π‘ All Feeds
Bellingham inspires ten-man England in 3-2 last-16 thriller against Mexicohttps://www.aljazeera.com/sports/2026/7/6/bellingham-inspires-ten-man-england-in-3-2-last-16-thriller-against-mexico?traffic_source=rss
England hands Mexico their first World Cup loss at Estadio Azteca, winning 3-2 to reach 2026 quarterfinals.

OPEC+ countries say they will expand monthly oil productionhttps://www.aljazeera.com/economy/2026/7/6/opec-countries-say-they-will-expand-monthly-oil-production?traffic_source=rss
Seven OPEC+ members, including Saudi Arabia and Russia, to increase output by 188,000 barrels per day.

Sports stadium becomes home for victims of the Venezuela earthquakeshttps://www.aljazeera.com/video/newsfeed/2026/7/6/sports-stadium-becomes-home-for-victims-of-the-venezuela-earthquakes?traffic_source=rss
A sports stadium in La Guaira state has been turned into a makeshift home and logistics centre for thousands of victims.

Show HN: Openleetcode β Run LeetCode solutions locally against open testshttps://github.com/therepanic/openleetcode/releases/tag/v1.0.1
Article URL: https://github.com/therepanic/openleetcode/releases/tag/v1.0.1 Comments URL: https://news.ycombinator.com/item?id=48799978 Points: 1 # Comments: 0
Ronaldoβs last World Cup? We will see, says Portugal star before Spain clashhttps://www.aljazeera.com/sports/2026/7/6/ronaldos-last-world-cup-we-will-see-says-portugal-star-before-spain-clash?traffic_source=rss

Show HN: A faithful MUMPS 76 anniversary implementation β the original NoSQL DBhttps://github.com/rochus-keller/mumps/
Article URL: https://github.com/rochus-keller/mumps/ Comments URL: https://news.ycombinator.com/item?id=48799850 Points: 2 # Comments: 1
The Sneakerwebhttps://sneakerweb.org/
Article URL: https://sneakerweb.org/ Comments URL: https://news.ycombinator.com/item?id=48799781 Points: 12 # Comments: 2
Show HN: An unmetered LLM APIβ$6/month, no token tracking, no limitshttps://yolo-auto.com/
Hi HN, I was once given the advice: Don't waste expensive frontier model credits (GPT/Claude/etc.) on bulk work. Send the boring, repetitive, high-volume jobs to a smaller model, and save the expensive prompts for when you actually need frontier-level reasoning. I complained and told my manager that I shouldnt have to think about using certain models for certain coding tasks, and that one model should handle everything. Well, here we are anyway. If anyone needs a place to absolutely abuse an LLM with high-volume tasks, come beat ours up at https://yolo-auto.com . Here are the specs for $6/monβ¦

GPT-5.6 Sol Ultra will be in Codexhttps://twitter.com/thsottiaux/status/2073933490513752151
Article URL: https://twitter.com/thsottiaux/status/2073933490513752151 Comments URL: https://news.ycombinator.com/item?id=48799614 Points: 62 # Comments: 21

The man no-one wants to face - Haaland fires Norway to history as they knock Brazil outhttps://www.bbc.co.uk/sport/football/articles/cwy006zywj8o?at_medium=RSS&at_campaign=rss
Erling Haaland has scored seven goals in four World Cup games and he is the striker that nobody wants to face as he fires Norway into an historic quarter-final.

Wegovy weight loss pill now available in UK - here's what you need to knowhttps://www.bbc.co.uk/news/articles/czj8w4pjd4yo?at_medium=RSS&at_campaign=rss
The once-a-day pill, from the makers of the Wegovy weight-loss jab, can now be bought privately in UK pharmacies.

Al Vigier: Canada's AI strategy shouldn't include secret Palantir billshttps://www.readtheline.ca/p/al-vigier-canadas-ai-strategy-shouldnt
Article URL: https://www.readtheline.ca/p/al-vigier-canadas-ai-strategy-shouldnt Comments URL: https://news.ycombinator.com/item?id=48799256 Points: 90 # Comments: 29
The Private Capture of Public Geniushttps://www.wysr.xyz/p/the-private-capture-of-public-genius
Article URL: https://www.wysr.xyz/p/the-private-capture-of-public-genius Comments URL: https://news.ycombinator.com/item?id=48799178 Points: 29 # Comments: 2

