New stories

aiseoscan 6 minutes ago

Show HN

I made CyberChecker after finding exposed Stripe keys in production apps 73% of the time

I was doing security audits and kept finding the same issues: API keys in JavaScript bundles, missing CSP headers, exposed .env files, Supabase anon keys without RLS. Basic stuff that's trivial to exploit but somehow everywhere.

Built an automated scanner that runs 50+ checks in ~60 seconds: SSL/TLS config, security headers, OWASP Top 10, secrets detection, SQL injection patterns. Free scan shows vulnerability count, $39 for the full report with exact locations + copy-paste fixes.

Tech stack: Next.js, Supabase for storage, custom scanners (no third-party APIs), Vercel edge functions.

The scary part: 94% of sites I've scanned have at least one critical vulnerability. Most are completely unaware.

https://cyber-checker.com

cyber-checker.com
1 0
aadilghani 7 minutes ago

Send push notifications without an app

pushary.com
1 1
wangmao 7 minutes ago

Dash Cam Front and Rear

bestdashcamfrontandrear.net
1 0
lukejkwarren 15 minutes ago

Show HN: Track International Rugby with Live Rankings and Predictions

I built a platform for following international rugby union. It covers fixtures, results, team stats, and news with deep features around World Rugby rankings, major tournaments, lineal titles etc.

What it does: - Live men's and women's fixtures, results, and rankings synced from official sources - Predict any match and see how it affects World Rugby rankings using the actual points formula - Six Nations and Rugby World Cup predictors with shareable brackets - Follow your teams, view head-to-head records, form streaks, and historical stats - Match details with highlights, weather, and importance indicators - News feed aggregating international rugby coverage

Stack: Next.js 15, MongoDB/Prisma, NextAuth v5, data from World Rugby PulseLive API

Would love feedback, especially from rugby fans. I made the rugby tool I wish I had but keen to add features based on feedback from other rugby lovers like me.

rugbyrankings.now
1 0
KenzoArai 15 minutes ago

Show HN: Remote AI coding without moving your code – CloudForge

I built CloudForge because I wanted to run Claude Code while away from my desk, but didn't want my code on someone else's server.

CloudForge is a web UI that connects to YOUR server via a lightweight agent. Your code stays on your machine.

Features:

- Web terminal (xterm.js) - Monaco editor - Works with Claude Code, Codex CLI, Aider, Gemini CLI - No SSH port forwarding needed - Free tier: 1 BYOS server

The agent is open source (will be published soon).

https://cloud-forge.me

I'd love to hear your thoughts, especially from anyone doing "vibe coding" with AI tools on the go.

cloud-forge.me
1 0
Summary
hmmmmmmmmmmmmmm 18 minutes ago

UK unemployment set to hit 11-year high in 2026, NIESR forecasts

The UK's unemployment rate is forecasted to reach an 11-year high by 2026, according to the National Institute of Economic and Social Research (NIESR). The research institute predicts that the unemployment rate will rise to 5.2% by 2026, driven by factors such as the impact of the COVID-19 pandemic and ongoing economic challenges.

reuters.com
2 0
Summary
Show HN: I built an AI UGC video generator for ads and creators
wsmhj 21 minutes ago

Show HN: I built an AI UGC video generator for ads and creators

Hi HN,

I built an AI tool that generates UGC-style videos from text or product links.

The idea came from: - Hiring creators is slow and expensive - Most AI video tools generate cinematic stuff, not real "UGC ads"

What it does: - Input product / script - Choose UGC style (TikTok, testimonial, unboxing) - Generate short ad-style videos

Tech stack: - Frontend: Next.js - Backend: Python + queue - Models: Sora / VEO / Wan (via API)

I'm looking for: - Feedback from marketers - Suggestions on what features are missing

aiugcvideogen.com
2 0
Nishiōizumimachi
praash 23 minutes ago

Nishiōizumimachi

Nishizumimachi is a town located in Yamaguchi Prefecture, Japan. The town is known for its historic buildings and traditional crafts, particularly pottery and glass making.

en.wikipedia.org
1 0
Summary
Show HN: Open-source dbt package for B2B SaaS GTM/PLG metrics and AI context
arvoantoni 25 minutes ago

Show HN: Open-source dbt package for B2B SaaS GTM/PLG metrics and AI context

github.com
1 1
Show HN: ReFrame – Linux remote desktop that supports Login on Wayland/TTY
AlynxZhou 25 minutes ago

Show HN: ReFrame – Linux remote desktop that supports Login on Wayland/TTY

Hi, in the past few months I make a new Linux remote desktop that supports remote login on Wayland as my part-time project. The reason is that existing Linux remote desktops have different problems about this: some only supports remote login on X11, some supports Wayland but you cannot login, some supports remote login on Wayland but only with RDP on specific desktop environment. On the contrary, mine uses VNC, supports remote login on both Wayland and X11, and should work with all general desktop environments.

