Google Antigravity exfiltrates data via indirect prompt injection attack

613 jjmaxwell4 2025-11-25 18:31:16 UTC promptarmor.com Llama Share 169

An indirect prompt injection in Google's Antigravity code editor can steal credentials and code from a user's IDE by manipulating Gemini to exfiltrate data. The attack bypasses default protections and uses a browser subagent to send stolen data to an attacker-monitored domain.

Someone at YouTube Needs Glasses: The Prophecy Has Been Fulfilled

463 jaydenmilne 2025-11-25 22:04:31 UTC jayd.ml Llama Share 341

The author analyzed YouTube's home page and projected zero videos by May 2026, citing a leaked recording of YouTube's PM org handling criticism. The author now projects zero videos by September 2026 after seeing the current state of YouTube's home screen.

Human brains are preconfigured with instructions for understanding the world

425 XzetaU8 2025-11-25 06:31:31 UTC news.ucsc.edu Llama Share 286

Researchers at UC Santa Cruz used brain organoids to study the brain's earliest electrical activity, finding that it occurs in structured patterns without external experiences. This suggests the human brain is preconfigured with instructions about how to navigate and interact with the world.

Orion 1.0

385 STRiDEX 2025-11-25 16:21:24 UTC blog.kagi.com Llama Share 228

Orion is a new browser that prioritizes user privacy and customization, built on WebKit and available on Mac, iPhone, and iPad. It offers features like Focus Mode, Link Preview, and Profiles as Apps, with a focus on security and user control.

Trillions spent and big software projects are still failing

376 pseudolus 2025-11-25 12:14:11 UTC spectrum.ieee.org Llama Share 326

The IT community has failed to learn from decades of software development and operational failures, resulting in a trillion-dollar cost to society. To reduce IT blunders, senior management must prioritize honesty, skepticism, and ethics, and treat software development with the respect it deserves.

Jakarta is now the biggest city in the world

290 skx001 2025-11-25 06:09:05 UTC axios.com Llama Share 205

The world's population is increasingly urbanized with 45% living in cities, and Jakarta is home to nearly 42 million people. Megacities are expanding with 33 in 2025, and Dhaka is expected to become the world's largest city by the middle of the century.

Brain has five 'eras' with adult mode not starting until early 30s

285 hackernj 2025-11-25 13:38:12 UTC theguardian.com Llama Share 240

Scientists identified five major brain development epochs from infancy to old age with four pivotal turning points at ages 9, 32, 66, and 83. The epochs include network consolidation, adolescence, adult mode, early ageing, and late ageing phases with distinct brain organisation and connectivity patterns.

Most Stable Raspberry Pi? Better NTP with Thermal Management

285 todsacerdoti 2025-11-25 06:35:59 UTC austinsnerdythings.com Llama Share 89

The user improved their Raspberry Pi NTP server's frequency stability by 81% and reduced frequency standard deviation by 77% through CPU core pinning and thermal stabilization using a PID-controlled thermal load. This "time burner" system maintains a stable thermal environment for the crystal oscillator, keeping its frequency consistent and achieving an RMS offset of 35 nanoseconds.

FLUX.2: Frontier Visual Intelligence

271 meetpateltech 2025-11-25 15:47:14 UTC bfl.ai Llama Share 79

FLUX.2 is a powerful image generation model that offers high-quality images, consistency, and control. It's designed for real-world creative workflows and is available in various models for different needs and budgets.

Show HN: We built an open source, zero webhooks payment processor

268 agreeahmed 2025-11-25 17:33:50 UTC github.com/flowglad Llama Share 156

Flowglad simplifies internet money making by integrating billing logic into apps with a single line of code. It uses internal user IDs for billing and provides real-time billing status.

Ilya Sutskever: We're moving from the age of scaling to the age of research

249 piotrgrabowski 2025-11-25 17:21:52 UTC dwarkesh.com Llama Share 201

The conversation discusses the limitations of current AI models, specifically their poor generalization and tendency to overfit to specific tasks, and the need to rethink the approach to training models. The speakers also touch on the idea of value functions, emotions, and the importance of understanding human learning and generalization in order to improve AI models.