Has_not_been_viewed_muchhttps://iamwillwang.com/notes/has-not-been-viewed-much/
Article URL: https://iamwillwang.com/notes/has-not-been-viewed-much/ Comments URL: https://news.ycombinator.com/item?id=48799155 Points: 91 # Comments: 23
Connections in Math: the two kinds of randomhttps://stillthinking.net/posts/connections-in-math-two-kinds-of-random/
Article URL: https://stillthinking.net/posts/connections-in-math-two-kinds-of-random/ Comments URL: https://news.ycombinator.com/item?id=48799026 Points: 22 # Comments: 12
The dark side of the Brazilian butt lift boomhttps://www.bbc.co.uk/news/articles/c20y39wy760o?at_medium=RSS&at_campaign=rss
The aesthetics industry is worth billions but campaigners say there have been numerous cases of serious harm.

Does Code Cleanliness Affect Coding Agents?https://arxiv.org/abs/2605.20049
Article URL: https://arxiv.org/abs/2605.20049 Comments URL: https://news.ycombinator.com/item?id=48798815 Points: 36 # Comments: 16

Former partner of journalist Lyra McKee hopes her death haunts killerhttps://www.bbc.co.uk/news/articles/cy5vvydg0eqo?at_medium=RSS&at_campaign=rss

DNSGlobe β Rust TUI to watch DNS propagate around the worldhttps://github.com/514-labs/dnsglobe
Article URL: https://github.com/514-labs/dnsglobe Comments URL: https://news.ycombinator.com/item?id=48798313 Points: 26 # Comments: 20
Composite Video on the NES: Why's it so wobbly?https://nicole.express/2026/phase-altering-by-line.html
Article URL: https://nicole.express/2026/phase-altering-by-line.html Comments URL: https://news.ycombinator.com/item?id=48798247 Points: 52 # Comments: 6

Uberβs European expansion plans may have hit a speed bumphttps://techcrunch.com/2026/07/05/ubers-european-expansion-plans-may-have-hit-a-speed-bump/
Back in February, Uber announced ambitious plans to launch in seven new European markets in 2026 β but now five of those launches are reportedly on hold.

Show HN: Homegames. An open-source game platform I've been making for 8 yearshttps://homegames.io
I'm making a platform for simple open source games you can play anywhere. Games are all just JavaScript classes and you can read the source of every game on the platform. I started working on initial "games" (mostly rendering tests) in 2018 and eventually built all of the platform stuff around it to make it easy to share games. There's also an in-browser editor available for you to make and publish games all from the browser. Would love some feedback on the games and studio features as well as the platform overall. All of the code is available at https://github.com/homegamesio Comments URL: hβ¦
Completing a computer science degree on Courserahttps://notesbylex.com/completing-a-computer-science-degree-on-coursera
Article URL: https://notesbylex.com/completing-a-computer-science-degree-on-coursera Comments URL: https://news.ycombinator.com/item?id=48798061 Points: 118 # Comments: 85

Y si sΓ: the phrase uniting Mexico during the World Cuphttps://www.npr.org/2026/07/05/nx-s1-5881076/y-si-si-the-phrase-uniting-mexicos-world-cup-fans

OpenPrinterhttps://www.opentools.studio/
Article URL: https://www.opentools.studio/ Comments URL: https://news.ycombinator.com/item?id=48797916 Points: 490 # Comments: 122

Dungeon Proof Crawler: learn how to write proofs with RPGhttps://dhilst.github.io/algae/game/index.html
Article URL: https://dhilst.github.io/algae/game/index.html Comments URL: https://news.ycombinator.com/item?id=48797895 Points: 43 # Comments: 12
Thunderstorms, heat and wind will hamper efforts to contain Colorado wildfireshttps://www.npr.org/2026/07/05/nx-s1-5883052/colorado-wildfires-thunderstorms-firefighters-killed
Thunderstorms with high winds could make it more difficult to contain a massive wildfire that has scorched parts of southern Colorado.

Dependencies should be fetched directly from VCShttps://www.arp242.net/deps-vcs.html
Article URL: https://www.arp242.net/deps-vcs.html Comments URL: https://news.ycombinator.com/item?id=48797771 Points: 39 # Comments: 30
Trump memecoin investors lost $3.8 billion, analysis findshttps://techcrunch.com/2026/07/05/trump-memecoin-investors-lost-3-8-billion-analysis-finds/
Nearly 1 million people have lost a total of $3.8 billion after buying President Donald Trumpβs $TRUMP memecoin, while Trump made $636 million.

