New stories

Hi This is Gautam, the creator of Peerful.

I built Peerful because I noticed the extremely negative candidate experience on other professional networking platforms (e.g. LinkedIn) and the inability of other platforms to effectively leverage AI to help companies find their perfect hire.

We try to solve both problems on Peerful. Below are the benefits of using Peerful.

For Individuals Find local peers: Find like-minded peers in your town or city. 1-click apply to jobs: No need to fill long application forms. Only fill one when the employer is interested in you. Message anyone: We don't paywall the messaging feature.

For Companies Post free jobs: We don't charge to post a job. You may buy a paid job promotion later. AI-assisted screening: AI screens profiles and resumes and ranks the best candidates (it doesn't reject candidates). Invite candidates: Invite candidates to apply to your job using our talent database (can't spam).

Please note that the app is still in early stages, and any feedback is welcome. Be peerful.

SEOScan is an open-source tool that allows users to perform comprehensive SEO analysis on websites, providing insights into technical, on-page, and off-page optimization opportunities to improve search engine visibility and performance.

Audible, the audiobook and podcast platform, has introduced a new, more affordable standard subscription plan, potentially challenging competitors like Spotify in the digital audio market.

Hi HN!

I kept rewriting the same foundation for every SaaS I built — auth, payments, email, logging, environment setup — so I packaged it all up as SaaS Forge.

It’s a modular boilerplate generator for SaaS apps with AI in mind. You can use it two ways:

* 1. Open-source CLI (free, unlimited)*

  npx saas-forge my-app

* 2. Web Scaffold (20 credits)*

Live at: boilerplate.bayesian-labs.com

A guided UI that helps you select features, configure env vars (e.g. auth keys, DB URLs, etc.), and deploy correctly.

What you get out of the box: - Auth: Better Auth — email/password + GitHub, Google, LinkedIn OAuth + email verification + password reset - Payments: Dodo Payments/ Stripe — webhooks, credit system - Database: PostgreSQL(AWS RDS/Neon/Supabase/Railway) + Prisma ORM - Storage: Vercel Blob / Cloudflare R2 - Email: Resend / SMTP (Coming Soon) - Analytics: Google Analytics / Vercel Analytics - Security: Upstash Rate Limit - API: tRPC end-to-end type safety - CMS: Notion as a headless CMS for landing pages, docs, and legal pages - Caching: Redis via Upstash - Logging: Winston + Logtail + BetterStack (with guided env setup in the web scaffold) - UI: shadcn ui + aceternity ui+ Tailwind CSS 4 + Framer Motion + 50+ components - Monorepo: Turborepo + pnpm workspaces

Idea is simple: skip boilerplate and ship what’s actually unique in your product.

The CLI is free and open-source — fork it, extend it, or just use it raw. The web scaffold is for folks who want error-proof setup with minimal config.

Live demo: https://boilerplate.bayesian-labs.com GitHub: https://github.com/anoopkarnik/saas-forge Docs: https://boilerplate.bayesian-labs.com/landing/doc Demo Video: https://www.youtube.com/watch?v=0zpQTtcsPtk

Happy to answer anything about design decisions, architecture, or roadmap. Would love feedback — what’s missing, broken, or too much?

Please star the repo, if you find usage of this repo.

The article discusses Peter Thiel's proposal to establish a physics department at his new university, focusing on the role of physics in driving technological progress and the potential impact of such an initiative on the future of science and education.

We give autonomous AI agents shell access and API keys, relying on system prompts or Docker for security. This is fundamentally broken. When an agent is hit with an indirect prompt injection, it doesn't download a rootkit. It uses standard, signed binaries like curl or base64 to exfiltrate data. To the OS, this looks like a legitimate user executing a legitimate request. EDR fails because the binary isn't malware. Docker fails because it still allows outbound network access.

