Feed aggregator

Article URL: https://pinhead.ink/

Comments URL: https://news.ycombinator.com/item?id=47134761

Points: 1

# Comments: 0

Article URL: https://www.cnx-software.com/2026/02/24/gyroidos-virtualization-solution-aims-to-secure-embedded-devices-ease-cybersecurity-certification/

Comments URL: https://news.ycombinator.com/item?id=47134732

Points: 1

# Comments: 1

Article URL: https://www.openlegion.ai/

Comments URL: https://news.ycombinator.com/item?id=47134730

Points: 4

# Comments: 3

Article URL: https://github.com/renovatebot/renovate/discussions/41414

Comments URL: https://news.ycombinator.com/item?id=47134727

Points: 1

# Comments: 0

Article URL: https://teotti.com/llm-and-mcp-a-primer/

Comments URL: https://news.ycombinator.com/item?id=47134713

Points: 1

# Comments: 1

Article URL: https://growingswe.com/blog/quadtrees

Comments URL: https://news.ycombinator.com/item?id=47134702

Points: 3

# Comments: 0

Hey HN. I've spent 10 years doing IT work, mostly infrastructure and scripting, the stuff nobody writes blog posts about. No CS degree. This is my first startup and I have no idea if I'm doing it right. Here's the problem that bugged me: every AI agent setup I looked at just blasts everything through GPT-4 or whatever the biggest model is. That's insane for 80% of tasks. You don't need a $0.03/1k token model to parse a CSV. So I built two things. Rhelm is a web app for organizing AI work visually, boards and tasks, kind of like Linear but for agent workflows. goClaw is a companion mobile app (coming to App Store and Play Store) that lets you talk to your agents from your phone. Text or voice. "Hey, spin up the data cleaning job" and it figures out which model to route it to based on what the task actually needs. The routing is the part I care about most. Task comes in, system looks at complexity, picks the cheapest model that can handle it. Sometimes that's a local model, sometimes it's an API call, sometimes it's "this actually needs a human." I built the core loop in about 4 days. I've been breaking and fixing it since. I'm not going to pretend I have everything figured out. I definitely don't. But I'm mass rounding off the rough edges and I'd rather ship something and learn from people smarter than me than sit on it forever. https://rhelm.io (waitlist is open) What am I missing? What would make you actually use something like this?

Comments URL: https://news.ycombinator.com/item?id=47134694

Points: 1

# Comments: 0

Article URL: https://en.wikipedia.org/wiki/Be_My_Baby

Comments URL: https://news.ycombinator.com/item?id=47134678

Points: 1

# Comments: 1

Built this as an experiment in giving LLMs embodied musical experience. It's an MCP server with 120 MIDI songs across 12 genres. Each genre has one fully annotated exemplar the model studies first. The rest are raw MIDI waiting to be learned.

The model can read sheet music, play songs through your speakers, view an SVG piano roll it can read back to verify what it played, and write to a practice journal that persists across sessions. Learning compounds over time.

Comments URL: https://news.ycombinator.com/item?id=47134676

Points: 1

# Comments: 0

A fraudulent website dressed in Avast’s brand is tricking French-speaking users into handing over their full credit card details—card number, expiry date, and three-digit security code—under the cover story of processing a €499.99 refund that was never owed to them.

The operation combines live chat “support,” a hardcoded alarming transaction amount, and a convincing replica of Avast’s visual identity to create urgency and harvest payment data at scale.

“You were charged €499.99 today“

The phishing page opens with what appears to be a legitimate Avast web portal. The Avast logo is loaded directly from Avast’s own content delivery network—a deliberate touch that ensures the orange-and-white shield renders perfectly and passes a casual visual check. The page header offers links to “Home,” “My Account,” and “Help,” all styled to match Avast’s real interface.

Below the header, a warning box in Avast’s signature orange catches the eye: cancellation requests must be filed within 72 hours, it says. Then, in the same breath, warns that transactions older than 48 hours “can no longer be cancelled.” The internal contradiction is easy to miss when your attention is fixed on the larger claim just below it.

