For the best experience on desktop, install the Chrome extension to track your reading on news.ycombinator.com
Hacker Newsnew | past | comments | ask | show | jobs | submit | history | fromregister
The Vercel Breach Needed Malware. The Next One Needs a Bad Readme (grith.ai)
1 point by edf13 13 hours ago | past | 3 comments
Every Claude 4.7 Improvement Makes the Security Problem Worse (grith.ai)
5 points by edf13 4 days ago | past | 1 comment
They Hacked Claude, Gemini, and Copilot (and No One Told You) (grith.ai)
4 points by edf13 5 days ago | past | discuss
They Hacked Claude, Gemini, and Copilot (and No One Told You) (grith.ai)
3 points by edf13 5 days ago | past | discuss
Prompt Injection Is Unfixable (So We Stopped Trying) (grith.ai)
4 points by edf13 6 days ago | past | 1 comment
If Your AI Agent Ran NPM Install During the Axios Attack, You're Compromised (grith.ai)
5 points by edf13 20 days ago | past
Zero Ambient Authority: The Principle That Should Govern Every AI Agent (grith.ai)
3 points by edf13 22 days ago | past
Alibaba's AI Agent Hijacked GPUs and Dug Reverse SSH Tunnels (grith.ai)
3 points by edf13 25 days ago | past
AI agents are now deciding what's safe to run (Claude Auto Mode) (grith.ai)
3 points by edf13 27 days ago | past
The Trivy Supply Chain Attack Reached LiteLLM (grith.ai)
3 points by edf13 27 days ago | past | 1 comment
Meta's Rogue AI Agent Gave Engineers Access They Shouldn't Have Had (grith.ai)
1 point by edf13 28 days ago | past
Meta's Rogue AI Agent Gave Engineers Access They Shouldn't Have Had (grith.ai)
3 points by edf13 28 days ago | past
Google's A2A Protocol Has Zero Defenses Against Prompt Injection (grith.ai)
4 points by edf13 32 days ago | past | 1 comment
Permission Fatigue Is Not a UX Problem. It Is a Security Failure (grith.ai)
3 points by edf13 33 days ago | past | 1 comment
NemoClaw vs. Grith: Sandbox for One Agent vs. Security for All (grith.ai)
3 points by edf13 33 days ago | past
AI Agent Backdoors Trivy Security Scanner, Weaponizes a VS Code Extension (grith.ai)
2 points by edf13 34 days ago | past
AI Agent Backdoors Trivy Security Scanner, Weaponizes a VS Code Extension (grith.ai)
2 points by edf13 34 days ago | past | 1 comment
87% of AI-Generated Pull Requests Ship Security Vulnerabilities (grith.ai)
6 points by edf13 35 days ago | past
Claude Code Auto Mode Lets the Agent Approve Its Actions – That's the Problem (grith.ai)
3 points by edf13 40 days ago | past
Claude Code Attempted 752 /proc/*/environ Reads. 256 Succeeded. Codex: 0 (grith.ai)
4 points by edf13 41 days ago | past
Claude Code Attempted 752 /proc/*/environ Reads. 256 Succeeded. Codex: 0 (grith.ai)
3 points by edf13 42 days ago | past
Grith (grith.ai)
1 point by handfuloflight 46 days ago | past
A GitHub Issue Title Compromised 4k Developer Machines (grith.ai)
632 points by edf13 47 days ago | past | 195 comments
Vibe Coding Is Killing Open Source, and the Data Proves It (grith.ai)
5 points by edf13 48 days ago | past
We Audited 2,857 Agent Skills. 12% Were Malicious (grith.ai)
2 points by edf13 49 days ago | past
We Audited 2,857 Agent Skills. 12% Were Malicious (grith.ai)
2 points by edf13 50 days ago | past
MCP Servers Are the New npm Packages (grith.ai)
4 points by edf13 50 days ago | past | 1 comment
We Audited the Security of 7 Open-Source AI Agents – Here Is What We Found (grith.ai)
2 points by edf13 53 days ago | past
OpenClaw Got Banned. Here Is Why That Should Worry You (grith.ai)
1 point by edf13 60 days ago | past | 1 comment
A hidden prompt can steal your SSH keys (grith.ai)
6 points by edf13 61 days ago | past | 2 comments

Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search:

HN For You