National Guard troops fatally shoot a man in downtown Memphishttps://www.npr.org/2026/07/05/nx-s1-5883091/national-guard-fatal-shooting-memphis
Memphis police say National Guard troops fired their weapons in the early morning hours of July 5, killing a man who was armed with a handgun. State investigators will handle the case.

Folarin Balogun's ban is lifted by FIFA, allowing U.S. striker to play Belgiumhttps://www.npr.org/2026/07/05/g-s1-132061/folarin-balogun-soccer-reinstated-ban-suspended-fifa-belgium

Why 3D TVs failed and the trouble with 3D in Hollywood.https://www.engadget.com/2206391/why-3d-tvs-failed/
They were annoying to use and bad 3D movies didn't help.

Emotion and politics merge in Tehran at funeral of former supreme leaderhttps://www.bbc.co.uk/news/videos/c4gyye3rplno?at_medium=RSS&at_campaign=rss

Amazon will stop accepting new customers for Mechanical Turkhttps://techcrunch.com/2026/07/05/amazon-will-stop-accepting-new-customers-for-mechanical-turk/
These may be the last days of Amazonβs Mechanical Turk.

Sony says it will still make physical discs after 2028, as long as the game came out before thenhttps://www.engadget.com/2208083/sony-will-make-physical-discs-after-2028-if-game-came-out-before-then/
Anything released after 2028 will still be digital-only.

MFA-optional banks leave safe doors (and accounts) wide open for thieves to pillagehttps://www.theregister.com/security/2026/07/05/mfa-optional-banks-leave-safe-doors-and-accounts-wide-open-for-thieves-to-pillage/5266161
Financial institutions are putting their clients at risk in the name of convenience.

5 desk gadgets that can make your workday betterhttps://techcrunch.com/2026/07/05/5-desk-gadgets-that-can-make-your-workday-better/
The right desk gadgets can help you reduce clutter, stay focused, and add a little extra convenience to your day.

Flipper Zero firmware development continues with community helphttps://www.bleepingcomputer.com/news/security/flipper-zero-firmware-development-continues-with-community-help/
Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on community contributions. [...]

C programmers commit fresh crimes against readabilityhttps://www.theregister.com/offbeat/2026/07/05/c-programmers-commit-fresh-crimes-against-readability/5265981
Prepare to be befuddled and bamboozled β and probably bewitched

Chemical accidents rise as Trump administration proposes weakening safety ruleshttps://arstechnica.com/science/2026/07/chemical-accidents-rise-as-trump-administration-proposes-weakening-safety-rules/
Chemicals from accidents that injured or killed people increased by nearly 50 percent in recent years.

Chemical accidents rise as Trump administration proposes weakening safety ruleshttps://arstechnica.com/science/2026/07/chemical-accidents-rise-as-trump-administration-proposes-weakening-safety-rules/
Chemicals from accidents that injured or killed people increased by nearly 50 percent in recent years.

Best Wi-Fi Routers (2026): My Honest Picks After Testing 40+https://www.wired.com/gallery/best-wifi-routers/
Donβt suffer the buffer. These WIRED-tested home routers will deliver reliable internet across your home, whatever your needs or budget.

Prediction Markets Let You Bet on Whether a Wildfire Will Burn Down Your Townhttps://www.wired.com/story/prediction-markets-let-you-bet-wildfire/
Wildfire survivors call fire-prediction markets βmorally reprehensibleβ and worry they could increase the risk of arson.

The missing 500 million: Cosmic bombardment melted Earth's first crusthttps://arstechnica.com/science/2026/07/the-missing-500-million-cosmic-bombardment-melted-earths-first-crust/
The heat of the Hadean may have come from impacts as well as the interior.

The missing 500 million: Cosmic bombardment melted Earth's first crusthttps://arstechnica.com/science/2026/07/the-missing-500-million-cosmic-bombardment-melted-earths-first-crust/
The heat of the Hadean may have come from impacts as well as the interior.

Review: TCL RM9L RGB-Mini LED (2026)https://www.wired.com/review/tcl-rm9l/
This massive 85-inch model is highly customizable but jaw-droppingly expensive.

Eight Sleep Pod 5 Review: The Smartest, Nosiest Bed You Can Buyhttps://www.wired.com/review/eight-sleep-pod-5/
Eight Sleepβs Pod 5 is great at its job, but its job is also watching you sleep.

