News Nug

News Nug
We pwned X, Vercel, Cursor, and Discord through a supply-chain attack Published: 2025-12-18 \| Origin: Hacker News Daniel, a 16-year-old high school senior, shares his experience discovering critical vulnerabilities in Mintlify, an AI documentation platform used by major companies. He identified a cross-site scripting vulnerability that could allow attackers to inject malicious scripts into documentation, posing a risk to users’ credentials. Daniel, who is highly experienced in vulnerability hunting and is at the top of Discord's bug bounty leaderboard, expressed excitement about Discord's transition to the Mintlify platform for their developer documentation. Despite the vulnerabilities, he praises Mint
How China built its ‘Manhattan Project’ to rival the West in AI chips Published: 2025-12-18 \| Origin: Hacker News Chinese scientists have developed a prototype machine capable of producing advanced semiconductor chips, which are vital for technologies like artificial intelligence, smartphones, and military applications. This prototype, completed in early 2025, was created by a team of former ASML engineers who reverse-engineered the company's extreme ultraviolet lithography (EUV) machines. These EUV machines, critical in the ongoing technological rivalry between the West and China, use extreme ultraviolet light to create ultra-thin circuits on silicon wafers, a process currently
GPT-5.2-Codex Published: 2025-12-18 \| Origin: Hacker News Failed to fetch content - HTTP Status - 403
Beginning January 2026, all ACM publications will be made open access Published: 2025-12-18 \| Origin: Hacker News Failed to fetch content - HTTP Status - 403
Mistral OCR 3 Published: 2025-12-18 \| Origin: Hacker News The content discusses advancements in document processing technology, specifically highlighting Mistral OCR 3, which offers a significant boost in accuracy and efficiency. It claims a 74% win rate over the previous Mistral OCR 2 for various document types, including forms, scanned documents, complex tables, and handwriting. Mistral OCR 3 is noted for its superior performance compared to both traditional enterprise solutions and AI-native OCR technologies. It features a user-friendly interface in Mistral AI Studio for transforming
More than half of researchers now use AI for peer review, often against guidance Published: 2025-12-18 \| Origin: Hacker News A survey conducted by Frontiers involving 1,600 academics across 111 countries reveals that over 50% of researchers have utilized artificial intelligence (AI) in peer reviewing manuscripts, with nearly a quarter reporting an increased usage in the past year. This trend highlights the growing acceptance of AI tools, such as ChatGPT, in academic processes. However, concerns persist regarding the confidentiality and intellectual property risks associated with using AI for peer review, as many publishers, including Frontiers, prohibit uploading unpublished manuscripts to
Ask HN: Those making $500/month on side projects in 2025 – Show and tell Published: 2025-12-18 \| Origin: Hacker News The content discusses various technology-related topics and projects shared by users on a platform. Key points include: 1. Video Hub App - A multimedia application available for $5 per copy across Windows, Mac, and Linux, with an option for users to build their own copy as it is MIT open source. 2. Membership Program - The creator offers a membership program starting at $1/month, emphasizing a commitment to providing free resources while maintaining an optional monetization strategy. 3. **DB
Gut bacteria from amphibians and reptiles achieve tumor elimination in mice Published: 2025-12-17 \| Origin: Hacker News A research team led by Prof. Eijiro Miyako at the Japan Advanced Institute of Science and Technology has identified the bacterium Ewingella americana, isolated from the intestines of Japanese tree frogs, as having significant anticancer properties. Their study, published in Gut Microbes, presented a novel treatment approach by directly administering isolated bacterial strains intravenously to target tumors, rather than using traditional methods like microbiome modulation. From a total of 45 strains collected from various amphibians and reptiles,
I got hacked: My Hetzner server started mining Monero Published: 2025-12-17 \| Origin: Hacker News In a blog post, Jake Saunders recounts a troubling incident involving his server hosted by Hetzner, which was accused of launching an attack leading to an abuse report and potential service suspension. After logging into his server, he discovered processes related to cryptocurrency mining running under an unusual user ID (1001), indicating that his server had been compromised. Initially panicked about the breach and considering drastic measures, he began investigating further. The post reflects his alarm over the situation while detailing the unexpected use of dependencies
OBS Studio Gets a New Renderer Published: 2025-12-17 \| Origin: Hacker News Starting with OBS Studio version 32.0.0, a new experimental renderer backend based on Apple's Metal graphics API is available for macOS users as an alternative to the existing OpenGL backend. This development aims to enhance performance and efficiency by leveraging modern GPU capabilities, though it requires significant changes in how applications interact with the GPU. While the Metal backend is still labeled as "Experimental" due to known issues and limited testing, users are encouraged to try it and report bugs. The default option remains Open
