Feed aggregator

Article URL: https://mssv.net/2026/04/29/im-making-strandfall-a-solarpunk-orienteering-larp/

Comments URL: https://news.ycombinator.com/item?id=48106110

Points: 1

# Comments: 0

Article URL: https://gizmodo.com/canva-admits-its-ai-tool-removed-palestine-from-designs-apologizes-for-any-distress-it-caused-2000751215

Comments URL: https://news.ycombinator.com/item?id=48106097

Points: 4

# Comments: 0

Article URL: https://www.texasattorneygeneral.gov/news/releases/attorney-general-ken-paxton-sues-netflix-spying-texas-kids-and-consumers-illegally-collecting-users

Comments URL: https://news.ycombinator.com/item?id=48106069

Points: 1

# Comments: 0

Article URL: https://www.wsj.com/health/wellness/boys-peptides-stacks-looksmaxxing-trevor-larcom-835e58cd

Comments URL: https://news.ycombinator.com/item?id=48106054

Points: 2

# Comments: 1

Article URL: https://github.com/borchero/ducklake-sdk

Comments URL: https://news.ycombinator.com/item?id=48106034

Points: 1

# Comments: 0

Article URL: https://matklad.github.io/2026/05/12/software-architecture.html

Comments URL: https://news.ycombinator.com/item?id=48106024

Points: 16

# Comments: 0

Article URL: https://www.faceidsearch.com/en

Comments URL: https://news.ycombinator.com/item?id=48106006

Points: 1

# Comments: 0

Article URL: https://blog.jacobstechtavern.com/p/urlsession-to-electrons

Comments URL: https://news.ycombinator.com/item?id=48105996

Points: 1

# Comments: 0

Hi, I built Survser as a more affordable survey / user research solution because I found existing tools to be bloated and unnecessarily expensive. Hope someone finds it useful.

Comments URL: https://news.ycombinator.com/item?id=48105992

Points: 2

# Comments: 0

Article URL: https://ducklake-with-vgi.query-farm.services/

Comments URL: https://news.ycombinator.com/item?id=48105986

Points: 2

# Comments: 0

UK anti-fraud non-profit Cifas just published research that should bother anyone who runs a business, or buys from one: One in eight workers at large enterprises have either sold their company login credentials or know someone who did.

The internet is awash with compromised credentials that employees use to access company systems. Threat intelligence company KELA tracked nearly 2.9 billion compromised credentials globally in 2025. Most of these come from phishing attacks and infostealers. But thanks to employees wanting to make a quick buck, cyber criminals can just make people an offer.

The insiders nobody’s watching

Cifas interviewed 2,000 employees of companies with at least 1,000 staff. Of these, 13% admitted to selling their corporate access credentials in the last 12 months, or knowing someone who did. Amazingly, as the report says, the sellers did so “often under the belief it’s harmless.”

Newsflash: Selling your account credentials isn’t harmless. Criminals want them so they can take over the account and do nefarious things with it. Account takeovers in the US surged 6% to over 78,000 last year, according to Verizon.

Many hijacked accounts are personal ones for services ranging from social media to online streaming sites, and of course bank accounts. But many others are accounts for business systems like Microsoft 365, Salesforce, and other platforms that hold sensitive company data. Those secrets are valuable commodities for criminals who can then trade them on the open market.

Your boss is more likely to sell than you

Ideally, this is where a common technique called “least-privilege access” should come in.

The idea is that a corporate online account should only have access to what it needs. So Jim in the canteen should have access to the food ordering system, but not to the entire customer database. That way, even if Jim’s account gets compromised, the worst the attackers could do is deprive you of sausages tomorrow.

The problem is that, according to the report, higher-ups are even more comfortable selling their account credentials than low-level employees. Thirty-two percent of senior managers find it justifiable, along with 36% of directors, 43% of C-suite executives, and, stunningly, four in five business owners. Their roles mean that even with least-privilege access, their accounts can still open routes to sensitive system functions and data.

This isn’t just a UK problem

The Cifas research is UK-specific, but that’s likely not where it ends. We’ve seen employees at several companies selling access to either company accounts or records. For example, cryptocurrency company Coinbase revealed last year that employees at a Bangladesh-based outsourcing company sold customer records to hackers.

Compromised credentials are widespread. Our own research found that in a single 30-day window, 111 Fortune 500 companies had employee credentials leaked. Long-term, 363 of those firms (that’s 73%) have lost control of at least one employee credential.

Employees selling their access credentials isn’t just bad for the companies that employ them. It’s also bad for customers.

When a director’s password goes up for sale, a customer file might not be far behind, although it likely won’t be the director selling it. Malwarebytes found that 91% of Fortune 500 companies have had their customers’ credentials leaked, and hijacked accounts are a great way to get at them.

So insider risk isn’t just a corporate issue. It’s also a consumer one. That makes us less likely to hand over our personal information to large enterprises without questioning why they need it.

Your name, address, and phone number are probably already for sale.  

Data brokers collect and sell your personal details to anyone willing to pay. Malwarebytes Personal Data Remover finds them and gets your information removed, then keeps watch so it stays that way. 

SCAN NOW

Article URL: https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack

Comments URL: https://news.ycombinator.com/item?id=48105963

Points: 1

# Comments: 1

Article URL: https://vastpoint.substack.com/p/eng-why-should-you-have-a-data-room

Comments URL: https://news.ycombinator.com/item?id=48105960

Points: 1

# Comments: 0

Article URL: https://www.gouthamve.dev/lies-damned-lies-and-elastics-benchmarks/

Comments URL: https://news.ycombinator.com/item?id=48105941

Points: 1

# Comments: 0

Article URL: https://en.wikipedia.org/wiki/Loki_Patera

Comments URL: https://news.ycombinator.com/item?id=48105929

Points: 1

# Comments: 0

Article URL: https://threatcrush.com/blog/siem-and-soc

Comments URL: https://news.ycombinator.com/item?id=48105928

Points: 1

# Comments: 0

Article URL: https://eualternative.eu/eu-cloud-comparison/

Comments URL: https://news.ycombinator.com/item?id=48105910

Points: 5

# Comments: 0

Article URL: https://memebench.net

Comments URL: https://news.ycombinator.com/item?id=48105900

Points: 3

# Comments: 1

Westminster renews calls for business leaders to sign up to its yet-to-be-launched Cyber Resilience Pledge, and highlights growth, and challenges, for the UK’s cyber economy

Article URL: https://www.untappedcities.com/nikola-teslas-lost-laboratory-manhattan/

Comments URL: https://news.ycombinator.com/item?id=48105833

Points: 1

# Comments: 0