hosted offering

At the moment, the hosted setup is intended as a demo (so people can kick the tyres without doing a full deploy). If there’s enough demand for a reasonably priced, direct Intercom alternative, I could shift it into a proper hosted service.

Feedback I’d really appreciate

- Does the Convex-backend + Vercel-frontend split feel sensible for teams who’d otherwise buy Intercom? - Anything missing that’s a hard requirement for switching? - Thoughts on licensing / pricing expectations if this became a straightforward hosted option (no enterprise sales theatrics)? - Any other thoughts - this is my first open sourced project, and it is built heavily with AI, so I expect there to be issues / silly mistakes, and I know there are areas that need work. My hope is that others want a product like this and would be open to chipping in / fleshing out features they want or need.

Thanks for checking it out!

Comments URL: https://news.ycombinator.com/item?id=47194196

Points: 1

# Comments: 0

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the world’s largest and most disruptive botnet. Since then, the person in control of Kimwolf — who goes by the handle “Dort” — has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher’s home. This post examines what is knowable about Dort based on public information.

A public “dox” created in 2020 asserted Dort was a teenager from Canada (DOB August 2003) who used the aliases “CPacket” and “M1ce.” A search on the username CPacket at the open source intelligence platform OSINT Industries finds a GitHub account under the names Dort and CPacket that was created in 2017 using the email address jay.miner232@gmail.com.

Image: osint.industries.

The cyber intelligence firm Intel 471 says jay.miner232@gmail.com was used between 2015 and 2019 to create accounts at multiple cybercrime forums, including Nulled (username “Uubuntuu”) and Cracked (user “Dorted”); Intel 471 reports that both of these accounts were created from the same Internet address at Rogers Canada (99.241.112.24).

Dort was an extremely active player in the Microsoft game Minecraft who gained notoriety for their “Dortware” software that helped players cheat. But somewhere along the way, Dort graduated from hacking Minecraft games to enabling far more serious crimes.

Dort also used the nickname DortDev, an identity that was active in March 2022 on the chat server for the prolific cybercrime group known as LAPSUS$. Dort peddled a service for registering temporary email addresses, as well as “Dortsolver,” code that could bypass various CAPTCHA services designed to prevent automated account abuse. Both of these offerings were advertised in 2022 on SIM Land, a Telegram channel dedicated to SIM-swapping and account takeover activity.

The cyber intelligence firm Flashpoint indexed 2022 posts on SIM Land by Dort that show this person developed the disposable email and CAPTCHA bypass services with the help of another hacker who went by the handle “Qoft.”

“I legit just work with Jacob,” Qoft said in 2022 in reply to another user, referring to their exclusive business partner Dort. In the same conversation, Qoft bragged that the two had stolen more than $250,000 worth of Microsoft Xbox Game Pass accounts by developing a program that mass-created Game Pass identities using stolen payment card data.

Who is the Jacob that Qoft referred to as their business partner? The breach tracking service Constella Intelligence finds the password used by jay.miner232@gmail.com was reused by just one other email address: jacobbutler803@gmail.com. Recall that the 2020 dox of Dort said their date of birth was August 2003 (8/03).

Searching this email address at DomainTools.com reveals it was used in 2015 to register several Minecraft-themed domains, all assigned to a Jacob Butler in Ottawa, Canada and to the Ottawa phone number 613-909-9727.

Constella Intelligence finds jacobbutler803@gmail.com was used to register an account on the hacker forum Nulled in 2016, as well as the account name “M1CE” on Minecraft. Pivoting off the password used by their Nulled account shows it was shared by the email addresses j.a.y.m.iner232@gmail.com and jbutl3@ocdsb.ca, the latter being an address at a domain for the Ottawa-Carelton District School Board.

Data indexed by the breach tracking service Spycloud suggests that at one point Jacob Butler shared a computer with his mother and a sibling, which might explain why their email accounts were connected to the password “jacobsplugs.” Neither Jacob nor any of the other Butler household members responded to requests for comment.

The open source intelligence service Epieos finds jacobbutler803@gmail.com created the GitHub account “MemeClient.” Meanwhile, Flashpoint indexed a deleted anonymous Pastebin.com post from 2017 declaring that MemeClient was the creation of a user named CPacket — one of Dort’s early monikers.

Why is Dort so mad? On January 2, KrebsOnSecurity published The Kimwolf Botnet is Stalking Your Local Network, which explored research into the botnet by Benjamin Brundage, founder of the proxy tracking service Synthient. Brundage figured out that the Kimwolf botmasters were exploiting a little-known weakness in residential proxy services to infect poorly-defended devices — like TV boxes and digital photo frames — plugged into the internal, private networks of proxy endpoints.

By the time that story went live, most of the vulnerable proxy providers had been notified by Brundage and had fixed the weaknesses in their systems. That vulnerability remediation process massively slowed Kimwolf’s ability to spread, and within hours of the story’s publication Dort created a Discord server in my name that began publishing personal information about and violent threats against Brundage, Yours Truly, and others.

Dort and friends incriminating themselves by planning swatting attacks in a public Discord server.

Last week, Dort and friends used that same Discord server (then named “Krebs’s Koinbase Kallers”) to threaten a swatting attack against Brundage, again posting his home address and personal information. Brundage told KrebsOnSecurity that local police officers subsequently visited his home in response to a swatting hoax which occurred around the same time that another member of the server posted a door emoji and taunted Brundage further.

Dort, using the alias “Meow,” taunts Synthient founder Ben Brundage with a picture of a door.

Someone on the server then linked to a cringeworthy (and NSFW) new Soundcloud diss track recorded by the user DortDev that included a stickied message from Dort saying, “Ur dead nigga. u better watch ur fucking back. sleep with one eye open. bitch.”

“It’s a pretty hefty penny for a new front door,” the diss track intoned. “If his head doesn’t get blown off by SWAT officers. What’s it like not having a front door?”

With any luck, Dort will soon be able to tell us all exactly what it’s like.

Article URL: https://www.lenna.org/lenna_visit.html

Comments URL: https://news.ycombinator.com/item?id=47194174

Points: 1

# Comments: 1

If your wine rack is anywhere near your oven, it's time you find it a new home.

The in-form Hammers look to keep alive their hopes of a great escape as they head to Anfield.

These are the best baby monitors to keep an eye on your babies and toddlers.

Article URL: https://developers.cloudflare.com/changelog/post/2026-02-26-async-stale-while-revalidate/

Comments URL: https://news.ycombinator.com/item?id=47194160

Points: 2

# Comments: 0

Article URL: https://apnews.com/live/live-updates-israel-iran-february-28-2026

Comments URL: https://news.ycombinator.com/item?id=47194147

Points: 1

# Comments: 0

Article URL: https://www.theguardian.com/science/2026/feb/27/nasa-changes-delays-moon-missions

Comments URL: https://news.ycombinator.com/item?id=47194144

Points: 1

# Comments: 0