NASA's Hubble spots a stellar sparkler for the Fourth of Julyhttps://www.sciencedaily.com/releases/2026/07/260704232642.htm
NASA's Hubble Space Telescope has captured a spectacular red, white, and blue view of one of the Milky Way's oldest star clusters to celebrate the nation's 250th anniversary. Hidden within the ancient cluster are clues to how exploding stars helped transform the young universe into one capable of forming planets and, eventually, life.
NASA's Hubble captures a crimson stellar nursery sparkling with blue and white starshttps://www.sciencedaily.com/releases/2026/07/260704232639.htm
Hubble has captured a spectacular view of LH 95, where about 2,500 young stars are still on their journey to becoming full-fledged stars. Scientists discovered these growing stars can keep pulling in gas and dust for millions of years, extending an important stage of stellar development. The region also contains multiple generations of stars living side by side, offering fresh clues about how star formation unfolds over time.
NASA's Hubble captures a star-spangled sea of 500,000 starshttps://www.sciencedaily.com/releases/2026/07/260704232634.htm
Celebrating the United States' 250th anniversary, NASA released a stunning Hubble portrait of Messier 3, an ancient globular cluster with more than 500,000 stars. The remarkable cluster is helping scientists unravel the Milky Way's past thanks to its rare stars and possible origins in a long ago cosmic merger.
NHS to use AI on its app to direct patients to appropriate serviceshttps://www.theguardian.com/society/2026/jul/04/nhs-ai-app-patients-appropriate-services-health
Update in England expected to reach about 200,000 patients over the next year as part of Β£10bn package to overhaul NHS systems The NHS will begin using AI on its app to direct patients to the appropriate services, it has been announced. The tool will be used to triage patients and to ascertain if they should be allocated a GP appointment. Some may be advised to attend a pharmacy or their local A&E department instead, depending on the severity of their condition. Continue reading...

Review: Supergirl is not the disaster its low box office suggestshttps://arstechnica.com/culture/2026/07/review-supergirl-is-not-the-disaster-its-low-box-office-suggests/
Itβs a pretty good movie, but it needed to be a great movie to thrive in an oversaturated superhero market.

JadePuffer ransomware used AI agent to automate entire attackhttps://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. [...]

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Casehttps://thehackernews.com/2026/07/us-government-entity-paid-kairos-group.html
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be a ransomware gang at all. Krishnan found no sign that it ever locked a single
OpenAIβs apparent failure to visit key site raises questions over UK investmenthttps://www.theguardian.com/technology/2026/jul/04/openai-apparent-failure-visit-key-site-questions-stargate-uk-project
Exclusive: Β£20bn of βpotentialβ Β£30bn AI investment touted by UK ministers appears to have been hypothetical It was to be the biggest undertaking in Britain for OpenAI, the company behind ChatGPT. Stargate UK β a multibillion-pound UK datacentre project β would represent βa major step forward in the US-UK technology partnershipβ. But the plans were paused in April , with an OpenAI spokesperson citing concerns over regulation and high energy costs . Continue reading...

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaignhttps://thehackernews.com/2026/07/north-korean-hackers-publish-108.html
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,
When the ability to smell goes awayhttps://arstechnica.com/science/2026/07/when-the-ability-to-smell-goes-away/
Disturbances in this critical sense are often linked to problems with brain health.

How AI is changing languagehttps://www.theguardian.com/books/ng-interactive/2026/jul/04/future-of-fiction-next-great-novel-ai-language-chat-gpt
As allegations of LLM use rock the literary and media worlds, linguists explain what really distinguishes human and machine writing, while novelists including Jennifer Egan and Jeanette Winterson reflect on the future of fiction in an age of ChatGPT T hree paragraphs, from three different hotel reviews. Can you tell which, if any, were AIβgenerated? βThe hotel is in a great location for everything. Lots of places to eat and drink. The hotel itself is always abuzz. The tavern located on the ground floor is definitely a must. Food, service, prices and atmosphere were great.β Continue readβ¦

NASA celebrates America's 250th birthday with incredible views of spacehttps://www.sciencedaily.com/releases/2026/07/260702230859.htm
NASA is marking the United States' 250th birthday with four striking red, white, and blue images of deep space from the Chandra X-ray Observatory. The collection features an exploded star, a stellar nursery, a galaxy where stars are rapidly forming, and a galaxy cluster that provides evidence for dark matter.
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Deviceshttps://thehackernews.com/2026/07/unpatched-flaws-disclosed-in-filesystem.html
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices built on
NetNut proxy network disrupted, 2 million infected devices cut offhttps://www.bleepingcomputer.com/news/security/netnut-proxy-network-disrupted-2-million-infected-devices-cut-off/
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes. [...]

