Laying out the 404 Media zine
I write a lot these days, but my path into journalism, going way back to J-School, was through layout. For years, I was a graphic designer at a number of newspapers—some fairly small, some quite large. I was a card-carrying member of the Society for News Design. It was one of my biggest passions, and […]
Nokia N900 Necromancy
Building a fake battery, adding a USB-C port, booting from SD card, and giving a new life to a classic Linux smartphone. My friend Dima sent me his old-school classic Nokia N900. The battery is very old, and it does not boot as-is. So naturally, I wanted to see if I can resurrect it. Step […]
Ensuring a National Policy Framework for Artificial Intelligence
By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered: Section 1. Purpose. United States leadership in Artificial Intelligence (AI) will promote United States national and economic security and dominance across many domains. Pursuant to Executive Order 14179 of January 23, […]
Two new RSC protocol vulnerabilities uncovered
Note: Some patched versions are still being released to npm. If a version listed below is not yet available, please check back shortly. Two additional vulnerabilities have been identified in the React Server Components (RSC) protocol. These issues were discovered while security researchers examined the patches for React2Shell. Importantly, neither of these new issues allow […]
React2Shell and related RSC vulnerabilities threat brief
On December 3, 2025, immediately following the public disclosure of the critical, maximum-severity React2Shell vulnerability (CVE-2025-55182), the Cloudforce One Threat Intelligence team began monitoring for early signs of exploitation. Within hours, we observed scanning and active exploitation attempts, including traffic originating from infrastructure associated with Asian-nexus threat groups. Early activity indicates that threat actors quickly […]
Show HN: Autofix Bot – Hybrid static analysis and AI code review agent
Hi there, HN! We’re Jai and Sanket from DeepSource (YC W20), and today we’re launching Autofix Bot, a hybrid static analysis + AI agent purpose-built for in-the-loop use with AI coding agents. AI coding agents have made code generation nearly free, and they’ve shifted the bottleneck to code review. Static-only analysis with a fixed set […]
Almond (YC X25) Is Hiring SWEs and MechEs
Our mission is to free humans from physical labor with robotics. We imagine a future where robots handle the essential, repetitive work and humans are free to create, connect, and pursue what truly matters to them. To build that future we’re starting from the ground up with hardware. Our first product is a California-designed and […]
Denial of service and source code exposure in React Server Components
December 11, 2025 by The React Team Security researchers have found and disclosed two additional vulnerabilities in React Server Components while attempting to exploit the patches in last week’s critical vulnerability. These new vulnerabilities do not allow for Remote Code Execution. The patch for React2Shell remains effective at mitigating the Remote Code Execution exploit. The […]
UK House of Lords attempting to ban use of VPNs by anyone under 16
This is deranged, each nation’s boomers and reactionaries attempting to outdo the others: “Action to prohibit the provision of VPN services to children in the United Kingdom” … the provider of any Relevant VPN Service which is, or is likely to be — (i) offered or marketed to persons in the United Kingdom; (ii) provided […]
What is the nicest thing a stranger has ever done for you?
What Is the Nicest Thing A Stranger Has Ever Done for You? | Living Out Loud 10 Dec, 2025 So there I was, pedaling my bicycle as fast as I could down a long, straight stretch of road, feeling great. I’d just discovered the pleasures of riding a road bike, and I loved every minute […]