Feed aggregator

Article URL: https://www.nbcnews.com/world/united-kingdom/david-attenborough-excited-hushed-voice-nature-programs-turns-100-rcna344192

Comments URL: https://news.ycombinator.com/item?id=48062848

Points: 1

# Comments: 1

Article URL: https://arxiv.org/abs/2605.00503

Comments URL: https://news.ycombinator.com/item?id=48062840

Points: 1

# Comments: 0

Article URL: https://arxiv.org/abs/2104.14722

Comments URL: https://news.ycombinator.com/item?id=48062780

Points: 1

# Comments: 0

Article URL: https://cli.narelabs.com/

Comments URL: https://news.ycombinator.com/item?id=48062768

Points: 2

# Comments: 0

Article URL: https://garrido.io/notes/podman-rootless-containers-copy-fail/

Comments URL: https://news.ycombinator.com/item?id=48062745

Points: 2

# Comments: 0

Article URL: https://www.astralcodexten.com/p/three-model-organisms-for-taste

Comments URL: https://news.ycombinator.com/item?id=48062741

Points: 1

# Comments: 0

Article URL: https://stonetools.ghost.io/pipedream-archimedes/

Comments URL: https://news.ycombinator.com/item?id=48062729

Points: 1

# Comments: 0

I've built a Claude Code course initially to help out my friends and colleagues to get more efficient with coding agents - see it at https://code-agents.ai

I published the content I was telling to my circle as a docs style course material and so far people seem uninterested. And, I would like to understand why. Curious to hear your thoughts on this.

* Do you think that course content as premium docs style would work for you or would you rather prefer video content?

* Do you think that this content is not worth paying for? If so, why?

* Coding with agents is a new skill and do you feel you might have a gap to fill there?

Please tell me what you think with honest feedback so I make an informed decision for changing the content for another audience - maybe vibe coders.

Comments URL: https://news.ycombinator.com/item?id=48062726

Points: 1

# Comments: 0

Article URL: https://old.reddit.com/r/cpanel/comments/1t6wf5n/cpanel_whm_security_update_cve202629201/

Comments URL: https://news.ycombinator.com/item?id=48062721

Points: 1

# Comments: 0

Article URL: https://war.gov/UFO

Comments URL: https://news.ycombinator.com/item?id=48062713

Points: 2

# Comments: 1

Article URL: https://github.com/Brumbelow/clipd

Comments URL: https://news.ycombinator.com/item?id=48062710

Points: 1

# Comments: 0

Article URL: https://github.com/openai/openai-cli

Comments URL: https://news.ycombinator.com/item?id=48062694

Points: 1

# Comments: 0

Article URL: https://blog.google/innovation-and-ai/infrastructure-and-cloud/google-cloud/alphaevolve-updates/

Comments URL: https://news.ycombinator.com/item?id=48062692

Points: 1

# Comments: 0

I signed up for Pro recently, and now I get morning updates from GPT of random AI synthesis.

Has anyone seen a valid use case for this where they saw something they otherwise wouldn't have or received actionable insight?

Comments URL: https://news.ycombinator.com/item?id=48062680

Points: 1

# Comments: 0

Article URL: https://supernuclear.substack.com/p/building-a-space-people-never-want

Comments URL: https://news.ycombinator.com/item?id=48062646

Points: 1

# Comments: 0

Article URL: https://www.arlo.fyi

Comments URL: https://news.ycombinator.com/item?id=48062633

Points: 1

# Comments: 0

Some time ago, we discussed whether you should allow your browser to remember your passwords.

In that article we mentioned the importance of encryption.

“With a browser password manager, someone with access to your browser could see your passwords in clear text, although Windows can be set to ask for authentication (the same you use at startup of your device).”

The typical behavior of browser password managers is to store passwords encrypted on disk, tied to your user account, and protected by the operating system.

But recently, a security researcher systematically tested every major Chromium-based browser for how they handle credentials in memory. The researcher found that Edge was the only one loading the entire password vault into plaintext process memory at startup, where it remains for the duration of the session.  

Chrome and other Chromium browsers were observed to only decrypt a password when needed (autofill or “show password”), not the whole vault, and to use mechanisms like app‑bound encryption for keys. Edge does not use those protections in this context.

So, the researcher decided to write a proof-of-concept (PoC) demonstrating that accessing that vault doesn’t rely on zero-days or complex exploitation. It relies on the relatively simple ability to read process memory, which does require elevated privileges.

But when the researcher reported the issue to Microsoft, the response was underwhelming. The company’s official response was that the behavior is “by design.” The reasoning most likely is that this behavior speeds up sign‑in and autofill, and attackers would already need a compromised machine or elevated access to read RAM, which Microsoft treats as out of scope for this design decision.

Which is basically true. An attacker already needs significant foothold: for example, code execution on the box and the ability to read Edge’s process memory, often requiring elevated privileges. This is not a remote, unauthenticated bug in the browser, but the design makes post‑compromise credential harvesting easier. And it’s a capability many infostealers already have.

It’s just another thing an attacker can do once they’ve compromised your machine. Combined with this academic study from 2024, which found many password managers leak plaintext passwords into memory under some conditions, it leads us to repeat our advice.

Should you allow your browser to remember your passwords?

Your browser password manager gives you ease of use, but that costs you some security. Of course, password managers aren’t foolproof either, so it’s important to decide for yourself where you store your passwords.

If you’re confident the website is safe, and anyone that can access it under your account won’t learn anything new, feel free to store the password in your browser, but disable autofill so you stay in control.

Use MFA where possible. It enormously reduces the risk should someone get hold of your password. And refrain from using the browser password manager to store your credit card details or other sensitive personally identifiable information, such as medical information.

But we’d add that, among the major browsers, Edge appears to be the weakest option if you still choose to use a built‑in password manager.

Stop threats before they can do any harm.

Malwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser →

Article URL: https://peptel.co/

Comments URL: https://news.ycombinator.com/item?id=48062282

Points: 1

# Comments: 0

Article URL: https://www.speakeasy.com/resources/ai-control-plane

Comments URL: https://news.ycombinator.com/item?id=48062280

Points: 1

# Comments: 0

Article URL: https://www.socialcrawl.dev

Comments URL: https://news.ycombinator.com/item?id=48062274

Points: 1

# Comments: 0