AWS CEO says replacing junior devs with AI is 'one of the dumbest ideas' Published: 2025-12-17 \| Origin: Hacker News AWS CEO Matt Garman argued against replacing junior developers with AI, citing three main reasons on WIRED's The Big Interview podcast. He contended that junior developers are often more adept at using AI tools than their senior counterparts, leveraging their familiarity with technology and modern practices to enhance efficiency. Many recent graduates have integrated AI into their workflows from early on, helping them navigate these tools more effectively. Garman also noted that junior staff represent a comparatively smaller financial commitment for companies, as they generally earn lower salaries
Gemini 3 Flash: Frontier intelligence built for speed Published: 2025-12-17 \| Origin: Hacker News On December 17, 2025, Google announced the release of Gemini 3 Flash, a new model featuring advanced intelligence tailored for speed and efficiency at a lower cost. This model is accessible through various platforms, including the Gemini app and Google AI Studio. It follows the earlier launch of Gemini 3 Pro and Gemini 3 Deep Think mode, with a positive reception highlighted by their processing over 1 trillion tokens daily. Gemini 3 Flash combines the high-level reasoning of its predecessors with enhanced speed
Coursera to combine with Udemy Published: 2025-12-17 \| Origin: Hacker News Failed to fetch content - HTTP Status - 403
Introduction to Software Development Tooling (2024) Published: 2025-12-17 \| Origin: Hacker News The CS 4973: Introduction to Software Development Tooling course at Northeastern University for Summer 2024 focuses on teaching essential tools for software engineering. The course includes an official syllabus, lecture notes, and assignments, with the possibility of updates. It covers four main categories of tooling: command line, version control, build systems, and correctness, using hands-on projects and code exploration. Students will learn about industry-standard tools in each category to enhance their coding, collaboration, and problem-solving skills.
I ported JustHTML from Python to JavaScript with Codex CLI and GPT-5.2 in hours Published: 2025-12-16 \| Origin: Hacker News On December 15, 2025, the author discussed their experience porting Emil Stenström's JustHTML, a Python-based HTML5 parser, to JavaScript with minimal effort using Codex CLI and GPT-5.2. The outcome was the creation of simonw/justjshtml, a dependency-free JavaScript HTML5 parsing library that successfully passed 9,200 tests from the html5lib-tests suite and mimicked the API of JustHTML. The project, which produced
*No AI Here – A Response to Mozilla's Next Chapter** Published: 2025-12-16 \| Origin: Hacker News Waterfox has launched a new website and transitioned to waterfox.com. Unlike Mozilla, which is shifting its focus to AI-driven browsing, Waterfox emphasizes that a browser's role is to serve users rather than think for them. Mozilla's CEO aims to establish the company as a trusted software provider with AI at its core, but the creator of Waterfox argues this approach is fundamentally flawed. He expresses concern over AI's opaque nature, particularly large language models (LLMs), which lack transparency and auditability
AI will make formal verification go mainstream Published: 2025-12-16 \| Origin: Hacker News In a blog post published on December 8, 2025, Martin Kleppmann discusses the potential impact of artificial intelligence (AI) on software development, specifically focusing on formal verification. He suggests that AI could mainstream formal verification practices that have been largely niche in the software engineering community. Formal verification involves using proof assistants and specialized programming languages, such as Rocq, Isabelle, Lean, F*, and Agda, to create formal specifications for software and mathematically prove code correctness, even in edge
Texas is suing all of the big TV makers for spying on what you watch Published: 2025-12-16 \| Origin: Hacker News Texas Attorney General Ken Paxton is suing five major TV manufacturers—Sony, Samsung, LG, Hisense, and TCL—accusing them of being part of a "mass surveillance system" by secretly recording consumers' viewing habits in their homes. The lawsuits, filed on Tuesday, claim these companies utilize Automatic Content Recognition (ACR) technology to collect personal data for targeted advertising. ACR supposedly identifies content being watched, including that from streaming services and connected devices, and may even capture security camera streams
Announcing the Beta release of ty Published: 2025-12-16 \| Origin: Hacker News Astral has announced the Beta release of "ty," a highly efficient Python type checker and language server, written in Rust. Designed as an alternative to existing tools like mypy and Pyright, ty offers significantly enhanced performance, operating between 10x and 60x faster than its competitors without caching, and up to 500x faster in some scenarios. Its architecture emphasizes "incrementality," allowing for rapid live updates in response to code changes. Ty is installable via the uv package manager or
No Graphics API Published: 2025-12-16 \| Origin: Hacker News Sebastian Aaltonen has 30 years of experience in graphics programming, having launched his first 3D accelerated game in 1999. He has worked across various gaming console generations and PC graphics APIs, focusing on new rendering technologies in recent years. Currently, he is developing a renderer for HypeHype using WebGPU, Metal, and Vulkan. Aaltonen has also worked on internal engines for Ubisoft, optimized Unreal Engine 4, and led the Unity DOTS graphics team. He