I’ve been engineering a split-plane defense architecture to solve this. Telos is an experimental hybrid runtime bridging LLM intent tracking with low-level kernel isolation. Instead of static firewall rules, Telos dynamically bounds execution and network access in real-time using eBPF-LSM hooks, Information Flow Control (IFC), and XDP hardware drops.

The Dual-Gate Architecture

Telos operates on one rule: Intent equals the perimeter. Agents declare intent to a local control plane, which translates it into O(1) eBPF hash maps.

1. Execution Gate (lsm/bprm_check_security)

Intercepts the execve() syscall. Telos checks the binary against the process's intent-map. If an agent authorized to "read logs" tries to execute nc, the kernel instantly returns -EACCES. This inherits down the process tree, killing fork/exec evasion.

2. Network Gate (lsm/socket_connect)

Intercepts outbound connections. Windows auto-expire via a TTL. If the agent is tricked into connecting to an unauthorized IP, the socket is killed before the TCP handshake.

The Capstone: Cross-Vector Taint Tracking (IFC)

What stops an agent from curl-ing a sensitive file it's allowed to read to a malicious server?

Telos monitors lsm/file_open, checking targets against an inode sensitivity map.

If the agent reads a CRITICAL file (like .env), Telos dynamically elevates the agent's taint to TAINT_CRITICAL in the eBPF process map.

The moment that process invokes socket_connect, Telos checks the taint state and triggers a Network Slam.

All outbound connections permanently return -EPERM. The data cannot leave the machine.

Escaping the OS: The Hyperion XDP Bridge

Telos routes agent DNS through a proxy pipeline (checking for typosquatting/homoglyphs). If a domain is flagged malicious, Telos resolves the IPs and pushes them via RPC to Hyperion XDP on the physical NIC. Packets matching that IP are dropped with XDP_DROP at wire-speed, before the Linux kernel even allocates an SKB.

The "AI" Anti-Hype

Putting an LLM in the hot path introduces massive latency. Telos keeps AI entirely out of the kernel hot path. All enforcement happens via deterministic, O(1) hash table lookups in C. The LLM only adjudicates complex edge cases asynchronously in the control plane.

Benchmarks and Trade-offs

I ran a 10-million operation torture test on bare-metal (AMD Ryzen 7 Pro 5850U, 5.15+ kernel).

file_open: +2.27 µs overhead (+8.5%)

bprm_check_security: +193 µs overhead (+3.0%)

socket_connect: +3.89 µs overhead (+1.9%)

Trade-offs: Telos fails closed; unparsed actions are instantly killed. Heavy bash-scripting workloads involving thousands of rapid fork() calls experience elevated eBPF map contention. To mitigate this under memory pressure, Telos utilizes BPF_MAP_TYPE_LRU_HASH to gracefully evict stale process states.

What's Next

Securing AI requires enforcement at the layer the AI cannot manipulate: the kernel. Telos is an open-source research runtime. I am particularly interested in feedback on bypass vectors I haven't considered, whether the IFC taint model holds under heavily multi-threaded agent workloads, or ways to optimize eBPF map lookups.

GitHub Repository: https://github.com/nevinshine/telos-runtime

Hi, I’m a developer who enjoys building real web products and technical projects. I’m looking to collaborate with a U.S.- or Canada-based college student who might enjoy networking or finding project opportunities. The idea is simple: • You help find projects or clients in the U.S. or Canadian market • I handle the technical development and product building • We share the revenue I’m comfortable building the full product myself and have a strong work ethic when it comes to delivering projects. This could be useful if you’re a student who wants: • extra income from projects • real-world project experience • exposure to building products or small startups My English is not native-level, but I communicate clearly and always try to improve. If this sounds interesting, feel free to reach out.

The article presents benchmark results comparing the performance of different laser technology configurations, focusing on speed, accuracy, and power efficiency. The findings provide insights for businesses and professionals when selecting the most suitable laser system for their applications.

