New stories

The article discusses the potential of artificial intelligence (AI) to revolutionize various industries, including healthcare, transportation, and education. It explores the current state of AI technology and its possible future applications, highlighting both the benefits and the challenges associated with its widespread adoption.

Hi HN! I built God's Eye, an AI-powered subdomain enumeration tool that combines traditional recon techniques with local LLM analysis.

What makes it different: - 100% local & private - no data leaves your machine - Zero API costs - uses Ollama with models like DeepSeek-R1 and Qwen2.5-Coder - 20 passive sources (crt.sh, Certspotter, AlienVault, etc.) - AI analysis of discovered subdomains for security insights - Written in Go for speed

I built this because most subdomain tools just dump lists without context. Adding AI analysis helps identify interesting targets faster during pentests and bug bounties, but I wanted to keep everything local for privacy and cost.

The AI features are optional - you can use it as a traditional enum tool too.

Would love feedback from the security folks here! What other analysis would be useful to add?

GitHub: https://github.com/Vyntral/god-eye

Hi HN! I’m Tony, one of the co-founders of Inngest (https://inngest.com/). Wanted to show you something we’re working on: StepKit.

StepKit is an open source SDK and framework for building and iterating on durable workflows that run on any platform (self-hosted, Inngest, Cloudflare, Netlify, etc.) without requiring any provider or bundler-specific code.

Here’s the repo: https://github.com/inngest/stepkit.

StepKit extracts the core execution loop that we built in Inngest and makes it fully open, Apache 2, and hackable/pluggable to different backends. We don’t want people to have to go through multiple major versions in SDKs to learn the lessons we’ve already learned in production:

It needs to work anywhere: This SDK is push-based and receives tasks via API endpoints, so it works anywhere (servers, serverless, k8s, etc). That's also customizable. It doesn’t need any specific runtime or bundler support.

It needs to be complete: StepKit includes the entire execution engine: step discovery, memoization, a core event loop to turn async steps into generators without relying on `try/catch` based control, and middleware for extensibility (eg, end-to-end encryption, Sentry integrations, and so on).

It needs a simple API: StepKit APIs are explicit `step.*()` functions, which we designed in our original Inngest SDK back in 2022. They’re easy to read, understand, implement, and use. They contain all of the primitives for durable execution: steps, suspend/resume, human-in-the-loop, and observability. These same APIs have also been adopted by Cloudflare, Netlify, Convex, and others, and support billions of runs every month.

It needs to be resilient: Steps tolerate changes when refactoring, and provide the building blocks of durable execution without complex abstractions.

We’re starting with in-memory, filesystem, Inngest, and Cloudflare (WIP) drivers, with more coming soon.

The roadmap includes middleware, compatible SDKs in different languages, as well as extensions like concurrency controls and idempotency: https://github.com/inngest/stepkit/discussions/52.

Excited to see what you think: https://github.com/inngest/stepkit.

The article introduces ljv, a command-line tool for interactively exploring and navigating JSON data. It highlights the key features of ljv, such as its ability to display JSON data in a tree-like structure, search for specific elements, and perform various operations on the data.

The article discusses how some economists are becoming more cautious about the benefits of high minimum wages, as research suggests that they can lead to job losses, especially for low-skilled workers. The article also notes that the debate around minimum wages remains contentious, with proponents arguing that higher wages can improve living standards and reduce inequality.

The article discusses the Sorites paradox, a philosophical problem that arises from the vagueness of language and the difficulty in precisely defining the boundaries of concepts. It explores how small, incremental changes can lead to seemingly contradictory conclusions, highlighting the challenges of making definitive statements about the world.

Hi HN! For the past bit we’ve been building Flowglad (https://flowglad.com) and can now feel it’s just gotten good enough to share with you all:

Repo: https://github.com/flowglad/flowglad

Demo video: https://www.youtube.com/watch?v=G6H0c1Cd2kU

Flowglad is a payment processor that you integrate without writing any glue code. Along with processing your payments, it tells you in real time the features and usage credit balances that your customers have available to you based on their billing state. The DX feels like React, because we wanted to bring the reactive programming paradigm to payments.

We make it easy to spin up full-fledged pricing models (including usage meters, feature gates and usage credit grants) in a few clicks. We schematize these pricing models into a pricing.yaml file that’s kinda like Terraform but for your pricing.

The result is a payments layer that AI coding agents have a substantially easier time one-shotting (for now the happiest path is a fullstack Typescript + React app).

Why we built this:

- After a decade of building on Stripe, we found it powerful but underopinionated. It left us doing a lot of rote work to set up fairly standard use cases - That meant more code to maintain, much of which is brittle because it crosses so many server-client boundaries - Not to mention choreographing the lifecycle of our business domain with the Stripe checkout flow and webhook event types, of which there are 250+ - Payments online has gotten complex - not just new pricing models for AI products, but also cross border sales tax, etc. You either need to handle significant chunks of it yourself, or sign up for and compose multiple services

This all feels unduly clunky, esp when compared to how easy other layers like hosting and databases have gotten in recent years.

These patterns haven’t changed much in a decade. And while coding agents can nail every other rote part of an app (auth, db, analytics), payments is the scariest to tab-tab-tab your way through. Because the the existing integration patterns are difficult to reason about, difficult to verify correctness, and absolutely mission critical.

