Bento
HN Top
Top Hacker News stories for AI builders, hackers, and founders.
CopyFail: From Pod to Host
India's hottest district shuts at 10 am as mercury breaches 48 C mark
Gentoo News: Copy Fail, Dirty Frag, and Fragnesia Kernel Vulnerabilities
U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub
Show HN: I built a sovereign OS, L1 blockchain, AI agent, and language
Peter Neumann has died
"Rigged" War Game Exposed U.S. Vulnerability to Low-Tech Warfare
Mexican government breached by solo user with Claude, 150 GB exfiltrated
The Futility of Lava Lamps: What Random Means
Project Glasswing: what Mythos showed us
Voice AI Systems Are Vulnerable to Hidden Audio Attacks
1024000^2 Blocks, 2B2T Minecraft Server World Download Project, and Discoveries
Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP
Two EA-18 fighter jets collide at Mountain Home airshow, pilots ejected safely
Security researcher says Microsoft built a Bitlocker backdoor, releases exploit
I spent my whole career building passive income. Here's what I got wrong
Frontier AI has broken the open CTF format
'No Way To Prevent This,' Says Only Package Manager Where This Regularly Happens
A 0-click exploit chain for the Pixel 10
Velonus – Open-source AppSec scanner that deduplicates SAST noise
Tesla Wall Connector bootloader bypasses the firmware downgrade ratchet
First public macOS kernel memory corruption exploit on Apple M5
Deal reached with hackers to delete data stolen from the Canvas platform
Removing the Modem and GPS from my 2024 RAV4 Hybrid
New Nginx Exploit
Myths about /dev/urandom
Microsoft BitLocker – YellowKey zero-day exploit
Mystery Microsoft bug leaker keeps the zero-days coming
Chess puzzle I found in my dad's old book
A sentimental tour of late 1990s and early 2000s hacking tools
Fragnesia Made Public as Latest Linux Local Privilege Escalation Vulnerability
Deterministic Fully-Static Whole-Binary Translation Without Heuristics
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
Canada's Bill C-22 Is a Repackaged Version of Last Year's Surveillance Nightmare
Dead.letter (CVE-2026-45185) Humans vs. LLM for Unauthenticated RCE Race on Exim
Postmortem: TanStack npm supply-chain compromise
Can someone please explain whether Cloudflare blackmailed Canonical?
Mythos Finds a Curl Vulnerability
Obsidian plugin was abused to deploy a remote access trojan
Stop MitM on the first SSH connection, on any VPS or cloud provider
Incident Report: CVE-2024-YIKES
Hardware Attestation as Monopoly Enabler
Tracesofhumanity.org by Joanna Rutkowska
Scientists warn Atlantic current at risk of shutting down
FreeBSD – A Lesson in Poor Defaults
User just tricked Grok and Bankrbot to send tokens with Morse code
Local privilege escalation via execve()
"Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days