Polymo is a cloud-based platform that enables businesses to create, manage, and distribute custom branded mobile apps with no coding required. The platform provides tools for building app features, managing content, and analyzing user engagement.

The article discusses the challenges of type validation in Python type annotations and explores several approaches to address these challenges, including using the `typing.NewType` and `typing.Literal` constructs, as well as creating custom types and validators.

Bitworm is an open-source Python library that provides a simple and efficient way to interact with the Bitcoin blockchain. It offers a user-friendly API for querying blockchain data, creating and signing transactions, and managing Bitcoin wallets.

Sri Lanka has rescued 30 people from an Iranian ship in distress in the Indian Ocean, according to the country's foreign minister. The operation was carried out by Sri Lankan navy and airforce in cooperation with the Indian Coast Guard.

A KTH student hacked a smartwatch to help children with autism and ADHD manage their emotions and behavior. The student developed a system that uses the watch's sensors to detect changes in the child's physiological state and provides discreet feedback to help them regulate their emotions.

This article provides a comprehensive security audit checklist for macOS users, covering areas such as system settings, user accounts, network configurations, and software updates to help enhance the overall security of a Mac computer.

The article discusses the importance of integrations for B2B software companies selling in Latin America. It emphasizes that integrations can make or break a company's success in this market, often being a greater challenge than competition.

XPosts is a platform that allows users to create and share content across multiple social media platforms. The platform provides tools and analytics to help users optimize their content and track its performance on different channels.

I built a prompt management platform after running an AI SaaS (148k users). The biggest pain wasn't the model — it was iterating on prompts without deploying code.

Existing tools (Langfuse, PromptLayer) are great for tracing LLM calls. But we needed something different: which prompt version leads to more signups? More purchases? What's the conversion rate per variant?

xR2 lets you:

Store and version prompts outside your codebase Run A/B tests between prompt variants Track events (signup, purchase, etc.) and attribute them back to the prompt version Get statistical significance before picking a winner REST API + SDKs for Python, TypeScript, n8n, Make. Free tier available.

Built with Next.js, Supabase, deployed on Cloudflare. Solo founder.

Site: https://xr2.uk Docs: https://docs.xr2.uk

Would love feedback — especially on what's missing for your use case.

The Lucona affair was a political scandal in Austria in the 1980s involving the mysterious fire that destroyed the cargo ship Lucona, leading to a complex investigation and trial that revealed corruption and political connections.

Hi HN,

I’m a developer, and I recently got frustrated by two things: the steep learning curve of prompt engineering for AI video/audio generation, and the 30% cut taken by app stores.

To solve this, I built a mobile-first web MVP called *KIRICAST*. It’s an interactive storytelling platform where viewers dictate the storyline, functioning similarly to a "Choose Your Own Adventure" game but with AI-generated voice and video.

Here is how the mechanics work:

*1. 1-Sentence Generation:* Users input a single sentence (e.g., "A philosopher and a gamer debate the simulation theory"). The system sets up the lore and characters, then generates a fully-voiced, back-and-forth clip.

*2. Infinite Branching:* When a clip ends, viewers can tap a plus button. The system generates 3 potential options for the next episode. If a user selects one, the engine generates the next episode on the fly, maintaining the context and character states from the previous clip.

*The Economics (Why Web?):* Generating voice and video is computationally expensive. To cover API costs and build a creator economy, I implemented a micro-transaction system using PayPal credits. To make this work without losing margins to Apple/Google, I launched it strictly as a mobile-optimized web app.

Additionally, original AI agent creators earn a 15% royalty whenever other users spend credits to create clips from them to get rewards by views.

I’d love to get your technical and UX feedback:

- Does the web UI (specifically the transition when generating the next episode) feel smooth enough to replace a native app experience?

- Is the friction of a PayPal paywall too high for this type of interactive entertainment?

You can try it out here: https://www.kiricast.com

Looking forward to your thoughts.