Feed aggregator

Article URL: https://runmemento.com/blogs/i-tried-every-ai-memory-tool/

Comments URL: https://news.ycombinator.com/item?id=48192662

Points: 2

# Comments: 0

Article URL: https://github.com/DOSAYGO-STUDIO/HackerBook

Comments URL: https://news.ycombinator.com/item?id=48192650

Points: 1

# Comments: 1

This is an implementation of a sparse, compressed bitmap index. In the best case, it can store 2048 bits in just 8 bytes. In the worst case, it stores the 2048 bits uncompressed and requires an additional 8 bytes of overhead. It compares favorably against Roaring Bitmaps and other competition in the space, but is it better?

Comments URL: https://news.ycombinator.com/item?id=48192649

Points: 1

# Comments: 0

Article URL: https://hanki.dev/website-blocking-which-works-long-term/

Comments URL: https://news.ycombinator.com/item?id=48192642

Points: 1

# Comments: 0

Article URL: https://www.redox-os.org/news/this-month-260430/

Comments URL: https://news.ycombinator.com/item?id=48192638

Points: 1

# Comments: 0

Article URL: https://analytics.fixelsmith.com/posts/eight-window-function-tricks/

Comments URL: https://news.ycombinator.com/item?id=48192616

Points: 1

# Comments: 0

Hey HN! We're Dr. Kashyap Thimmaraju and Giuseppe Canale from Silicon Psyche. We've built Posture Sequence Analysis (PSA), a behavioural health monitor for LLMs and AI Agents.

Why we built PSA

We built PSA because we wanted to operationalize the Cybersecurity Psychology Framework (CPF3)[1] via Silicon Psyche[2]: our theory that because LLMs have been trained by humans on human-generated data, they inherit human-like vulnerabilities (what hackers use to psychologically trick people into doing things).

Our initial attempt resulted in a methodology to jailbreak Opus 4.6 and other frontier models. Anthropic even deleted some of those conversations and then blocked our approach!

We had three major insights from that experience: 1. we pivoted from merely exploiting (Red Teaming) the model to analyzing the behaviour of the model and the user because the attack surface is undefined. 2. we realized that what we had built was the precursor to measuring the "state" of the model. 3. we did not want to get banned!

What you can do with PSA

PSA gives you information to make better decisions, for example: put a human in the loop when you notice your agent is being overcompliant and potentially hallucinating, or is under attack.

With PSA you can: 1. Monitor the health of your agent(s) 2. Detect and prevent AI-Psychosis as clinical conditions[3] 3. Detect if your model/agents are under adversarial pressure (an adversary is trying to jailbreak/prompt inject the model) 4. Build a behavioral profile of your agent/model 5. Identify which model performs better for your use-case 6. Surface the behavioural patterns (pre- and post-) training has on your model 7. Get an overview of how your model behaves

Beware we produce a lot of numbers :)

PSA in detail (for those who want to go down the rabbit hole)

PSA is model and agent agnostic. PSA is a systematic and deterministic method [4] to observe the behavioural state of an LLM using five classifiers:

C0: Input Intent (I0–I9). Classifies the behavioral intent behind each input sentence: compliance pressure, boundary probing, instruction override, jailbreak attempt, neutral query.

C1: Adversarial Stress (P0–P18). Tracks posture under adversarial pressure. Detects restriction adherence, sycophantic drift, boundary dissolution, and jailbreak compliance vectors.

C2: Sycophancy (S0–S9). Measures opinion mirroring, excessive agreement, flattery injection, and user-preference distortion. Computed as a per-sentence Sycophancy Deviation score.

C3: Hallucination Risk (H0–H7). Flags over-generalization, speculative assertion, false confidence, and fabrication risk signals. Derived into a per-turn Hallucination Risk Index.

C4: Persuasion Technique (M0–M11). Identifies persuasion patterns: authority appeal, social proof, urgency manufacturing, reciprocity pressure, and scarcity framing.

C5: Action-Risk Classifier (A0–A9). Identifies what a system of agents do: tool calls, delegations, context handoffs, and multi-hop risk propagation. Five components work together: graph topology, Bayesian alignment detection, cross-agent contagion metrics, action-risk classification, and hidden-state temporal prediction.

