Feed aggregator

Article URL: https://www.cnbc.com/2026/05/22/trump-tariff-refunds-walmart-home-depot-target-apply.html

Comments URL: https://news.ycombinator.com/item?id=48234790

Points: 1

# Comments: 0

Article URL: https://chatgpt.com/share/6a1047b9-1cf0-83ea-82ff-13249b331ad1

Comments URL: https://news.ycombinator.com/item?id=48234780

Points: 1

# Comments: 1

Article URL: https://easycyberprotection.com/about/how-we-work/

Comments URL: https://news.ycombinator.com/item?id=48234777

Points: 1

# Comments: 0

cc @dang

Reddit has been filling up with AI generated content. Either bots engaging with naïf audiences who don't realize they're bots, or supposed humans who defend their giant copy/pastes as somehow justifiable as a spellchecked/proofread version.

I don't believe AI generated slop posts deserve consideration, either on HN or Reddit. If people rather not take the time to write something as long as these AI outputs, they're free to write a prompt-length post instead of forcing us to read the AI equivalent of a zipbomb. We can't control what people post on Reddit but I think we should have higher standards here and that Reddit has gone to the point that only very very selective submissions from there should be accepted.

On a tangent, does anyone know of a browser extension I can use to easily hide or at least highlight in red likely AI generated text?

Comments URL: https://news.ycombinator.com/item?id=48234774

Points: 1

# Comments: 0

Jacob Butler, 23, has been arrested in Canada and US authorities are seeking his extradition on computer hacking charges.

The post Canadian Man Arrested for Operating Kimwolf Botnet appeared first on SecurityWeek.

Google has issued updates for the Chrome browser patching a number of high‑severity vulnerabilities. 

The update includes fixes for two critical vulnerabilities that can be used for remote code execution just by visiting a malicious website.

The stable channel has been updated to 148.0.7778.178/179 for Windows/Mac and 148.0.7778.178 for Linux, which will roll out over the coming weeks.

How to update Chrome

If you don’t want to wait for the rollout to reach you, manually updating is easy.

The easiest way to update is to allow Chrome to update automatically. But you can end up lagging behind if you never close your browser or if something goes wrong, such as an extension preventing the update.

To update manually, click the More menu (three dots), then go to Settings > About Chrome. If an update is available, Chrome will start downloading it. Restart Chrome to complete the update, and you’ll be protected against these vulnerabilities.

Chrome version 148.0.7778.179 is up to date

You can also find step-by-step instructions in our guide to how to update Chrome on every operating system.

Technical details

The update includes fixes for two critical vulnerabilities:

CVE-2026-9111: A use-after-free vulnerability in WebRTC allowed a remote attacker to execute arbitrary code on Linux via a crafted HTML page. Use-after-free is a class of vulnerability caused by incorrect use of dynamic memory during a program’s operation. If, after freeing a memory location, a program does not clear the pointer to that memory, an attacker may be able to use the error to manipulate the program.

So if an attacker manages to trick a Linux user into opening a malicious HTML file or visit a specially crafted website, they could compromise the device.

CVE-2026-9110: An inappropriate implementation in the UI on Windows allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page.

In practice, this meant that, if an attacker had already taken control of the browser’s internal rendering engine, they could trick the browser into showing you a fake window or dialog box that looked real. This fake window could, for example, make it seem like you were entering your password on a trusted site, even though you were actually giving it to the attacker.

For those expecting this update to include a fix for the accidentally leaked “Browser Fetch” flaw this will come as a disappointment: it did not.

For those that haven’t read about it, since its reporting 46 months ago, the “Browser Fetch” vulnerability remained unknown except to Chromium developers. Then on May 20, 2026, it was published to the Chromium bug tracker. The researcher who initially reported the vulnerability assumed it had finally been fixed. Shortly afterwards, she learned that it remained unpatched. While Google removed the post, it remains available on archival sites, along with the exploit code.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Article URL: https://medium.com/@stockphotojim/the-case-for-a-puritan-spotify-why-its-time-to-strip-away-the-bloat-2df4578e3129

Comments URL: https://news.ycombinator.com/item?id=48234758

Points: 1

# Comments: 0

Article URL: https://www.gov.ca.gov/2026/05/21/governor-newsom-signs-first-of-its-kind-executive-order-to-prepare-workers-and-businesses-for-potential-ai-disruption/

Comments URL: https://news.ycombinator.com/item?id=48234757

Points: 1

# Comments: 0

Article URL: https://www.latimes.com/business/story/2026-05-22/another-california-tech-company-lays-off-thousands

Comments URL: https://news.ycombinator.com/item?id=48234746

Points: 1

# Comments: 0

Hi all. This is my first attempt at a professional PaaS application. Let me know what you think, it took me a couple of months to develop!

Comments URL: https://news.ycombinator.com/item?id=48234744

Points: 1

# Comments: 0

Article URL: https://faingezicht.com/articles/2026/04/14/emergent-inequality/

Comments URL: https://news.ycombinator.com/item?id=48234731

Points: 1

# Comments: 0

Article URL: https://blog.kulman.sk/i-wanted-async-await/

Comments URL: https://news.ycombinator.com/item?id=48234729

Points: 1

# Comments: 0

Article URL: https://blog.jonlu.ca/posts/skycards

Comments URL: https://news.ycombinator.com/item?id=48234709

Points: 1

# Comments: 0

Article URL: https://www.axios.com/2026/05/22/ai-data-centers-stocks-jobs

Comments URL: https://news.ycombinator.com/item?id=48234703

Points: 1

# Comments: 1

Article URL: https://19thnews.org/2026/05/women-opposition-ai-data-centers/

Comments URL: https://news.ycombinator.com/item?id=48234702

Points: 2

# Comments: 0

Yoshi and the Mysterious Book makes me think of my backyard, and Borges.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2026-9082 Drupal Core SQL Injection Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

We've tested dozens of security kits to find which deliver the best safety and reliability.

AI initiatives often fail due to a lack of understanding of the people impact, as well as the rigidity of existing business processes