Hacker News with Tags

What is this?

This mirrors the Hacker News front page. Click on tags to filter / exclude. You can combine multiple tags.

Get these tags inside Hacker News itself with these open-source browser extensions for Chrome and Firefox

histre is a power tool for your knowledge. This is a demo of its auto-tagging feature. Learn about its other features here

Filters

Provide comma seperated lists of tags

Level-10 vuln lurking in Redis source code for 13 years could allow RCE • www.theregister.com

20 points • 1 day ago • 1 comment

exploit

security

Unity discloses a years-old security exploit – urges developers to update games • www.theverge.com

3 points • 3 days ago • 1 comment

exploit

games

security

0-Day iOS Exploit "Caught in the Wild" Released • seclists.org

29 points • 4 days ago • 1 comment

exploit

security

ios

reversing

Arbitrary code execution in Unity Runtime • flatt.tech

94 points • 4 days ago • 30 comments

exploit

security

Technical Analysis of SAP Exploit Script Used in JLR, Harrods Hacks • detect.fyi

7 points • 6 days ago • 5 comments

exploit

security

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability • www.securityweek.com

60 points • 6 days ago • 7 comments

exploit

news

security

New Physical Attacks on Intel SGX and AMD SEV-SNP • arstechnica.com

15 points • 6 days ago • 0 comments

hardware

exploit

cryptography

security

Google CTF 2025 – webz : Exploiting zlib's Huffman Code Table • velog.io

104 points • 1 week ago • 19 comments

exploit

compression

security

Is IP fragmentation still considered vulnerable? • blog.apnic.net

6 points • 1 week ago • 1 comment

networking

exploit

security

Supermicro server motherboards can be infected with unremovable malware • arstechnica.com

14 points • 1 week ago • 1 comment

hardware

exploit

security

GriffonAD: A new tool to exploit bad configurations in Active Directory • github.com

9 points • 1 week ago • 0 comments

exploit

shell

security

Exploit allows for takeover of fleets of Unitree robots • spectrum.ieee.org

147 points • 1 week ago • 83 comments

exploit

ai

security

As many as 2M Cisco devices affected by actively exploited 0-day • arstechnica.com

145 points • 1 week ago • 44 comments

networking

exploit

security

Is This Bad? This Feels Bad. (Fortra GoAnywhere CVE-2025-10035) • labs.watchtowr.com

42 points • 1 week ago • 16 comments

research

exploit

security

Supermicro server motherboards can be infected with unremovable malware • arstechnica.com

263 points • 1 week ago • 141 comments

hardware

exploit

security

From MCP to shell: MCP auth flaws enable RCE in Claude Code, Gemini CLI and more • verialabs.com

147 points • 2 weeks ago • 40 comments

exploit

security

ABadAvatar — Avatar-based XBOX360 hypervisor exploit entrypoint • github.com

7 points • 3 weeks ago • 0 comments

exploit

NT OS Kernel Information Disclosure Vulnerability • www.crowdfense.com

144 points • 3 weeks ago • 33 comments

windows

exploit

security

Insufficiently sanitized data allows unauthenticated access to FreePBX Admin • labs.watchtowr.com

51 points • 3 weeks ago • 7 comments

research

exploit

security

Heap-based buffer overflow in Kernel Streaming • www.crowdfense.com

13 points • 1 month ago • 0 comments

windows

exploit

security

Kernel-hack-drill and exploiting CVE-2024-50264 in the Linux kernel • a13xp0p0v.github.io

236 points • 1 month ago • 38 comments

linux

exploit

security

A16-FuseBypass: Debug Logic Enabled on Production Apple Silicon • github.com

6 points • 1 month ago • 0 comments

exploit

security

Malicious versions of Nx and some supporting plugins were published • github.com

435 points • 1 month ago • 428 comments

exploit

programming

security

release

iOS Elegantbouncer: When you can't get samples but still need to catch threats • www.msuiche.com

38 points • 1 month ago • 11 comments

pdf

compression

mobile

security

ios

exploit

Scamlexity: When agentic AI browsers get scammed • guard.io

202 points • 1 month ago • 192 comments

exploit

ai

security

Weaponizing image scaling against production AI systems • blog.trailofbits.com

486 points • 1 month ago • 131 comments

research

exploit

ai

security

My ZIP isn't your ZIP: Identifying and exploiting semantic gaps between parsers • www.usenix.org

65 points • 1 month ago • 32 comments

research

exploit

security

Major password managers can leak logins in clickjacking attacks • www.bleepingcomputer.com

8 points • 1 month ago • 0 comments

exploit

security

Marshal madness: A brief history of Ruby deserialization exploits • blog.trailofbits.com

25 points • 1 month ago • 4 comments

research

exploit

ruby

security

How we exploited CodeRabbit: From simple PR to RCE and write access on 1M repos • research.kudelskisecurity.com

678 points • 1 month ago • 223 comments

exploit

security

Get these tags inside Hacker News with these open-source browser extensions for Chrome and Firefox