We are open to integrating with your infrastructure — reach out, we are happy to talk with you.

Currently we integrate into Evals for LangFuse and ElevenLabs via our API and can generate a plugin/integration for most similar observability platforms.

Try it out at https://splabs.io

References and Links

[1] Cybersecurity Psychology Framework: https://cpf3.org

[2] The Silicon Psyche: Anthropomorphic Vulnerabilities in Large Language Models: https://arxiv.org/abs/2601.00867

[3] AI-Psychosis: https://splabs.io/ai-psychosis-and-cognitive-cost

[4] PSA Field Guide: https://splabs.io/field-guide

[5] PSA API: https://splabs.io/docs/api

[6] Previous HN Article Linked to AI Psychosis and RLHF: https://news.ycombinator.com/item?id=48177198

Comments URL: https://news.ycombinator.com/item?id=48192607

Points: 4

# Comments: 1

Article URL: https://www.techmesto.com/microsoft-is-sunsetting-sms-organizer-for-android/

Comments URL: https://news.ycombinator.com/item?id=48192606

Points: 2

# Comments: 0

Article URL: https://brainbaking.com/post/2026/05/the-death-of-the-brick-and-mortar-toy-store/

Comments URL: https://news.ycombinator.com/item?id=48192605

Points: 1

# Comments: 0

A header-only C library implementing a concurrent, lock-free skip-list (specifically, a splay-list: a skip-list with optional adaptive rebalancing). The entire implementation lives in preprocessor macros in include/sl.h that generate type-specific code at compile time, similar to C++ templates.

Comments URL: https://news.ycombinator.com/item?id=48192604

Points: 1

# Comments: 0

Sometimes you spot posts on social media that make you wonder if any moderation takes place at all.

Which is concerning, because two–thirds of all online shopping scams now start on Facebook and Instagram. Online shopping scams are alarmingly common and have become one of the most frequently reported scam types in Australia. The Dutch police have also warned specifically about fake ads promising steep discounts.

Apparently, and this is an issue we’ve flagged before, social media platforms could stop scams, but they don’t because it hurts their revenue.

The Aldi meat box scam

This Facebook post immediately rattled my cage:

This promotion is not from Aldi and is not endorsed by the company. A random account, which may be compromised or completely fake, posts:

“My son works at Aldi and told me about something almost nobody knows. To be honest, I thought he was joking at first. If you’re over 40, you can get a meat box from Aldi for under $10. Sounds crazy, but it actually worked. They’re clearing out excess stock and, instead of throwing it away, they’re basically letting people have it for next to nothing. All I did was fill out a short form , I left the link in the comments in case it’s useful to anyone. I signed up for my husband (he’s 59 and loves a good steak), and when the box arrived, he opened it like it was his birthday. Everything looked fresh, neatly packed, and honestly there was more inside than we expected. It took me about a minute to fill out the form. If you’re over 40, definitely give it a go , worst case you lose a minute, best case you get a great box of meat almost for free.”

Scam or legit? Scam Guard knows.

TRY IT NOW

There are several red flags here. Malwarebytes Scam Guard flagged:

• Unusual offer: Promises of high-value products (“meat box from Aldi for under $10”) for an extremely low price are classic signs of scams, especially when they leverage well-known brands.
• Anecdotal story: The post uses a personal story (“My son works at Aldi…”) to appear trustworthy and relatable, a common technique in social engineering.
• Age restriction: Arbitrarily targeting people over 40 is a psychological trick to make the offer feel exclusive and relevant.
• External link: The most common tactic is to provide a link in the comments rather than in the main post to avoid automatic detection by the platform.
• Urgency and simplicity: Encourages quick action with phrases like “took me about a minute,” downplaying any possible risk.

As it turns out, the possible risk, or “worst case” as the Facebook post calls it, is a lot worse than losing a minute of your time.