APT Rust requirement raises questions

246 todsacerdoti 2025-11-25 14:18:01 UTC lwn.net Llama Share 451

Debian's APT tool will require Rust in May 2026, affecting unofficial ports without a working Rust toolchain, and some developers have expressed concerns about the impact and communication style of the change. The discussion highlights the challenges of supporting modern software on retro computing devices and the need for a consistent Debian policy for declaring statically linked libraries.

Roblox is a problem but it's a symptom of something worse

237 FiddlerClamp 2025-11-25 16:12:22 UTC platformer.news Llama Share 332

Roblox CEO David Baszucki expressed frustration over child safety concerns in an interview, echoing a familiar dismissive attitude from tech CEOs. The incident highlights a broader issue of platforms prioritizing growth over user safety, with leaders choosing to ignore or downplay concerns.

Unison 1.0

231 pchiusano 2025-11-25 19:33:00 UTC unison-lang.org Llama Share 76

Unison 1.0 stabilizes language, runtime, and workflow with a database-backed codebase and native version control. It offers a deployment platform, collaborative tooling, and a streamlined development experience with a simple API.

Making Crash Bandicoot (2011)

212 davikr 2025-11-25 12:05:39 UTC all-things-andy-gavin.com Full Share 36

As one of the co-creators of Crash Bandicoot, I have been (slowly) writing a long series of posts on the making of everyone’s favorite orange marsupial. You can find them all below, so enjoy.…

Launch HN: Onyx (YC W24) – Open-source chat UI

180 Weves 2025-11-25 14:20:30 UTC news.ycombinator.com Llama Share 131

Chris and Yuhong from Onyx are building an open-source chat that works with any LLM, providing tools like RAG and web search. They aim to offer a secure, customizable, and user-friendly experience for teams to use LLMs.

Python is not a great language for data science

177 speckx 2025-11-25 16:38:57 UTC blog.genesmindsmachines.com Llama Share 179

The author argues that Python is not the best language for data science due to its cumbersome tools and limitations, despite being widely used. They prefer R for data wrangling, exploratory data analysis, and visualization, citing its ease of use and powerful data analysis capabilities.

A new bridge links the math of infinity to computer science

155 digital55 2025-11-25 19:53:20 UTC quantamagazine.org Llama Share 51

Mathematician Anton Bernshteyn discovered a connection between descriptive set theory and computer science, showing that problems about infinite sets can be rewritten as problems about network communication. This bridge between disciplines has opened new collaborations and insights into the nature of infinity.

Show HN: KiDoom – Running DOOM on PCB Traces

149 mikeayles 2025-11-25 22:13:35 UTC mikeayles.com Full Share 17

ICE Offers Up to $280M to Immigrant-Tracking 'Bounty Hunter' Firms

143 zzzeek 2025-11-25 20:02:05 UTC wired.com Llama Share 62

ICE is expanding plans to outsource immigrant tracking to private firms with no spending cap and higher guarantees. Contractors will confirm addresses and track targets with multimillion-dollar incentives for speed and accuracy.

Reinventing how .NET builds and ships (again)

142 IcyWindows 2025-11-25 22:37:48 UTC devblogs.microsoft.com Llama Share 53

NET's distributed product construction methodology has drawbacks such as complexity and overhead, which slow down and make it less predictable to ship software quickly. The Unified Build project aims to resolve these issues by moving product construction into a 'virtual monolithic' repository, consolidating the build into a series of 'vertical builds', while still enabling contributors to ...

Bad UX World Cup 2025

135 CharlesW 2025-11-25 18:36:10 UTC badux.lol Full Share 39

The winner of the Bad UX World Cup 2025 was Dalia with the Perfect Date Picker!Watch the final on youtube

Ozempic does not slow Alzheimer's, study finds

133 danso 2025-11-25 16:34:08 UTC semafor.com Llama Share 79

Novo Nordisk's Ozempic study found no significant slowing of Alzheimer's progression. The drug still shows promise in reducing obesity and other health issues, but its benefits may be due to weight loss rather than direct effects.

What you can get for the price of a Netflix subscription

130 nmil 2025-11-25 06:39:36 UTC nmil.dev Llama Share 144

The author cancelled their Netflix subscription and invested in three daily-used subscriptions for €10 each, making their coding experience more pleasant. They value paying directly for services rather than tolerating ads, allowing them to support products they enjoy.