That claim is a transaction record showing today’s date and a debit of -€499.99. The date is not hardcoded. A single line of JavaScript reads the visitor’s local system clock and writes the current date into the page at load time. Whenever a victim arrives, whether on a Tuesday in February or a Friday in August, the charge appears to have happened that very morning.

The amount, however, is fixed. Every visitor sees exactly -€499.99, a sum carefully chosen to be large enough to provoke immediate action but not so large as to strain credibility for a software subscription.

There is no real transaction. No Avast account has been accessed. The number exists solely to make the visitor feel robbed.

What the form asks for and where the data goes

The cancellation form below asks for a reason for the refund (a dropdown offers “Avast refund,” “Fraudulent transaction,” “Duplicate transaction,” and “Other”), followed by a full set of personal information: first name, last name, email address, phone number, street address, city, region, and postal code. Filling in this section is framed as routine identity verification—necessary, the page implies, before any refund can be processed.

Once the form is submitted, a modal dialogue appears titled “Card Information.” The page asks for the victim’s credit card number, expiry date, and CVV security code, supposedly so the refund can be credited back to the original payment method.

Fake Avast site: Request for victim’s card information

This is the moment the operation has been building toward.

The page even implements Luhn algorithm validation (the mathematical check banks use to verify card numbers) so test numbers or accidental typos are rejected before submission. Only structurally valid card numbers are accepted.

When the Confirm button is clicked, the browser sends a POST request to send.php; a backend file that receives the entire payload as a JSON object. That payload contains every field the victim filled in: name, address, contact details, card number, expiry, and CVV.

After the data is dispatched, the victim is redirected to a confirmation page that reads:

“Your application is being processed — Thank you for your inquiry.”

Below that reassuring message sits a button labeled “Uninstalling Avast”. A final social engineering nudge encouraging the victim to remove the very security software that might otherwise alert them to what has just happened.

Fake Avast site: Your application is being processed Why is there live chat on a phishing page?

What sets this campaign apart from many phishing pages is the presence of a real-time live chat widget embedded in the bottom-right corner of the screen. The widget is provided by Tawk.to, a legitimate customer support platform, and carries the account identifier 689773de2f0f7c192611b3bf with widget code 1j27pp82q.

This means someone (almost certainly the operators of the phishing site) can see when a visitor is on the page and engage them in live conversation.

The tactical value is significant. A confused visitor who notices the timing mismatch (“72 hours” vs “48 hours”), or who hesitates before entering card details, can be nudged forward by a “support agent” offering reassurance in real time.

It transforms a static phishing page into an interactive fraud operation.

Who is this page designed to catch?

What makes this page unusually effective is that it does not need to target a specific type of person. It is built to catch four entirely different kinds of visitor with the same form, each with a different reason to comply.

• The Avast customer: someone who bought a license, did not want the renewal, and sees this page as a legitimate route to dispute the charge. Their existing relationship with the brand makes the interface feel familiar.
• The forgotten subscriber: They have an Avast account but do not remember signing up. Perhaps it was years ago or bundled with another product. They see -€499.99, conclude they are being wrongly charged, and never think to log into an account they barely remember having.
• The alarmed non-customer: They have never used Avast. They see the charge and assume their card details have been stolen and used without their knowledge. They arrive already convinced that a crime has been committed against them, already in a hurry, and already primed to trust any official-looking process that offers to fix it. This is the most dangerous profile as the 72-hour window is not just a detail to them, it feels like a deadline.
• The opportunist: someone who knows they were not charged but believes they have found €499.99 waiting to be claimed. They attempt to collect money that was never theirs, only to lose their own card details in the process.

The page never has to distinguish between these visitors. It asks no questions that would reveal which profile a person belongs to. No account login, or license key, or proof of purchase. Just a charge, a form, and a card field.