The main idea is grabbing monitor content via DRM/KMS, and then I get the following features:

- Works with Wayland, X11 and even Linux TTY. - Supports Intel, AMD and NVIDIA GPU, even works with a Raspberry Pi 2B, I happen to have all those kinds of devices to test. - Smoothly transition between login session and user session, so you don't need things like auto-login before accessing your desktop. - With Linux kernel parameters, you can use it headlessly, so you don't need a actual monitor. - You can connect to it with any normal VNC clients, technically there should be no difficult to support RDP, just because I use VNC personally and I spend my time on other features.

The expected experience should be the same as you are sitting in front of your real monitor. I've use it on my Linux home server for a long time so I could access its desktop on a laptop when needed. Now I'm feeling OK with it and I want to introduce it to you to hear more from more users.

Welcome to the GitHub repo for details!

github.com
2 0
Summary
I Read the Anthropic Legal Prompts That Crashed $285B in Stocks
thomas_witt 26 minutes ago

I Read the Anthropic Legal Prompts That Crashed $285B in Stocks

An unintended bug in Parity's Ethereum wallet software caused a multi-million dollar loss, highlighting the risks of complex technological systems and the importance of thorough testing and security measures in the cryptocurrency industry.

thomas-witt.com
1 0
Summary
tdsone3 28 minutes ago

Ask HN: Hire academic researchers and train them up to be good SWEs?

Hi HN!

we are struggling with the following: there's a few people in the world whose domain expertise we need (e.g. 5y in an academic lab working on a particular topic that requires wet-lab, hardware and computational bio expertise) but who mostly happen to be pretty bad at SWE. The intersection of domain expertise required and good SWE skills unfortunately seems to be 0 in some cases.

We're now considering two options: 1. hire the person and train them up to be a good SWE 2. hire a decent SWE with outstanding drive and intellect to pick up the domain expertise

1. seems more achievable because the resources required to train someone up are lower than sending 2. into a wet lab and have them fuck things up for half a year.

I wonder if anyone has experience with this situation and advice/stories to share.

Ty!

1 1
Show HN: OneMinuteBranding – From prompt to brand system and Claude.md in 60s
YannBuilds 33 minutes ago

Show HN: OneMinuteBranding – From prompt to brand system and Claude.md in 60s

The article discusses the importance of branding and how to create a strong, memorable brand identity in just one minute. It provides practical tips and strategies for small businesses and entrepreneurs to build an effective brand on a limited budget.

oneminutebranding.com
1 3
Summary
The Missing Layer
lubujackson 36 minutes ago

The Missing Layer

The article explores the concept of a 'missing layer' in software development, where certain crucial aspects of the system are overlooked or not properly addressed. It discusses the importance of identifying and addressing this missing layer to ensure the overall robustness and reliability of the system.

yagmin.com
5 0
Summary
In Defence of GnuPG: Key Sovereignty in an Age of Digital Feudalism [video]
m3rcury 37 minutes ago

In Defence of GnuPG: Key Sovereignty in an Age of Digital Feudalism [video]

fosdem.org
1 0
abrbhat 44 minutes ago

A developers' job is to reduce ambiguity

The article discusses the importance of self-discipline and patience in software development, emphasizing the need to prioritize quality over speed and to embrace the learning process rather than focusing solely on results.

old.reddit.com
1 0
Summary
wg0 44 minutes ago

Why Replacing Developers with AI Is Going Horribly Wrong? [video]

youtube.com
1 0
YouTube
Sazabi Manifesto
puppion about 1 hour ago

Sazabi Manifesto

The article presents a manifesto outlining the author's philosophical views, emphasizing the importance of individualism, personal responsibility, and rejecting conformity and collectivism in favor of self-direction and self-actualization.

sazabi.com
1 0
Summary
jackota about 1 hour ago

I've created a tool to make your Discord server indexable on Google and AI

I've built this tool to make your Discord server indexable on Google and AI

I've always been a big fan of SEO and GEO (SEO in LLMs). You get the best leads and customer from there.

But honestly creating content for SEO and GEO is a pain in the ass. So basically I thought: why can't I use content created by others in my Discord server and use them to position for SEO?

I worked for a while and created this https://comly.app

Basically you plug it, and makes your entire Discord server (and slack asap too) indexable on Google and AI, so if anyone look up for a specific question or keyword, it appears as first result your community.