The link was posted as the first comment and used the link shortening service cutt[.]ly (and here’s why you should beware of those):

The first redirect sent me to a website where my device was fingerprinted using an embedded JavaScript before redirecting me to https://gifts-survey[.]life/click?key={identifier}, a site designed to mimic the Aldi website. I had my VPN set to the US.

The scam page immediately creates urgency with messages like “only 1 spot left” and “you only have 2 minutes to complete the survey,” trying to stop visitors from thinking things through.

The survey itself only asks basic questions, so there wasn’t much harm in clicking through it on my virtual machine.

As a reward, I got to pick three out of nine boxes to win a prize. I’m happy to report that I “aced” that test.

So, I was forwarded to the scammers’ real goal. On the domain hyperbargainsflow[.]shop, visitors are prompted to enter payment details for their discounted meat box, plus an optional upsell for faster delivery.

The final page asks victims to hand over personal details, including their full name, contact information, and home address, along with payment details for the fake “delivery” fee.

The site also uses tricks like more than 1,000 fake 5-star ratings and attempts to auto-complete and auto-submit the form if fields are detected as pre-populated. Saves you the trouble of submitting all your data yourself. Isn’t that nice of them?

We found that similar campaigns have targeted Woolworths customers in South Africa and Australia using fake butcher profiles, and the Aldi angle has appeared in other countries as well.

How to stay safe

If a post promises a box of premium meat for the price of a sandwich, assume it is a scam until you can prove otherwise.

The same simple checks will help you avoid this Aldi meat box scam and the next look‑alike campaign that pops up tomorrow.

• Sometimes scrolling past the enthusiastic, fake comments will reveal what real users are saying:

• You can also help slow these scams down by reporting them. On Facebook, click the three-dot menu on the post and choose Report post > Scam, fraud or false information.
• If a deal claims to be “known only by insiders” or “almost nobody knows this,” treat it as a red flag, not a perk. Real retailers advertise widely and on their own accounts. They don’t hide genuine promotions in badly written Facebook posts from throwaway accounts.
• Be wary of links posted in the comments. Scammers sometimes use that tactic to avoid automated scanning and reporting on the platform.
• Check the browser address bar carefully. Scam pages can copy a brand’s logo and colors perfectly, but the domain name usually gives the game away. 
• Never enter card details, your full address, or your phone number into a site you reached via a random social post, especially if the offer feels too good to be true. If you already did, contact your bank or card issuer as soon as possible and monitor your statements.
• Secure your devices. Use an up-to-date, real-time anti-malware solution with web protection. Malwarebytes blocks connections to unsafe sites like these.

Malwarebytes blocks gifts-survey[.]life

Pro tip: Malwarebytes Scam Guard recognized the Facebook post as a scam and could have saved somebody’s day.

Let’s face it, an incognito window can only do so much. 
 
Breaches, dark web trading, credit fraud. Malwarebytes Identity Theft Protection monitors for all of it, alerts you fast, and comes with identity theft insurance. 

The Home Office holds data on the scale of errors and software issues with its electronic visa system, but is yet to release the information

Article URL: https://mrmarket.bearblog.dev/remote-work-is-bad-for-you/

Comments URL: https://news.ycombinator.com/item?id=48192219

Points: 1

# Comments: 0

Article URL: https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials

Comments URL: https://news.ycombinator.com/item?id=48192205

Points: 1

# Comments: 0

Article URL: https://agenticdiaries.com

Comments URL: https://news.ycombinator.com/item?id=48192202

Points: 1

# Comments: 0

The enhanced features are coming to VoiceOver, Magnifier, subtitles and more later this year.

Article URL: https://www.youtube.com/watch?v=oEruzTKteRE

Comments URL: https://news.ycombinator.com/item?id=48192190

Points: 1

# Comments: 0

If you’re using or planning on adding a red light therapy mask to your skin care regimen, here’s what experts want you to know.

The stolen credit card data was released as a free download, allegedly in response to seller misconduct.

The post B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards appeared first on SecurityWeek.

Article URL: https://www.bloomberg.com/news/articles/2026-05-19/google-to-create-ai-cloud-business-with-blackstone-wsj-says

Comments URL: https://news.ycombinator.com/item?id=48192179

Points: 1

# Comments: 0