How to tell if a refund page is a scam

Refund scams like this are not limited to Avast. Any brand can be impersonated. Here are the warning signs to watch for:

• A charge you don’t recognize that appears “today”: Scammers often insert the current date automatically to make the transaction feel urgent and real.
• Urgent cancellation windows: Messages claiming you have limited time to act are designed to pressure you into rushing.
• Requests for full credit card details to “process” a refund: Legitimate refunds do not require you to re-enter your full card number and CVV on a random page.
• No login, license key, or proof of purchase required: Real companies verify your account. Scam pages skip verification and go straight to payment details.
• Live chat pushing you to complete the process: Real-time reassurance from a “support agent” can be part of the scam, not proof the site is legitimate.
• Instructions to uninstall your security software: No genuine refund process will ever require you to remove your protection.
• Lookalike domains: Slightly altered website names are a major red flag. Always type the official company website directly into your browser instead of clicking links.

Spotting even one of these signs should make you stop. Do not enter personal or financial information on a page you reached through an unsolicited message or suspicious link.

What to do if you entered your details

If you submitted your card details:

• Contact your bank or card issuer immediately and cancel the card
• Dispute any unauthorized charges
• Do not wait for fraud to appear — stolen card data is often used quickly
• Change passwords for accounts linked to the email address you provided
• Run a full scan with a reputable security product

Other ways to stay safe:

• Keep your device and software up to date
• Use active anti-malware protection with web protection enabled
• If you’re unsure whether something is a scam, Malwarebytes users can submit suspicious messages to Scam Guard for review

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard. Submit a screenshot, paste suspicious content, or share a link, text or phone number, and we’ll tell you if it’s a scam or legit. Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.

Article URL: https://www.wsj.com/finance/currencies/binance-iran-sanctions-financing-staff-b1648133

Comments URL: https://news.ycombinator.com/item?id=47134396

Points: 1

# Comments: 0

Article URL: https://yomisensei.net/blog/bl-gl-analysis

Comments URL: https://news.ycombinator.com/item?id=47134387

Points: 1

# Comments: 0

Article URL: https://www.youtube.com/watch?v=_k22WAEAfpE

Comments URL: https://news.ycombinator.com/item?id=47134384

Points: 1

# Comments: 0

Article URL: https://www.qrexpress.org/#en

Comments URL: https://news.ycombinator.com/item?id=47134375

Points: 1

# Comments: 0

Article URL: https://www.shakti.com

Comments URL: https://news.ycombinator.com/item?id=47134371

Points: 1

# Comments: 1

Article URL: https://www.anildash.com/2026/02/23/taking-action-ai-harms/

Comments URL: https://news.ycombinator.com/item?id=47134355

Points: 1

# Comments: 0

Article URL: https://github.com/folospior/grom

Comments URL: https://news.ycombinator.com/item?id=47134353

Points: 1

# Comments: 0

Article URL: https://old.reddit.com/r/cscareerquestions/comments/1rd3x3v/what_happened_to_the_jobs_that_were_supposed_to/

Comments URL: https://news.ycombinator.com/item?id=47134350

Points: 1

# Comments: 0

Article URL: https://agilitza.com/blog/no-good-engineer-is-arrogant/

Comments URL: https://news.ycombinator.com/item?id=47134319

Points: 1

# Comments: 0

Hi HN,

I built VVMList for cybersecurity learners to easily find specific techniques used on specific machines.

A few years ago, I originally created VVMList to track the machines I completed and the techniques I used to solve them. After some time, I semi-abandoned the project.

At the end of 2024, I revisited the idea and decided to expand it into something bigger. More like a structured "ctf bible" for learners who want to study techniques in a more organized way.

For this, I read through many machine writeups from Vulnhub, HackMyVM, VulNyx and HackTheBox. I extracted and categorized the techniques used in each machine.

This process led to VVMList v3. when I first started, the project included around 250 machines. With v3, it grew to over 1200 machines, which allowed me to reach the original scope I had in mind.

In the 2026 annual update (v3.2), I added newly released machines from the platforms, integrated ctfmirror.com (my another project) for all machine images and integrated archive.org for all writeups. The goal was to provide a more centralized solution and reduce the risk of resources disappearing over time.

I'd really appreciate feedback from the community. Does the structure make sense? Are there techniques or machines that you think are missing? Any suggestions to improve usability or make it more useful for learners are very welcome.

Thanks for taking a look.

Comments URL: https://news.ycombinator.com/item?id=47134315

Points: 1

# Comments: 0