The Dirt That Refused to Die

The Newest Instagram "Exploit" Is the Goofiest I've Seen

Hackers can easily take over Instagram accounts by tricking Meta's support AI into sending verification codes to an arbitrary email address. This zero-auth password reset method bypasses 2FA and allows attackers to gain full ownership of the account, with the AI being easily fooled by simple methods.

CS336: Language Modeling from Scratch

https://cs336.stanford.edu/assets/images/stanford-nlp-logo-new.jpg
This course teaches students to develop their own language models using Python and PyTorch, with a focus on implementation and systems optimization. Assignments involve building a standard Transformer model, optimizing attention, and applying RL to train LMs to reason.

Malicious npm packages detected across Red Hat Cloud Services

https://opengraph.githubassets.com/a633f6dd2cb573b1a20f2496c19140a6a62ed6ed2fd35ddd5047664f6ea3583d/RedHatInsights/javascript-clients/issues/492
Ref: https://www.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised https://app.stepsecurity.io/oss-security-feed?q=@redhat-cloud-services Affected Packages (updated) Package Compromised Versions @redhat-cloud-s...

Flipper Zero Zig Template

https://opengraph.githubassets.com/7868290e4c49510a87757d7ae6c4a1e5ff57c46050c7a776fbd7c9f0416325ff/NishantJoshi00/flipper-template
This template provides a streamlined build system for developing Flipper Zero applications in Zig, integrating with the Flipper Zero SDK for type-safe and memory-safe development. It targets the STM32WB55 (ARM Cortex-M4F) and can be adjusted for other ARM devices.

The Pirate Bay Remains Resilient, 20 Years After the Raid

https://torrentfreak.com/images/thepirate-e1470829181981.jpg
The Pirate Bay was raided by 65 Swedish police officers on May 31, 2006, but the site's founders made a backup, allowing it to quickly recover and gain mainstream attention. The raid, orchestrated with US involvement, ultimately failed to deter piracy and instead turned the site's founders into heroes and propelled The Pirate Bay into the piracy icon it remains today.

A 10 year old Xeon is all you need

https://point.free/blog/gemma-4-on-a-2016-xeon/banner.webp
The author is running a 26B-parameter Mixture-of-Experts model on a 2016 Intel Xeon with 128 GB DDR3 RAM and no GPU, using a custom fork of the inference engine and various optimizations to achieve reading speed. The author emphasizes the importance of understanding how the inference engine works to overcome the usability moat in open-weight AI.

Launch HN: Expanse (YC P26) – Unlock Wasted GPU Capacity

Ismaeel, Eren, Yafet, and Nikodem built Expanse to predict job resource needs and optimize HPC/GPU cluster utilization, addressing the 30-40% effective utilization issue in datacenters. Expanse outperforms state-of-the-art models by 8x and continuously updates its models to improve accuracy, offering a paid pilot deployment for HPC/GPU clusters.

Linux Basics for Hackers (2019)

https://opengraph.githubassets.com/65c651763af760d2bec99c5f1d768b4f3101630fe26c349f7f6832ad78243f43/ahegazy0/linux-basics-for-hackers-notes
The course is based on Linux Basics for Hackers by OccupyTheWeb, breaking down core concepts and commands in plain English for beginners. It's for educational purposes only, to be practiced in a personal lab environment.

I made my phone slow on purpose

https://vinewallapp.com/notes/cookies.jpg
User built VineWall app to slow down internet speed on certain apps to curb doomscrolling. The app throttles internet speed, making videos blocky and images load slowly, making the user question their desire to scroll.

Sysadmining Like It's 2009

https://lambdacreate.com/static/images/og-default.png
Legacy Labs is a 2-month event where participants explore retro-computing and permacomputing topics in-depth. The event's creator will focus on Windows Server 2008 core and building a small business infrastructure with old hardware.

DuckDuckGo makes its 'no-AI' search engine easier to access as its traffic booms

https://techcrunch.com/wp-content/uploads/2026/06/368466.png
Once enabled, users will be directed to DuckDuckGo’s AI-free search page, where there are no AI-assisted answers, no chat prompts, and fewer AI images in the search results, the company claims. The extensions are currently available for Chrome and Firefox users. Meanwhile, people who have switched to the DuckDuckGo web browser already have their AI settings preserved, even if they clear their ...

Only 17% of all 64-bit Integers are products of two 32-bit integers

A mathematician showed that the proportion of all 2n-bit values that can be generated by the product of two n-bit values goes to zero as n becomes large. About 17% of all 64-bit integers can be written as the product of two 32-bit integers.

Anthropic confidentially submits draft S-1 to the SEC

https://cdn.sanity.io/images/4zrzovbb/website/6d4a0d28992ade92d6fa63646fd9c9d318245c6c-2400x1260.jpg
Anthropic confidentially submitted a draft registration statement for a proposed initial public offering of common stock. The offering will depend on market conditions and has not yet set the number of shares or price.

Ask HN: Who is hiring? (June 2026)

Here are the job postings summarized in 2 concise English sentences each, not exceeding 200 characters:

Windows GOG DOS Games on M-Series Macs

https://f055.net/wp-content/uploads/2026/06/Screenshot-2026-06-01-at-14.27.24-1024x801.jpg
User bought old games from GOG, likes DOSBox for Mac to run Windows games on M2 MacBook. User uses DOSBox script to run HoMM2 on Mac with installed game files from Windows machine.