A device that revives eyeballs from dead donors could make eye transplants possiblehttps://www.technologyreview.com/2026/07/03/1140148/a-device-that-revives-eyeballs-from-dead-donors-could-make-eye-transplants-possible/
Itβs not easy to transplant a whole human eye. The surgery is difficult. And the eyes themselves start to degenerate as soon as theyβve left the body. When surgeons attempted it a few years ago, the newly transplanted eye wasnβt able to see. But researchers believe they might have a solution: a device that maintains…

UK parents warned over posting images of children amid AI sexual abuse fearshttps://www.theguardian.com/society/2026/jul/03/ai-sexual-abuse-fears-uk-parents-warned-posting-images-children-national-crime-agency
Exclusive: National Crime Agency and safety watchdog issue guidance amid rise in explicit material online AI prey: why watchdogs are telling parents to protect children from nudification apps Parents should not put photos of their children on public display online, according to landmark guidance issued to tackle the rise of AI-generated sexual abuse material. The recommendation has come from the National Crime Agency and the Internet Watch Foundation, which fear that most people are unaware of the dangers posed by paedophiles and criminal networks. They suggest that parents and guardians makeβ¦

Parents warned not to publicly share childrenβs images amid AI abuse riskshttps://www.bbc.co.uk/news/articles/cd7wj7d0jzzo?at_medium=RSS&at_campaign=rss
The NCA says there is a growing threat of children's images being used to create child abuse material.

Fourteener Lobstershttps://lobste.rs/s/zwz0wh/fourteener_lobsters
Hey folks, Once more around the sun, today is 14 years since Lobsters launched in 2012. Like the the American fourteeners , our activity charts have been busily sloping upwards. We now have 20,412 users who've submitted 127,589 stories, written 696,054 comments, and cast 4,911,743 votes. (I'm happy to run more complicated queries than count(*) .) Previously: 2013 2016 2017 2019 2020 2021 2022 2023 2024 2025 Look back at the last yearβs top stories , or review your upvoted comments and stories to share your favorites.

Chinese LLMs Broaden the Gap Between Attackers & Defendershttps://www.darkreading.com/cyber-risk/chinese-llms-broaden-gap-between-attackers-and-defenders
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?

The Download: a smoking βendgameβ and a new Elizabeth Bear storyhttps://www.technologyreview.com/2026/07/03/1140134/the-download-uk-smoking-ban-elizabeth-bear-story/
This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. The UKβs generational tobacco ban might not work. Iβm supporting it anyway. βJessica Hamzelou As the parent of two little girls, I often think about how their childhood is different from…

The UKβs generational tobacco ban might not work. Iβm supporting it anyway.https://www.technologyreview.com/2026/07/03/1140036/uk-tobacco-ban-might-not-work-children-smoking/
As the parent of two little girls, I often think about how their childhood is different from mine. The seven-year-old is learning about AI at school. The five-year-old is given internet-based homework every week. And they are both absolutely repulsed by the idea of smoking. That was not the prevailing sentiment when I was young.…

Swimming Pools, Pee, and Trying to Delete Your Data From the Internethttps://www.troyhunt.com/swimming-pools-pee-and-trying-to-delete-your-data-from-the-internet/
I can't recall if someone else originally came up with this saying or if I said it in some off-the-cuff comment and it just propagated, but since it's often attributed back to me , I'll relay it here regardless: Trying to delete yourself

AI is 'not smart' so what's next in artificial intelligence?https://www.bbc.co.uk/news/articles/cj6gr0xkyr3o?at_medium=RSS&at_campaign=rss
Leading AI researcher Yan LeCun has a start-up which is developing a more flexible AI system.

Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBshttps://www.darkreading.com/cybersecurity-analytics/aussies-face-reduced-cybercrime-risk-pressure-shifts-smbs
Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian businesses.

Apple Reverses Age-Old Patch Policy to Keep Up With AIhttps://www.darkreading.com/cybersecurity-operations/apple-patch-policy-ai
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.

FBI Seizes NetNut Proxy Platform, Popa Botnethttps://krebsonsecurity.com/2026/07/fbi-seizes-netnut-proxy-platform-popa-botnet/
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.
FAA proposal: Supersonic airliners can fly over US cities if theyβre quiethttps://arstechnica.com/gadgets/2026/07/faa-proposal-supersonic-airliners-can-fly-over-us-cities-if-theyre-quiet/
New US rules would legalize quiet supersonic flights without the sonic boom.

