FeedCity

American forces are searching for a missing crew member after a US fighter jet was downed in Iran. Iranian state media says Iran's security forces are also looking for the aviator. Iran is also claiming to have shot down a second US warplane over the Gulf. US media says the ...

[GitHub] platform activity is surging. There were 1 billion commits in 2025. Now, it's 275 million per week, on pace for 14 billion this year if growth remains linear (spoiler: it won't.)

GitHub Actions has grown from 500M minutes/week in 2023 to 1B minutes/week in 2025, and now 2.1B minutes so far this week.

— Kyle Daigle, COO, GitHub

Tags: github, github-actions

Vulnerability Research Is Cooked Thomas Ptacek's take on the sudden and enormous impact the latest frontier models are having on the field of vulnerability research. Within the next few months, coding agents will drastically alter both the practice and the economics of expl...

A fun thing about recording a podcast with a professional like Lenny Rachitsky is that his team know how to slice the resulting video up into TikTok-sized short form vertical videos. Here's one he shared on Twitter today which ended up attracting over 1.1m views!

That was 48 seconds. Our full conversation lasted 1 hour 40 minutes.

Tags: ai-ethics, coding-agents, agentic-engineering, generative-ai, podcast-appearances, ai, llms, cognitive-debt

How a warm puddle of goo went on to invent the citric acid cycle and then TikTok is the question of abiogenesis.

After the very positive surprise of Psycho Goreman, this is the second movie from the same director. Unfortunately, this is not even close to the quality of PG. The humour is lame and just silly (well, yes, some things were indeed pretty funny, but that was an exception), the characters are not as likeable and the puppets are not that great either. I’d rather watch PG again!

On the kernel security list we've seen a huge bump of reports. We were between 2 and 3 per week maybe two years ago, then reached probably 10 a week over the last year with the only difference being only AI slop, and now since the beginning of the year we're around 5-10 per day depending on the days (fridays and tuesdays seem the worst). Now most of these reports are correct, to the point that we had to bring in more maintainers to help us.

And we're now seeing on a daily basis something that never happened before: duplicate reports, or the same bug found by two different people using (possibly slightly) different tools.

— Willy Tarreau, Lead Software Developer. HAPROXY

Tags: security, linux, generative-ai, ai, llms, ai-security-research

The challenge with AI in open source security has transitioned from an AI slop tsunami into more of a ... plain security report tsunami. Less slop but lots of reports. Many of them really good.

I'm spending hours per day on this now. It's intense.

— Daniel Stenberg, lead developer of cURL

Tags: daniel-stenberg, security, curl, generative-ai, ai, llms, ai-security-research

Months ago, we were getting what we called 'AI slop,' AI-generated security reports that were obviously wrong or low quality. It was kind of funny. It didn't really worry us.

Something happened a month ago, and the world switched. Now we have real reports. All open source projects have real reports that are made with AI, but they're good, and they're real.

— Greg Kroah-Hartman, Linux kernel maintainer (bio), in conversation with Steven J. Vaughan-Nichols

Tags: security, linux, generative-ai, ai, llms, ai-security-research

We’re expected to believe that the NY Times is a serious newspaper when they are sending a reporter to talk to dozens of ppl to debunk a claim from a known conspiracy theorist, fascist, and grifter that he’d teleported into a Waffle House?!?

As Slow As Possible. Very very very slow versions of three classic video games: Pong, Breakout, and Missile Command. On the slowest setting, you’re almost begging for a notification functionality to alert you when you need to next engage.

I have to say that I was a little bit charmed by the trailer for Supergirl. Looks promising.

Jason Snell: Last December I complained that Apple was withholding iOS 18 security updates from iPhones capable of running iOS 26, leaving users who didn’t want to upgrade to Apple’s latest OS version yet in some security peril. Well, I have good news and bad news. The ...

I thought the official video of Berghain by Rosalía (feat. Björk & Yves Tumor) was great — “I don’t even know what this is — classical pop? surrealist orchestral?” — and this recent live performance from the Brit Awards takes the song to the next level. I loved it. (via kenzie)

Tags: Bjork · music · rosalía · video

John Voorhees, at MacStories:

It’s a new month and you know what that means: time for a roundup of everything coming to Apple TV and Apple Arcade for April 2026.

What’s still not coming: Jessica Chastain’s political thriller The Savant, originally set for September, but rescheduled for “at a later date” out of cowardice.

Apple’s “at a later date” is looking more and more like Trump’s “in two weeks”.

Link: macstories.net/news/coming-soon-whats-next-on-apple-tv-and…

A women had sex with identical twins (within a 4-day period), got pregnant, and now it’s impossible to tell which is the father, even with DNA testing.

Research: Can JavaScript Escape a CSP Meta Tag Inside an Iframe?

In trying to build my own version of Claude Artifacts I got curious about options for applying CSP headers to content in sandboxed iframes without using a separate domain to host the files. Turns out you can inject <meta http-equiv="Content-Security-Policy"...> tags at the top of the iframe content and they'll be obeyed even if subsequent untrusted JavaScript tries to manipulate them.

Tags: iframes, security, javascript, content-security-policy, sandboxing

Iran says it has shot down a US fighter jet over the west of the country. Iranian state media has published pictures and videos purporting to show parts of the downed plane and one of the ejector seats. American aircraft and reconnaissance drones are said to be involved in t...

Tracker dashboard for the Artemis II mission using real-time data from JPL.