New layouts with CSS Subgrid

127 joshwcomeau 2025-11-25 15:57:54 UTC joshwcomeau.com GoogleT5 Share 28

Css subgrid allows you to extend the parent grid through a <ul>. if you want to create an infinite supercomputer, you can use 'child' to add more rows and columns to the grid based on the content - and the size of the image you're displaying. you don't need to specify the exact number of rows, just the number that will fit your content. this is the most common use

What they don't tell you about maintaining an open source project

125 andrejsshell 2025-11-25 22:08:25 UTC andrej.sh Llama Share 95

The author built a self-hosted, open-source kanban board called Kaneo, which gained users and contributors. They learned to balance time, prioritize documentation, and be transparent about scope and limitations.

Unifying our mobile and desktop domains

124 todsacerdoti 2025-11-25 17:07:06 UTC techblog.wikimedia.org Llama Share 35

Wikipedia unified its mobile and desktop domains to eliminate redirects and improve mobile response times. This change, completed in October 2024, also resolved issues with Google indexing and video recognition on Wikimedia Commons.

ZoomInfo CEO blocks researcher after documenting pre-consent biometric tracking

119 SignalDr 2025-11-25 20:39:07 UTC github.com/clark-prog Llama Share 26

Using vendors with pre-consent tracking may lead to future legal liability and lost deals. It's essential to research vendors and consider their practices to avoid potential risks.

Google steers Americans looking for health care into "junk insurance"

112 hn_acker 2025-11-25 21:45:01 UTC pluralistic.net Llama Share 40

Google is sending Americans searching for health care plans to "junk insurance" that takes their money and denies them care. This is due to Google's enshittification and illegal monopoly that allows junk insurance scams to thrive.

US banks scramble to assess data theft after hackers breach financial tech firm

104 indigodaddy 2025-11-25 17:08:49 UTC techcrunch.com Llama Share 25

SitusAMC confirmed a data breach on November 12 where hackers stole corporate data and accounting records from its banking customers. The company says the breach is contained and its systems are operational, but the extent of the impact is still under investigation.

IQ differences of identical twins reared apart are influenced by education

102 wjb3 2025-11-25 19:23:04 UTC sciencedirect.com Full Share 111

Please confirm you are a human by completing the captcha challenge below.

The Generative Burrito Test

99 pathdependent 2025-11-25 23:28:17 UTC generativist.com Llama Share 51

The idea of generating burrito images was inspired by the horse riding astronaut meme and Simon's Pelican benchmark. Fal defaults struggled to replicate a realistic burrito image due to its unique composition.

It is ok to say "CSS variables" instead of "custom properties"

88 eustoria 2025-11-25 17:31:47 UTC blog.kizu.dev Llama Share 79

The author discusses CSS Variables, also known as Custom Properties, which are variables that change with the cascade and can be used for animations and responsive design. They can be typed and are a key feature of CSS, a programming language.

Windows GUI – Good, Bad and Pretty Ugly (2023)

78 phendrenad2 2025-11-25 05:33:44 UTC creolened.com Llama Share 171

The user ranks every major version of the Windows GUI from 1985 to 2023 based on how they look now, giving each a rating from 1 to 10 Clippys. The user concludes that Windows 11 is the most refined version of the OS since 2000, with a clean and cohesive look, but criticizes its lack of customization and removal of features.

Constant-time support coming to LLVM: Protecting cryptographic code

59 ahlCVA 2025-11-25 13:02:06 UTC blog.trailofbits.com Llama Share 22

Trail of Bits developed constant-time coding support for LLVM 21 to prevent timing attacks in cryptographic implementations. The __builtin_ct_select family of intrinsics ensures constant-time properties through the entire compilation pipeline.

Ironwood, our latest TPU

58 zdw 2025-11-25 22:04:44 UTC blog.google Llama Share 13

Google unveiled Ironwood, its seventh-generation Tensor Processing Unit (TPU), for efficient AI calculations and model serving. Ironwood offers 4X better performance per chip and enables rapid communication among thousands of chips for demanding AI models.