Plex debuts 5-year membership pass for $250https://arstechnica.com/gadgets/2026/07/250-used-to-get-you-a-lifetime-plex-pass-now-you-get-a-five-year-subscription/
Plex is pushing customers to newer features and more frequent payments.

Google loses long-running appeal of record EU fine, will have to cough up $4.7 billionhttps://arstechnica.com/gadgets/2026/07/google-loses-long-running-appeal-of-record-eu-fine-will-have-to-cough-up-4-7-billion/
The EU went after Google for the practice of bundling its search engine and browser with Android.

How GitHub used secret scanning to reach inbox zerohttps://github.blog/security/application-security/how-github-used-secret-scanning-to-reach-inbox-zero/
GitHub had 20,000+ secret scanning alerts across 15,000 repositories. Here's how we separated signal from noise, built remediation workflows, and reached inbox zero in nine months. The post How GitHub used secret scanning to reach inbox zero appeared first on The GitHub Blog .

Meta glasses wearers hit with paywall to use built-in featurehttps://www.bbc.co.uk/news/articles/c3wy317d71jo?at_medium=RSS&at_campaign=rss
A feature in Meta's glasses which boosts the voice of people will be capped at three hours for free use.

/r/netsec's Q3 2026 Information Security Hiring Threadhttps://www.reddit.com/r/netsec/comments/1ulbf96/rnetsecs_q3_2026_information_security_hiring/
Overview If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company. We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education. Please reserve top level comments for those posting open positions. Rules & Guidelines Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position alβ¦
6 security settings every GitHub maintainer should enable this weekhttps://github.blog/security/6-security-settings-every-github-maintainer-should-enable-this-week/
These six free settings will not make your project unhackable. Nothing will. What they will do is close the easy doors. Turn these on, and your project will be meaningfully harder to attack than it was before. The post 6 security settings every GitHub maintainer should enable this week appeared first on The GitHub Blog .

r/netsec monthly discussion & tool threadhttps://www.reddit.com/r/netsec/comments/1uklqx3/rnetsec_monthly_discussion_tool_thread/
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links. Rules & Guidelines Always maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary. Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely. If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely. Avoid use of memes. If you have something to say, say it with real words. All discussions and questions should direβ¦
The Yoto Music Box Is a Ray of Hope Amid the βTechlashβ
Amid widespread βtechlashβ over addictive screens and apps, the Yoto, an audio player for children, shows thereβs still a way to make money while doing something nice.
Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)https://isc.sans.edu/diary/rss/33118
This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It's pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2].

U.S. Lifts Restrictions on Anthropicβs Most Powerful A.I. Models
Anthropicβs Code With Claude event in San Francisco last month. Federal restrictions were lifted on Tuesday from the companyβs Claude Mythos and Claude Fable A.I. models.
Neon Buys βArtificial,β a Film About OpenAI, After Amazon Dropped It
βArtificial,β a film about Sam Altman, the chief executive of OpenAI, had gotten a green light from Amazon in 2023.
Bending Spoons, Owner of AOL and Other Old Internet Brands, Is Going Public
Bending Spoons, an Italian company that buys aging internet companies, is going public this week at a potential value of $19 billion.
Weekly Update 510: Live From Mallorca with Scott Helmehttps://www.troyhunt.com/weekly-update-510/
How's the view?! Back to business, it's now 8 years ago that Scott and I thought it would be a cool idea to build Why no HTTPS? We used the site to shame companies for not implementing their transport later security property, and to make it

Scattered Spider Hackers Plead Guilty on Day 1 of Trialhttps://krebsonsecurity.com/2026/06/scattered-spider-hackers-plead-guilty-on-day-1-of-trial/
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial.
βPopaβ Botnet Linked to Publicly-Traded Israeli Firmhttps://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a "residential proxy" provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR].
Who Runs the Ransomware Group βThe Gentlemen?βhttps://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
A Record-Breaking Patch Tuesday for June 2026https://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-june-2026/
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and exploit code for at least three of the weaknesses is now publicly available.
Hackers Used Metaβs AI Support Bot to Seize Instagram Accountshttps://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting account passwords.
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattackshttps://krebsonsecurity.com/2026/05/netherlands-seizes-800-servers-arrests-2-for-aiding-cyberattacks/
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia's intelligence agencies.
Lawmakers Demand Answers as CISA Tries to Contain Data Leakhttps://krebsonsecurity.com/2026/05/lawmakers-demand-answers-as-cisa-tries-to-contain-data-leak/
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.
DEF CON 34 Badge Alert: SAO Editionhttps://media.defcon.org/DEF%20CON%2034/DEF%20CON%2034%20badge/DEF%20CON%2034%20SAO%20Spec%20Sheet.pdf
DEF CON 34 is an electronic badge year, and we've got something very special in store, created for us by a hardware hacking legend. We can't share too much at this juncture, but we can say this: it will be iconic. First round Hall of Fame. In addition to being a cool badge, it's a platform. It's a full-fledged, first-of-its-kind inspectable platform. Long after closing ceremonies we think you'll still be using this device to regain some agency and security in this rapidly complexifying world. So what we can offer right now is some data to help all the SAO enthhusiasts out there. Please enjoyβ¦