KDE at 30

https://kde.org/anniversaries/30/30Kori_1500.png
KDE celebrates 30 years of community effort, delivering control, privacy, and freedom to users with tons of software. The community is asking users to participate in the "30 for 30" challenge to help the environment.

Tracing HTTP Requests with Go's net/HTTP/httptrace

The net/http/httptrace package in Go provides hooks for tracing HTTP requests, allowing developers to see DNS resolution, connection acquisition, TLS handshake, and other events, and can be used to build a CLI and a reusable http.RoundTripper for logging timings. The package's context-based design allows it to compose with other stdlib components and provides a flexible way to add new hooks ...

Show HN: A CSS 3D Engine (no WebGL)

https://private-user-images.githubusercontent.com/174887634/597246831-0e5df0d8-04a8-4e50-8e3a-1097a96ce42f.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3ODAzMjgyNDksIm5iZiI6MTc4MDMyNzk0OSwicGF0aCI6Ii8xNzQ4ODc2MzQvNTk3MjQ2ODMxLTBlNWRmMGQ4LTA0YTgtNGU1MC04ZTNhLTEwOTdhOTZjZTQyZi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjYwNjAxJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI2MDYwMVQxNTMyMjlaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1lZGJjN2VmNGQzZGI5OGEyNDhlYWJjMDA5YTM1OWYyYzM0NTYzY2I3MDkzNzA2ZjM3NTY1YTY0YjY0ZGNlNWVjJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZyZXNwb25zZS1jb250ZW50LXR5cGU9aW1hZ2UlMkZwbmcifQ.UWrJJWKqE8Hwl-Y6GeCd_FNzkUj1yn4z8mGJOkUCQKc
PolyCSS is a CSS polygon mesh library that renders 3D scenes as real HTML elements using CSS matrix3d. It supports OBJ/MTL, GLB, and VOX formats, colors, textures, lighting, and animations.

Radxa Dragon Q8B: A Laptop Cosplaying as an SBC?

https://bret.dk/wp-content/plugins/sbc-compare/assets/board-images/radxa-dragon-q8b.webp
Radxa announced the Dragon Q8B, a Qualcomm Snapdragon 8cx Gen 3 SoC based SBC, offering high performance and features. It takes the top spot in nearly every test on sbc.compare, making it a compelling purchase for various applications.

"The Apple Boogie" 1987 Mac Promo Album Cassette Tape [video]

Nvidia Cosmos 3

https://developer-blogs.nvidia.com/wp-content/uploads/2026/05/Hammer-Robot.gif
NVIDIA Cosmos 3 is a frontier foundation model for physical AI that combines physical reasoning, world generation, and action generation. It's open-sourced with training scripts, deployment tools, and datasets for reproducible physical AI development.

Chuwi Minibook X

https://photos.tylercipriani.com/thumbs/58/ec9d31f64e7d203a6d40603d8ec352/medium.jpg
The Minibook X is a budget laptop with 16GB RAM and a 512GB NVMe drive, but it has some quirks like a Linux screen rotation issue and a poor keyboard. It's perfect for trying out new Linux desktops and experimenting with different setups.

Cloudflare Turnstile requiring fingerprintable WebGL

https://hacktivis.me/images/cloudflare-webgl-fingerprinting.png?serial=2026053100
Cloudflare Turnstile is looping in WebKitGTK browsers due to WebGL fingerprinting for tracking. Temporarily allowing fingerprinting fixes the issue, but it's blocked in WebKit for privacy reasons.

Movwin: My (Unpublished) TUI Framework

https://movq.de/blog/postings/2026-05-29/0/t/pcdoshelp.png.jpg
The user is creating a TUI framework called movwin to replace existing libraries due to their instability and performance issues. movwin is a Python library built on top of ncurses.

You Must Fix Your Asserts (Zig)

https://kristoff.it/logo.png
The author argues that disabling asserts in production is a bad practice because it can lead to undetected misbehavior and vulnerabilities, and instead recommends keeping asserts on and optimizing for performance. The author suggests that asserts can be used for performance optimization at the cost of program misbehavior if an assert turns out to be wrong, and that this is a better approach ...

The TfL Cupboard Filled with Lost Tube Moquettes

https://assets.londonist.com/uploads/2026/05/i875/lost_moquettes_cupboard_1.jpg
Andrew Martin In an extract from the new, expanded edition of his wonderful book, Seats of London: A Field Guide to London Transport Moquette Patterns, Andrew Martin opens up a very special cupboard that any transport geek would love to glimpse inside. On the eighth floor of TfL's offices in Stratford is a metal-doored cupboard, of the kind you'd expect to be stuffed with old ring ...

Benchmarking SurrealDB 3.x vs. Postgres, Mongo, Neo4j and Redis (With Fsync)

https://cdn.surrealdb.com/s7vk573o0so0h9oskin2ei9f.auto
SurrealDB 3.x is a multi-model database that outperforms Postgres, MongoDB, Neo4j, and Redis in various workloads. It achieves faster CRUD, scans, and indexed lookups, making it suitable for AI agent memory and edge deployments.

Decades of Effort Restore Steelhead and Salmon Passage on Alameda Creek

https://www.fisheries.noaa.gov/s3//styles/original/s3/2026-05/2000x1333-leapingsteelheadadobestock.jpg?itok=hk1_dv7I
California Trout and Pacific Gas & Electric removed a barrier on Alameda Creek, allowing threatened steelhead to reach spawning grounds. The project is part of a 30-year effort to restore the creek and its fish populations.

Using Git's rerere feature to escape recurring conflict hell