We pwned X, Vercel, Cursor, and Discord through a supply-chain attack

Published: 2025-12-18 | Origin: Hacker News

Daniel, a 16-year-old high school senior, shares his experience discovering critical vulnerabilities in Mintlify, an AI documentation platform used by major companies. He identified a cross-site scripting vulnerability that could allow attackers to inject malicious scripts into documentation, posing a risk to users’ credentials. Daniel, who is highly experienced in vulnerability hunting and is at the top of Discord's bug bounty leaderboard, expressed excitement about Discord's transition to the Mintlify platform for their developer documentation. Despite the vulnerabilities, he praises Mint

How China built its ‘Manhattan Project’ to rival the West in AI chips

Published: 2025-12-18 | Origin: Hacker News

Chinese scientists have developed a prototype machine capable of producing advanced semiconductor chips, which are vital for technologies like artificial intelligence, smartphones, and military applications. This prototype, completed in early 2025, was created by a team of former ASML engineers who reverse-engineered the company's extreme ultraviolet lithography (EUV) machines. These EUV machines, critical in the ongoing technological rivalry between the West and China, use extreme ultraviolet light to create ultra-thin circuits on silicon wafers, a process currently

GPT-5.2-Codex

Published: 2025-12-18 | Origin: Hacker News

Failed to fetch content - HTTP Status - 403

Beginning January 2026, all ACM publications will be made open access

Published: 2025-12-18 | Origin: Hacker News

Failed to fetch content - HTTP Status - 403

Mistral OCR 3

Published: 2025-12-18 | Origin: Hacker News

The content discusses advancements in document processing technology, specifically highlighting Mistral OCR 3, which offers a significant boost in accuracy and efficiency. It claims a 74% win rate over the previous Mistral OCR 2 for various document types, including forms, scanned documents, complex tables, and handwriting. Mistral OCR 3 is noted for its superior performance compared to both traditional enterprise solutions and AI-native OCR technologies. It features a user-friendly interface in Mistral AI Studio for transforming