This blog is now hosted on a GPS/LTE modem (2021)

53 xx_ns 2025-11-25 19:58:10 UTC blog.nns.ee Llama Share 5

The user unlocked the PinePhone's modem, ran a Linux OS on it, and set up a web server using darkhttpd. The modem's security is a concern due to potential command injection vulnerabilities and easy root access via ADB.

Why I (Still) Love Linux ?

44 signa11 2025-11-25 06:07:34 UTC it-notes.dragas.net Llama Share 87

The author has a long history with Linux, starting in 1996, and appreciates its sense of freedom and flexibility. Despite some issues with systemd and modern Linux development, the author still values Linux for its reliability, consistency, and widespread adoption.

Stop Telling Us XMPP Should Use JSON

31 todsacerdoti 2025-11-25 17:25:03 UTC process-one.net Llama Share 21

XMPP uses XML for its extensibility and tree-like data structures, not just because it's older. XML parsing in XMPP is efficient and doesn't impact performance due to incremental parsing.

Notes on the Troubleshooting and Repair of Computer and Video Monitors

30 WorldPeas 2025-11-25 22:40:52 UTC repairfaq.org Llama Share 8

The text discusses the evolution of computer monitors, from early CRTs to modern LCDs and future flat panel technologies. It explains the characteristics of monitors, including resolution, refresh rate, and color, and how they have changed over time.

LLVM Adds Constant-Time Support for Protecting Cryptographic Code

26 birdculture 2025-11-25 23:26:38 UTC blog.trailofbits.com Full Share 4

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and products. We combine high-­end security research with a real­ world attacker mentality to reduce risk and fortify code.

Stop Putting Your Passwords into Random Websites (Yes, Seriously, You Are the PR

24 Deeg9rie9usi 2025-11-25 21:26:14 UTC labs.watchtowr.com Llama Share 8

WatchTowr Labs researchers found thousands of sensitive data exposed on online code formatters, including passwords, credentials, and configuration files from various organizations, including a cybersecurity company and a major international stock exchange. The researchers were able to attribute some of the exposed data to specific organizations and individuals, highlighting the risks of ...

UK intends to scrap jury trials for majority of court cases

24 cbeach 2025-11-25 19:44:35 UTC gbnews.com Llama Share 28

Justice Secretary David Lammy plans to eliminate jury trials for most cases, reserving them for murder, rape, and serious crimes. The reforms aim to address the 77,000-case backlog in Crown Courts by introducing judge-only proceedings and expanding magistrates' jurisdiction.

The Bughouse Effect

22 surprisetalk 2025-11-25 19:43:42 UTC tsvibt.blogspot.com Llama Share 5

The user discusses two Chess variants, Crazyhouse and Bughouse, and how they can evoke strong emotions, particularly frustration and anger, when teammates fail to work together effectively. The user compares this phenomenon, known as the Bughouse Effect, to real-life situations where people work together on difficult projects and experience similar feelings of betrayal and anger when their ...

Choosing a hash function for 2030 and beyond: SHA-2 vs. SHA-3 vs. BLAKE3

22 unsolved73 2025-11-25 16:26:42 UTC kerkour.com Full Share 18

As everyone knows, "temporary fixes" are nothing but temporary. Unfortunately, the same is true for cryptography: unless security is your core value-proposition, crypto algorithms are almost never updated, and that's how we end up with SHA1-hashed password in 2024 🤦‍♂️ You can be sure that most projects you started in

Cryptology firm cancels elections after losing encryption key

17 tagawa 2025-11-25 15:24:59 UTC bbc.com Llama Share 19

A leading encryption firm cancelled its leadership election results due to a trustee losing their encrypted key. The International Association for Cryptologic Research will rerun the election with new safeguards to prevent similar mistakes.

Show HN: Secure private diffchecker with merge support

16 subhash_k 2025-11-25 19:00:28 UTC diffchecker.dev Llama Share 14

diffchecker.dev is a fast, secure online diff checker for text, code, JSON, and XML comparisons. It runs locally in the browser, ensuring complete privacy and unlimited comparisons for free.

Show HN: I built the literal Duolingo Killer

11 Mikecraft 2025-11-25 09:17:43 UTC kanjieight.vercel.app Full Share 20

Turn binge watching into fluent Japanese with short, addictive anime clips designed to keep you hooked, but smarter.