1. Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them Total comment counts : 21 Summary Last week I reported a supply-chain attack on Widget Logic; now a larger two-week wave hit Countdown Timer Ultimate. The plugin’s wpos-analytics module phoned home to analytics.essentialplugin.com, downloaded a backdoor wp-comments-posts.php, and injected PHP into wp-config.php, with the payload fetched from a C2 server resolved through an Ethereum smart contract, making takedowns ineffective....

1. The peril of laziness lost Total comment counts : 3 Summary Larry Wall’s three virtues—laziness, impatience, hubris—argue that good software design requires careful abstraction. Laziness, paradoxically, drives us to create simple yet powerful abstractions that future users can reuse; true laziness means hard thinking now to save time later. The rise of non-programmers and the brogrammer ethos, amplified by LLMs, threatens this ethos: LLMs lack the incentive to optimize future effort and tend to produce bloated artifacts....

1. Small models also found the vulnerabilities that Mythos found Total comment counts : 48 Summary AISLE tested Anthropic Mythos’ security claims on small open-weight models and found they captured much of the same analysis. Mythos can autonomously find vulnerability chains and exploits, but effectiveness is task-dependent; eight models detected the FreeBSD exploit, and a 5.1B-parameter open model recovered the 27-year OpenBSD bug. In basic security reasoning, small models often outperformed frontier models....

1. 1D Chess Total comment counts : 45 Summary 1d-chess is a one-dimensional chess variant played white against an AI. It uses a single line and aims to checkmate the enemy king. There are three piece types: a king-like piece moving one square; a jumping piece moving two squares forward or backward; and a rook-like piece moving any number of squares in a straight line. A sample line suggests a forced white win with optimal play: N4 N5, N6 K7, R4 K6, R2 K7, R5++....

1. Native Instant Space Switching on macOS Total comment counts : 13 Summary The article argues MacOS makes instant space switching painful due to a persistent animation. Common fixes fall short: Reduce Motion is ineffective; yabai requires disabling SIP and clashes with PaperWM.spoon; third-party space managers are non-native; BetterTouchTool is paid. The author endorses InstantSpaceSwitcher by jurplel on GitHub as the best solution: it needs no SIP changes, simulates a fast trackpad swipe, and offers a CLI to jump to a space....

1. I ported Mac OS X to the Nintendo Wii Total comment counts : 60 Summary An enthusiast ports Mac OS X 10.0 Cheetah to Nintendo Wii by building a custom bootloader and patching the kernel and drivers. The Wii’s PowerPC 750CL CPU and 88 MB RAM (24 MB MEM1 + 64 MB MEM2) are enough for Cheetah, tested with 64 MB in QEMU. OS X’s Darwin/XNU core (open-source) can run if the open-source portions function, leaving closed-source components to operate....

1. Project Glasswing: Securing critical software for the AI era Total comment counts : 50 Summary Project Glasswing, formed to counter AI-enabled cybersecurity threats, leverages Anthropic’s Claude Mythos2 Preview—a frontier model that can read, reason about code, and identify/exploit vulnerabilities. It has identified thousands of high-severity and zero-day vulnerabilities in major OSes and browsers. The program will use Mythos Preview defensively, with launch partners and 40+ organizations scanning first-party and open-source software....

1. A macOS kernel bug can cause OpenClaw to stop working after 49.7 days Total comment counts : 6 Summary error Overall Comments Summary Main point: The thread discusses a bug or issue that could affect long‑lived TCP connections and overall system stability. Concern: The main worry is that ultra-long uptimes could trigger crashes or state loss (like losing open tabs) across devices. Perspectives: Opinions range from skepticism that such a bug would seriously affect typical TCP connections to alarm about potential widespread instability, with humor and personal uptime anecdotes....

1. Gemma 4 on iPhone Total comment counts : 16 Summary AI Edge Gallery is Google’s open-source platform that runs powerful LLMs offline on iPhone. Gemma 4 is officially supported, enabling on-device reasoning and private processing. Features: Agent Skills (tools like Wikipedia, maps, visual summaries; loadable skills from URL or GitHub), AI Chat with Thinking Mode (step-by-step reasoning; Gemma 4 only), Ask Image (multimodal object recognition via camera/gallery), Audio Scribe (real-time transcription/translation on-device), Prompt Lab (prompt testing with fine-grained controls), Mobile Actions (offline device automation with a finetuned Gemma model), Tiny Garden (NL-based mini-game), Model Management & Benchmark (download/load models and benchmark locally)....

1. Show HN: A game where you build a GPU Total comment counts : 46 Summary error Overall Comments Summary Main point: The thread discusses an interactive, game-like educational tool for teaching NMOS/PMOS circuits and digital logic, with both praise and criticism. Concern: The learning experience may frustrate beginners due to confusing wiring, timers, and unclear concepts like capacitors and enable gates, potentially hindering learning. Perspectives: Opinions vary from high praise for its interactivity and educational potential to critique of early levels, timing constraints, and UI/pedagogical clarity, with requests for clearer explanations, optional timing, and better workflow....