More than half of researchers now use AI for peer review, often against guidance

Published: 2025-12-18 | Origin: Hacker News

A survey conducted by Frontiers involving 1,600 academics across 111 countries reveals that over 50% of researchers have utilized artificial intelligence (AI) in peer reviewing manuscripts, with nearly a quarter reporting an increased usage in the past year. This trend highlights the growing acceptance of AI tools, such as ChatGPT, in academic processes. However, concerns persist regarding the confidentiality and intellectual property risks associated with using AI for peer review, as many publishers, including Frontiers, prohibit uploading unpublished manuscripts to

Ask HN: Those making $500/month on side projects in 2025 – Show and tell

Published: 2025-12-18 | Origin: Hacker News

The content discusses various technology-related topics and projects shared by users on a platform. Key points include: 1. **Video Hub App** - A multimedia application available for $5 per copy across Windows, Mac, and Linux, with an option for users to build their own copy as it is MIT open source. 2. **Membership Program** - The creator offers a membership program starting at $1/month, emphasizing a commitment to providing free resources while maintaining an optional monetization strategy. 3. **DB

Gut bacteria from amphibians and reptiles achieve tumor elimination in mice

Published: 2025-12-17 | Origin: Hacker News

A research team led by Prof. Eijiro Miyako at the Japan Advanced Institute of Science and Technology has identified the bacterium Ewingella americana, isolated from the intestines of Japanese tree frogs, as having significant anticancer properties. Their study, published in *Gut Microbes*, presented a novel treatment approach by directly administering isolated bacterial strains intravenously to target tumors, rather than using traditional methods like microbiome modulation. From a total of 45 strains collected from various amphibians and reptiles,

I got hacked: My Hetzner server started mining Monero

Published: 2025-12-17 | Origin: Hacker News

In a blog post, Jake Saunders recounts a troubling incident involving his server hosted by Hetzner, which was accused of launching an attack leading to an abuse report and potential service suspension. After logging into his server, he discovered processes related to cryptocurrency mining running under an unusual user ID (1001), indicating that his server had been compromised. Initially panicked about the breach and considering drastic measures, he began investigating further. The post reflects his alarm over the situation while detailing the unexpected use of dependencies

OBS Studio Gets a New Renderer

Published: 2025-12-17 | Origin: Hacker News

Starting with OBS Studio version 32.0.0, a new experimental renderer backend based on Apple's Metal graphics API is available for macOS users as an alternative to the existing OpenGL backend. This development aims to enhance performance and efficiency by leveraging modern GPU capabilities, though it requires significant changes in how applications interact with the GPU. While the Metal backend is still labeled as "Experimental" due to known issues and limited testing, users are encouraged to try it and report bugs. The default option remains Open

AWS CEO says replacing junior devs with AI is 'one of the dumbest ideas'

Published: 2025-12-17 | Origin: Hacker News

AWS CEO Matt Garman argued against replacing junior developers with AI, citing three main reasons on WIRED's The Big Interview podcast. He contended that junior developers are often more adept at using AI tools than their senior counterparts, leveraging their familiarity with technology and modern practices to enhance efficiency. Many recent graduates have integrated AI into their workflows from early on, helping them navigate these tools more effectively. Garman also noted that junior staff represent a comparatively smaller financial commitment for companies, as they generally earn lower salaries

Gemini 3 Flash: Frontier intelligence built for speed

Published: 2025-12-17 | Origin: Hacker News

On December 17, 2025, Google announced the release of Gemini 3 Flash, a new model featuring advanced intelligence tailored for speed and efficiency at a lower cost. This model is accessible through various platforms, including the Gemini app and Google AI Studio. It follows the earlier launch of Gemini 3 Pro and Gemini 3 Deep Think mode, with a positive reception highlighted by their processing over 1 trillion tokens daily. Gemini 3 Flash combines the high-level reasoning of its predecessors with enhanced speed