Our beta version lets you:

- Spin up common pricing models in just a few clicks, and customize them as needed - Clone pricing models between testmode and live mode, and import / export via pricing.yaml - Check customer usage credits and feature access in real time on your backend and React frontend - Integrate without any DB schema changes - you reference your customers via your ids, and reference prices, products, features and usage meters via slugs that you define

We’re still early in our journey so would love your feedback and opinions. Billing has a lot of use cases, so if you see anything that you wish we supported, please let us know!

We manage $50–100K/month in Google Ads, and this year we’re seeing sophisticated bots hitting HubSpot forms. They’re bypassing visual reCAPTCHA, dynamically filling form fields, and flooding our CRM with fake submissions.

Behavior-based pre-submit checks (patterns, devices, IPs, timing) helped reduce spam. For high-traffic campaigns, real-time bot filtering tools like Clickfortify were especially effective.

Has anyone else run into this? What solutions have worked for you to block advanced bot traffic without disrupting real users?

The article reports on the arrests of several individuals in the Tampa Bay area for attempting to smuggle advanced computer chips from the U.S. to China, allegedly for use in artificial intelligence applications. The investigation involved federal authorities and technology company Nvidia.

This article explores the use of CSS variables, also known as CSS custom properties, and how they can be leveraged to improve code organization, maintainability, and adaptability in web development projects.

The article explains that the Git HEAD pointer is case-sensitive, meaning that references to 'HEAD' and 'head' are treated as different entities. This can lead to unexpected behavior if developers are not aware of this nuance.

The blue box question that has been added to the blank slate note taking app is perhapse the most insidious short circuiting of the natural human thought process I've ever seen in a note taking app.

Why would I use an app that lets me track my thoughts when it actively tries to derail my thought process at the most critical moment (the blank slate moment.)

The article discusses the benefits of creating reusable, standalone modules in software development, highlighting their advantages in terms of maintainability, flexibility, and scalability. It provides insights into the design and implementation of such modules, emphasizing the importance of clear interfaces, encapsulation, and modularity.

The article explores the mysterious disappearance of Europe's first farmers, suggesting that the discovery of headless human remains may provide clues about the possible causes of their demise, which could have involved violent conflict or ritual practices.

I’ve been working on an independent memory-retrieval architecture for agent systems. I don’t have a CS background — previously worked climbing cell towers and doing handyman jobs — but I spent the last 4.5 months building a hybrid memory system from scratch.

The system combines FAISS, BM25, and a symbolic ranking layer (MCA). Answers are generated with GPT-4o-mini at temperature 0. The focus is determinism, transparency, and reproducibility rather than model size.

On the official LoCoMo benchmark (1,540 questions), the system reaches 80.1% average accuracy. To my knowledge, that’s above the publicly reported results for existing agent-memory stacks using small models.

Latency is ~2.5 seconds, and cost is ~$0.10 per 1M tokens. Memory is fully isolated and local, which makes it usable for offline or enterprise applications.

Repository (code + full reproducible benchmarking): https://github.com/vac-architector/VAC-Memory-System

Happy to answer technical questions, discuss the architecture, or hear critiques.

The FBI has warned that cybercriminals have stolen $262 million since January by impersonating bank support teams and tricking victims into transferring funds to fraudulent accounts. The attacks involve social engineering tactics to gain the trust of victims and access their financial accounts.

This study investigates the impact of the COVID-19 pandemic on mental health, revealing significant increases in depression, anxiety, and post-traumatic stress disorder among individuals during the pandemic, with notable disparities across demographic groups.

The article explores an interview with Ilya Sutskever, co-founder and chief scientist at OpenAI, who discusses the potential of artificial general intelligence (AGI), the challenges in developing safe and ethical AGI, and his views on the long-term implications of advanced AI systems.

I've been recreating the original MacPaint in the browser on and off for a few years. It's still alpha quality, but I'm finally ready to share it more widely.

The goal was pixel-perfect accuracy, so I spent a lot of time with Atkinson's original QuickDraw source code, emulators, and my iBook G3 to get details like font rendering and the shape tools exactly right.

Some technical notes:

- Font rendering was surprisingly tricky; understanding the original pipeline's quirks took lots of experimentation, and avoiding canvas smoothing/aliasing required careful handling.

- Written declaratively with React; performance is kept reasonable with a buffer pool and copy-on-write semantics. - You can share links to artwork from within the UI.

E.g.: https://zenpaint.org/#p=KQumBQ5x

- Mobile support was not considered here (for obvious reasons). It might still be usable on a larger phone or tablet but I have not tested this at all.

There's something magical about making art within MacPaint's constraints: the 1-bit graphics, the limited resolution, the peculiar set of tools that still feel surprisingly expressive.

Still some rough edges and missing features, but I'd love feedback from anyone who remembers the original.

The article explores a technique for creating voxel art using CSS, by building a rendering engine with stacked grids. It covers the technical details of this approach, including the use of CSS grid and various CSS properties to achieve the desired visual effects.

The article discusses the Isomap algorithm, a nonlinear dimensionality reduction technique used to map high-dimensional data onto a lower-dimensional manifold. It explains the mathematical principles behind Isomap and its applications in data visualization and analysis.