DEF CON Middle East Updatehttps://www.bna.bh/en/NationalCyberSecurityCentresignsagreementtohostDEFCONMiddleEast.aspx
It's official - the papers are signed and DEF CON Middle East is on track for November 11-12, 2026 in Bahrain! There will also be a full slate of DEF CON `2-day Trainings available November 8-10. After a very successful mini-con at last year's Arab International Cybersecurity Conference, we look forward to bringing the full DEF CON experience to Bahrain and the region. Stay tuned to these channels for updates, and save the date. The press release is here

DEF CON 34 Hotel Updatehttps://book.passkey.com/go/DefCon26
Spring has sprung. DEF CON planning season is in full swing, and our discounted room blocks are filling up fast. If you've been waiting for a sign to lock down your booking, this is probably it. The DEF CON room block at the Fountainebleau is officially sold out. Special DEF CON rates are still available at Encore and Wynn , so get those while they last. August will be here before you know it. Are you ready?

DEF CON in the News: Singapore editionhttps://www.youtube.com/watch?v=9-qKcofJvy8
Our founder, The Dark Tangent, did a live interview on CNA. It's worth your time. https://www.youtube.com/watch?v=9-qKcofJvy8

AI threats in the wild: The current state of prompt injections on the webhttp://security.googleblog.com/2026/04/ai-threats-in-wild-current-state-of.html
Posted by Thomas Brunner, Yu-Han Liu, Moni Pande At Google, our Threat Intelligence teams are dedicated to staying ahead of real-world adversarial activity, proactively monitoring emerging threats before they can impact users. Right now, Indirect Prompt Injection (IPI) is a top priority for the security community, anticipating it as a primary attack vector for adversaries to target and compromise AI agents. But while the danger of IPI is widely discussed, are threat actors actually exploiting this vector today β and if so, how? To answer these questions and to uncover real-world abuse, we iβ¦
DEF CON Middle East Call for Trainers!https://training.defcon.org/pages/2026-middle-east-call-for-trainers
We're excited to announce that the Call for Trainers is now OPEN for DEF CON Training Middle East ! Are you passionate about cybersecurity, hacking, and hands-on learning? Do you have expertise in emerging threats, defensive strategies, or cutting-edge security techniques? We want to hear from you! Visit training.defcon.org to submit your trainer application for a two-day or three-day course by May 9, 2026.

DEF CON Singapore Talks!https://defcon.org/html/defcon-singapore/dc-singapore-talks.html

Bringing Rust to the Pixel Basebandhttp://security.googleblog.com/2026/04/bringing-rust-to-pixel-baseband.html
Posted by Jiacheng Lu, Software Engineer, Google Pixel Team Google is continuously advancing the security of Pixel devices. We have been focusing on hardening the cellular baseband modem against exploitation. Recognizing the risks associated within the complex modem firmware, Pixel 9 shipped with mitigations against a range of memory-safety vulnerabilities. For Pixel 10, Google is advancing its proactive security measures further. Following our previous discussion on "Deploying Rust in Existing Firmware Codebases" , this post shares a concrete application: integrating a memory-safe Rust DNS(Dβ¦

Protecting Cookies with Device Bound Session Credentialshttp://security.googleblog.com/2026/04/protecting-cookies-with-device-bound.html
Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April 2024 announcement , Device Bound Session Credentials (DBSC) is now entering public availability for Windows users on Chrome 146, and expanding to macOS in an upcoming Chrome release. This project represents a significant step forward in our ongoing efforts to combat session theft, which remains a prevalent threat in the modern security landscape. Session theft typically occurs when a user inadvertently downloads malware onto their device. Once active, the malβ¦