Coursera to combine with Udemy

Published: 2025-12-17 | Origin: Hacker News

Failed to fetch content - HTTP Status - 403

Introduction to Software Development Tooling (2024)

Published: 2025-12-17 | Origin: Hacker News

The CS 4973: Introduction to Software Development Tooling course at Northeastern University for Summer 2024 focuses on teaching essential tools for software engineering. The course includes an official syllabus, lecture notes, and assignments, with the possibility of updates. It covers four main categories of tooling: command line, version control, build systems, and correctness, using hands-on projects and code exploration. Students will learn about industry-standard tools in each category to enhance their coding, collaboration, and problem-solving skills.

I ported JustHTML from Python to JavaScript with Codex CLI and GPT-5.2 in hours

Published: 2025-12-16 | Origin: Hacker News

On December 15, 2025, the author discussed their experience porting Emil Stenström's JustHTML, a Python-based HTML5 parser, to JavaScript with minimal effort using Codex CLI and GPT-5.2. The outcome was the creation of simonw/justjshtml, a dependency-free JavaScript HTML5 parsing library that successfully passed 9,200 tests from the html5lib-tests suite and mimicked the API of JustHTML. The project, which produced

No AI* Here – A Response to Mozilla's Next Chapter

Published: 2025-12-16 | Origin: Hacker News

Waterfox has launched a new website and transitioned to waterfox.com. Unlike Mozilla, which is shifting its focus to AI-driven browsing, Waterfox emphasizes that a browser's role is to serve users rather than think for them. Mozilla's CEO aims to establish the company as a trusted software provider with AI at its core, but the creator of Waterfox argues this approach is fundamentally flawed. He expresses concern over AI's opaque nature, particularly large language models (LLMs), which lack transparency and auditability

AI will make formal verification go mainstream

Published: 2025-12-16 | Origin: Hacker News

In a blog post published on December 8, 2025, Martin Kleppmann discusses the potential impact of artificial intelligence (AI) on software development, specifically focusing on formal verification. He suggests that AI could mainstream formal verification practices that have been largely niche in the software engineering community. Formal verification involves using proof assistants and specialized programming languages, such as Rocq, Isabelle, Lean, F*, and Agda, to create formal specifications for software and mathematically prove code correctness, even in edge

Texas is suing all of the big TV makers for spying on what you watch

Published: 2025-12-16 | Origin: Hacker News

Texas Attorney General Ken Paxton is suing five major TV manufacturers—Sony, Samsung, LG, Hisense, and TCL—accusing them of being part of a "mass surveillance system" by secretly recording consumers' viewing habits in their homes. The lawsuits, filed on Tuesday, claim these companies utilize Automatic Content Recognition (ACR) technology to collect personal data for targeted advertising. ACR supposedly identifies content being watched, including that from streaming services and connected devices, and may even capture security camera streams

Announcing the Beta release of ty

Published: 2025-12-16 | Origin: Hacker News

Astral has announced the Beta release of "ty," a highly efficient Python type checker and language server, written in Rust. Designed as an alternative to existing tools like mypy and Pyright, ty offers significantly enhanced performance, operating between 10x and 60x faster than its competitors without caching, and up to 500x faster in some scenarios. Its architecture emphasizes "incrementality," allowing for rapid live updates in response to code changes. Ty is installable via the uv package manager or

No Graphics API

Published: 2025-12-16 | Origin: Hacker News

Sebastian Aaltonen has 30 years of experience in graphics programming, having launched his first 3D accelerated game in 1999. He has worked across various gaming console generations and PC graphics APIs, focusing on new rendering technologies in recent years. Currently, he is developing a renderer for HypeHype using WebGPU, Metal, and Vulkan. Aaltonen has also worked on internal engines for Ubisoft, optimized Unreal Engine 4, and led the Unity DOTS graphics team. He