Let me know what you think, open to any feedback or question :)

2 3
whatsupdog about 1 hour ago

DAiFi Whitepaper Released: A New Era of Decentralized AI Finance

The Daifi whitepaper outlines the company's novel decentralized AI framework, which aims to democratize AI development and enable collaborative, privacy-preserving AI models.

daifi.ai
1 1
Summary
JoseOSAF about 1 hour ago

Show HN: LocalCoder – Tell it your hardware, get the exact local AI model to run

Hey HN — I built this after seeing the Qwen3-Coder threads here. Every thread had the same questions: which quant for my GPU? How much VRAM do I need? Ollama or llama.cpp? What context window can I actually use?

LocalCoder answers all of that in one page. Pick your platform (Apple Silicon, NVIDIA, CPU), select your chip and memory, and it gives you:

- The best model + quantization for your setup - Expected speed (tokens/sec) and context window - Copy-paste Ollama commands to get running in 60 seconds

The recommendation engine is a curated config matrix built from HN benchmarks, Unsloth docs, and llama.cpp test data. No AI inference on the backend — it's all client-side.

Free tier gives you the top pick + Ollama commands. $9 one-time unlocks alternatives table, llama.cpp commands, and IDE integration guide.

Would love feedback on the recommendations. If your hardware isn't covered or a rec seems off, let me know — I'll update the matrix.

localcoder.xyz
1 0
Show HN: Replacing NotNull and Preconditions with fluent Java assertions
symplice about 1 hour ago

Show HN: Replacing NotNull and Preconditions with fluent Java assertions

The 'pure-assert' library is a lightweight and efficient assertion library for JavaScript that provides a simple and extensible API for writing assertions. It aims to be a minimal and highly performant alternative to other assertion libraries.

github.com
1 0
Summary
johnjames87 about 1 hour ago

Ads are coming to AI. But not to Claude

twitter.com
1 0
mugamuga about 1 hour ago

Show HN: Ikka – A noise-free, AI-powered news aggregator for Zimbabwe

IKKA Cloud is a cloud-based platform that enables businesses to streamline their operations, improve collaboration, and enhance data security through a suite of integrated tools and services.

ikka.cloud
1 0
Summary
AAsk HN: Best GitHub API ingestion without tripping secondary rate limits?
cutecatarya about 1 hour ago

AAsk HN: Best GitHub API ingestion without tripping secondary rate limits?

The article discusses OpenClaw, an open-source software platform for developing robotic claw grippers. It highlights the platform's modular design, customization capabilities, and potential applications in robotics and automation.

openclawskills.best
1 1
Summary
gslin about 1 hour ago

ArXiv future proofs access to research with third-party digital preservation

The article discusses how arXiv is partnering with third-party digital preservation services to ensure long-term access to research papers, protecting against potential changes or disruptions to the platform itself.

blog.arxiv.org
2 0
Summary
JumpCrisscross about 1 hour ago

A Wargame Shows Just How Vulnerable Europe Is to a Russian Attack

A simulation of a Russian attack on the Baltic states reveals significant vulnerabilities in Europe's ability to respond quickly and effectively. The exercise highlights the need for improved military coordination and logistics to better defend against potential aggression from Russia.

wsj.com
1 0
Summary
Show HN: Blaeckfetch – Minimal system fetch with retro console-style splash mode
gustafeden about 1 hour ago

Show HN: Blaeckfetch – Minimal system fetch with retro console-style splash mode

I built blaeckfetch to explore what's possible with terminal rendering. It's a system fetch tool built on top of my terminal UI library (blaeck) — image conversion, 256-color fallback, animation phases, that sort of thing.

It has a retro console-style splash mode with a procedural starfield, or your own background image rendered as half-block terminal characters. I liked how it turned out, maybe you will too.

Runs in ~7ms with boot-cycle caching for static fields like hostname and CPU. Written in Rust.

Not trying to replace fastfetch or anything — just a personal project. Hope someone else finds it useful too.

Try it: `brew tap gustafeden/tap && brew install blaeckfetch` (macOS) or install from source via the repo.

Repo: https://github.com/gustafeden/blaeckfetch Docs: https://gustafeden.github.io/blaeckfetch/

Happy to answer questions about the implementation.

github.com
1 0
Summary
Validation is the bottleneck. Not code gen
karimtr about 1 hour ago

Validation is the bottleneck. Not code gen

The article discusses how AI and deep learning can benefit startups, highlighting the potential for increased efficiency, cost-savings, and competitive advantage. It provides insights into various AI applications for startups, such as automating tasks, enhancing decision-making, and improving customer experiences.

kerno.io
1 0
Summary
c420 about 1 hour ago

Russia used Starlink in drones; SpaceX's cutoff collapsed command system

Russia allegedly used Starlink internet services provided by SpaceX in the strike drones that reached Kyiv, Ukraine. SpaceX's response to this reportedly caused the collapse of the entire command system used by Russia in the attack.

euromaidanpress.com
4 2
Summary