Call for Hosts: Hacker Jeopardy at DEF CON Singaporehttps://defcon.org/html/defcon-singapore/dc-singapore-cfhjh.html
We are looking for charismatic, quick-witted, and tech-savvy individuals to take the stage as hosts of DEF CON's Hacker Jeopardy Singapore! If you have a knack for command-line humor, a deep well of cybersecurity trivia, and the ability to keep a rowdy room of hackers entertained, we want to hear from you. This isn't your average trivia night. As a host, you will: Local Presence: Ideally based in or able to travel to Singapore for the event, with a deep understanding of local hacker history and references. Command the Room: Moderate the game with energy, keeping the pace fast and the vibes hiβ¦

DEF CON Training Las Vegas Course Lineup is Live!https://training.defcon.org/collections/def-con-training-las-vegas-2026
DEF CON Training Las Vegas 2026 Course Lineup is now live! Weβre thrilled to share the full slate of courses for DEF CON Training in Las Vegas! Join us in August for hands-on courses led by top practitioners from across the community. For the first time ever, we will offer 1-day, 2-day, and 4-day classes! Whatever your needs, whether youβre sharpening fundamentals or diving deep into advanced techniques, thereβs something here for you! Explore the full lineup and course details here: https://training.defcon.org/ Explore our offerings, grab your seat, and get ready to learn and build.

DEF CON Middle East Dates!https://defcon.org/html/links/dc-news.html#dcme
We've got dates for this year's event in Bahrain! Following a very successful event in 2025, DEF CON and DEF CON Training are returning to Bahrain for DEF CON Middle East. Training will be held November 8-10 and DEF CON Middle East will be November 11-12. We hope you'll save the date and follow us for updates.

DEF CON 34 Theme!https://defcon.org/html/defcon-34/dc-34-theme.html
DEF CON 34's theme is 'Agency'. We're focusing on self-determination in our use of tech. Charting our own course and helping others do the same. Let's start moving our valuable attention to tech that supports our agency. Let's find the places we can help and choose to act. Read more at: https://defcon.org/html/defcon-34/dc-34-theme.html Visual style guide and homework assignments coming soon!

DEF CON 34 Pre-Registration is Open!https://us.shop.defcon.org/products/def-con-34-las-vegas-convention-center
The wait is over. Pre-registration for DEF CON 34 opens TODAY! Reminder β the cash route is unchanged: Cash at the door registration (LineCon) will continue in its traditional, vibey fashion (think hacker slumber party). Doors open Thursday, August 6 and the price is $520. Those who pre-register are guaranteed a human badge, even if we run out. To receive this badge, you must redeem your ticket onsite. The badge entitles one human full access to the DEF CON floor during open hours. Tickets are fully transferrable, so which human gets that access is up to the purchaser. Pre-reg is open at shβ¦

Introducing the New DEF CON CTF Organizers: Benevolent Bureau of Birds!https://bbbirds.org/
Back in 1996 at DEF CON 4, the first Capture The Flag contest was created. It build on the chaos of a wide open network at DC 3, and has continued to be the premier computer security CTF contest. The CTF started with a single person watching over it and turned into a team effort. Soon teams of hackers and past CTF players would become organizers, building on those that came before while continuing to push the edge of what's possible. Today things are changing fast, with agentic tools shaking up the industry. This change has already been reflected in the CTF space. At DEF CON 33 CTF, Sampritiβ¦

Seasonal Switch 2 sales show significant slowing as annual cycle sunsetshttps://arstechnica.com/gaming/2026/01/seasonal-switch-2-sales-show-significant-slowing-as-annual-cycle-sunsets/
After record-setting launch, Western holiday sales are down compared to the first Switch.

Google settles shareholder lawsuit, will spend $500M on being less evilhttps://arstechnica.com/gadgets/2025/06/google-settles-shareholder-lawsuit-will-spend-500m-on-being-less-evil/
Google could also be liable for legal fees in the case.

Judge in Fox News-Dominion defamation trial: 'The parties have resolved their case'https://www.cnn.com/2023/04/18/media/fox-dominion-settlement/index.html
The judge just announced in court that a settlement has been reached in the historic defamation case between Fox News and Dominion Voting Systems.
Here are the 20 specific Fox broadcasts and tweets Dominion says were defamatoryhttps://www.cnn.com/2023/04/17/media/dominion-fox-news-allegations/index.html
Student Loan Breach Exposes 2.5M Recordshttps://threatpost.com/student-loan-breach-exposes-2-5m-records/180492/
2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keyloggerhttps://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of β0ktapusβ Threat Group Victimize 130 Firmshttps://threatpost.com/0ktapus-victimize-130-firms/180487/
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.










