Feed aggregator
UK lawmakers call on government to ditch Palantir NHS contract
Google Is Quietly Buying Code from Play Store Developers to Train AI
Article URL: https://www.404media.co/google-is-quietly-buying-code-from-play-store-developers-to-train-ai/
Comments URL: https://news.ycombinator.com/item?id=48381922
Points: 2
# Comments: 1
Show HN: A HTML Quine Made with Nix
Article URL: https://emsh.cat/niccup/examples/quine/
Comments URL: https://news.ycombinator.com/item?id=48381886
Points: 1
# Comments: 0
Metaprogramming for Madmen (2012)
Article URL: https://fgiesen.wordpress.com/2012/04/08/metaprogramming-for-madmen/
Comments URL: https://news.ycombinator.com/item?id=48381879
Points: 1
# Comments: 0
Texas is becoming America Inc's centre of gravity
Article URL: https://www.economist.com/business/2026/05/31/texas-is-becoming-america-incs-centre-of-gravity
Comments URL: https://news.ycombinator.com/item?id=48381876
Points: 1
# Comments: 0
Tech CEOs Are Using AI as the Perfect Scapegoat for Mass Layoffs
Article URL: https://www.gadgetreview.com/tech-ceos-are-using-ai-as-the-perfect-scapegoat-for-mass-layoffs
Comments URL: https://news.ycombinator.com/item?id=48381875
Points: 1
# Comments: 1
Everything Should Have a Timeline
Article URL: https://www.dcaulfield.com/manage-with-a-timeline
Comments URL: https://news.ycombinator.com/item?id=48381867
Points: 1
# Comments: 0
AI-Generated Code Security Review Is Broken
Article URL: https://brunelly.com/
Comments URL: https://news.ycombinator.com/item?id=48381837
Points: 2
# Comments: 0
The Texan Ideology
Article URL: https://thebaffler.com/salvos/the-texan-ideology-turner
Comments URL: https://news.ycombinator.com/item?id=48381828
Points: 2
# Comments: 0
Makerend – AI API
Article URL: https://makerend.com
Comments URL: https://news.ycombinator.com/item?id=48381814
Points: 1
# Comments: 1
SpaceX targets $1.75T valuation in all-primary IPO next week,sources say
Post Office IT scandal supplier’s voluntary exit scheme is oversubscribed as hundreds of staff want to make a break
Copilot SDK is now generally available
Article URL: https://github.blog/changelog/2026-06-02-copilot-sdk-is-now-generally-available/
Comments URL: https://news.ycombinator.com/item?id=48381637
Points: 1
# Comments: 0
AI Won't Replace Your DevOps Pipeline – But It Will Expose How Fragile It Is
Article URL: https://theaileverageweekly.com/posts/ai-won-t-replace-your-devops-pipeline-but-it-will-expose-how-fragile-i.html
Comments URL: https://news.ycombinator.com/item?id=48381618
Points: 1
# Comments: 0
Is a Flat-Top Grill Worth It? A Grilling Expert Tells All
Infostealers are becoming the go-to phishing payload
Phishing has changed. Slowly but surely, cybercriminals are turning to infostealers instead.
Traditional phishing hasn’t gone away. Far from it. But many attackers are no longer focused solely on tricking victims into entering usernames and passwords on fake login pages. Instead, they are using infostealers to quietly collect passwords, cookies, browser data, and other sensitive information from infected devices.
This approach is attractive because it scales well and reduces friction. Instead of relying on a victim to type credentials into a fake site, the malware can harvest logins already saved in browsers, session tokens, autofill data, cryptocurrency wallet details, and even files that contain useful information.
This makes the attack chain less visible. A traditional phishing email often leaves obvious clues: a suspicious link, a fake login page, or a strange attachment. Infostealers are different. They can arrive through malicious online ads (malvertising), cracked software, fake browser updates, game cheats, or dubious download sites, and once installed, they work in the background, stealing whatever the victim’s device has in store.
Part of this shift could be due to the widespread adoption of multi-factor authentication (MFA). By stealing session cookies, cybercriminals can bypass MFA, so they can access accounts without needing a password or authentication code.
Another factor is the rise of the malware-as-a-service (MaaS) ecosystem. Infostealers are cheap to deploy, easy to scale, and highly profitable. Rather than building a full attack chain themselves, many criminals buy access to ready-made stealer kits, loaders, or initial access services from underground vendors. This lowers the barrier to entry and allows less-skilled attackers to run credential theft operations.
In many cases, infostealers are just the first stage of a larger criminal operation. The stolen data is collected, packaged, and sold to other criminals interested in the harvested information. These buyers may specialize in fraud, account takeover, business email compromise, or ransomware. A single infected machine can generate multiple revenue streams: credentials for one buyer, session cookies for another, and corporate access or wallet data for a third.
That division of labor is one reason infostealers have become so persistent. Operators can update their code, rotate infrastructure, and launch new campaigns with minimal effort, while affiliates handle distribution through phishing, malvertising, fake downloads, or social media lures.
How to stay safeBecause infostealers commonly arrive through malvertising, fake browser updates, and one-click downloads, it’s worth treating ads and pop-ups with healthy skepticism. My personal tip: Never click on sponsored ads. Instead, visit official websites directly and download software only from trusted sources such as official vendor sites or app stores.
Another increasingly popular technique is ClickFix, a social engineering attack that tricks users into infecting their own devices. Never run commands or scripts copied from websites, emails, or messages unless you trust the source and understand the action’s purpose. If a website tells you to execute a command or perform a technical action, check official documentation or contact support before proceeding.
Picked up something you shouldn’t have?Pirated software, game cheats, and cracked tools remain some of the most common delivery methods for infostealers. These downloads often come bundled with malware that installs alongside the software you intended to get. The same caution applies to many browser extensions and add-ons that promise extra features or convenience. Stick to extensions from reputable developers, check reviews and permissions carefully, and avoid installing any add-on that asks for more access than it plausibly needs.
Phishing emails are still a major threat, but many can be spotted if you slow down and verify before clicking. Even if an email looks like it comes from a trusted brand, treat unsolicited attachments and links with caution, especially when they urge you to open a file, install something urgently, or fix a billing issue. If you’re unsure, check the sender address, look for typos or odd phrasing, and confirm the request through a separate channel such as the company’s official website rather than the link in the email.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
Ask HN: Xcode with Tailscale for Remote Coding
I'd like to continue coding from the dog park - but xcode does not allow deploying unless it is over wifi.
tailscale does not work either because it does not support mDNS.
does anyone have an idea for a solution?
Comments URL: https://news.ycombinator.com/item?id=48381609
Points: 1
# Comments: 0
Show HN: Codeep Is Now on the Mac
Article URL: https://codeep.dev
Comments URL: https://news.ycombinator.com/item?id=48381603
Points: 1
# Comments: 0
Intro to Q#, Microsoft's Quantum Programming Language
Article URL: https://learn.microsoft.com/en-us/azure/quantum/qsharp-overview
Comments URL: https://news.ycombinator.com/item?id=48381585
Points: 1
# Comments: 0