The problem is not a lookup The first intuition when building a chord recognizer is to build a dictionary. There are only 12 pitch classes, which means there are only 2^12 = 4096 possible pitch-class sets. Store a name...
Why Ruby Still Feels Like Home After All These Years I have been writing Ruby for more than fifteen years now. Started back when Rails 3 and 3.1 were current and everyone was still figuring out how to deploy with...
Security Bug Bounty Program Paused Due to Loss of Funding The Node.js Project The Node.js project's security bug bounty program is being paused due to the discontinuation of its external funding source. Background Since...
A notorious threat actor operating under the alias TeamPCP claims to have breached GitHub’s internal systems, allegedly exfiltrating proprietary organization data and source code. The attackers are offering the stolen...
Two weeks ago, we disclosed Copy Fail, a new and exceptionally dangerous Linux local-privilege escalation vulnerability. Copy Fail exploits a kernel memory corruption flaw without injecting code into a running kernel,...
On May 16, 2026, Grafana Labs confirmed a targeted attack by a cybercrime group that gained unauthorized access to our GitHub repositories and downloaded our codebase. They then issued a ransom demand under threat of...
How much can we feasibly strip from a zig binary? Starting from a normal zig program that does absolutely nothing: 2180K for a binary that does nothing. Given that the smallest possible executable ELF file is around 80...
the may 2026 fedi software vulnerability alternate title: the most annoying person you’ve ever known has just gotten a reason to become even more annoying a little before this post ought to go up, mastodon,...
A single XSS vulnerability can turn passkeys from a phishing-resistant login mechanism into a persistent account takeover backdoor. If malicious JavaScript can run on your page, it may be able to register an...
The rationale of edge computing is simple: instead of moving data to centralized data centers, computation is brought closer to where data is produced. In practice, this means deploying software on hardware that lives...
For the last few months, we've been testing a range of security-focused LLMs on our own infrastructure. These LLMs help identify potential vulnerabilities in our own systems, so we can fix them â and they also show us...
Staged publishing adds an approval step before packages go live on the npm registry. Instead of publishing directly with npm publish, you can submit packages to a staging area with npm stage publish. A maintainer must...
A new vulnerability in NGINX JavaScript (njs), tracked as CVE‑2026‑8711, allows unauthenticated remote attackers to trigger a heap‑based buffer overflow that can lead to denial‑of‑service and, in some conditions, remote...
LoRA ( Hu et al., 2021 ) is a now popular alternative to the full finetuning of a Large Language Models (LLMs): instead of tuning the billions of weights of the full model, we add small “adapter” weight matrices that...
Google is giving its iconic search box its first major redesign since 2001. The new design incorporates, you guessed it, artificial intelligence, "getting bigger and more interactive so that people can ask even longer...
Beyond Plastics Tracked Starbucks’ ‘Widely Recyclable’ Plastic Cups. None Ended Up at a Recycling Facility. Electronic Bluetooth Trackers Placed in Starbucks’ In-Store Recycling Bins Followed the Polypropylene Cups to...
Node.js 26.0.0 (Current) Rafael Gonzaga 2026-05-05, Version 26.0.0 (Current), @RafaelGSS We're excited to announce the release of Node.js 26! Highlights include the Temporal API enabled by default, updates to the V8...
The kind of developer I hope to be someday It seems like there are a lot of people either leaving or talking about leaving Github, a very prominent one being Mitchell Hashimoto. Fragmentation seems inevitable, as...
If you liked this piece, you should subscribe to my premium newsletter. It’s $70 a year, or $7 a month, and in return you get a weekly newsletter that’s usually anywhere from 5,000 to 18,000 words, including vast,...
Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations New analysis confirms the targeted applications and reveals fast16 was tailored to corrupt uranium-compression simulations central to...
SpaceX is now targeting the evening of May 21 to launch the latest and largest version of its Starship megarocket for the first time An October 2025 test flight of SpaceX’s Starship. Gabriel V. Cardenas/AFP via Getty...
Recently I got an invitation from an organization I respect, to a gathering of senior people, unconference format. Yes, it’s mostly about AI. No, it doesn’t reek of boosterism. My guess is that the discussions would be...
.png)
May 19, 2026 European AI leader Mistral AI is acquiring Emmi AI in one of Europe’s most important and strategic AI acquisitions to date. Founded in Linz, Emmi AI has quickly emerged as one of Europe’s leading...
TOKYO — Aiming to create a de facto standard in the harshly competitive memory card market, backers of the SmartMedia card have opened its interface specification and made it available free of charge. The move is...
May 2026 The Futility of Lava Lamps: What Random Really Means Cloudflare brags about using lava lamps to “help with internet encryption”. They have this impressive wall of lava lamps, one hundred of them, standing...
The FBI wants to buy access to automated license plate readers (ALPRs) nationwide, which would likely allow the agency to track the movements of vehicles—and by extension people—across the country without a warrant,...
I wanted to find out how Cities: Skylines drives the constant motion you see in a growing city - residents looking for jobs, tourists visiting attractions, garbage trucks doing their rounds, even cims looking for love...
Since 1994, Infomaniak has followed the same path: privacy, environmental responsibility, and local roots. Thirty-two years on, these commitments are no longer just promises. On 20 May 2026, our founder Boris...
No way to parse integers in C There are a few ways to attempt to parse a string into a number in the C standard library. They are ALL broken. Update at the bottom: Actually C++âs std::fromchars() looks useful. Leaving...
In 2025, data centers consumed 485 TWh of electricity. Thirty percent of that, more than the entire annual power consumption of Sweden, went to cooling. Scientists have developed a 3D-printed copper-plate cooling tech...
{'text': 'The frontier of AI is shifting from models that answer to agents that act—and agents are only as capable as the systems they can reach. Today, Anthropic is acquiring Stainless, a leader in SDKs and MCP server...
Elon Musk’s claim that he was mistreated by his OpenAI cofounders failed after nine California jurors decided in a unanimous verdict that his lawsuits had been filed too late. Musk took Sam Altman, Greg Brockman, OpenAI...
There’s a handmade, retro-looking radio sitting in our office that plays only four pre-programmed stations, none of which are run by humans. This is our latest project at Andon Labs, where we’re exploring what happens...
March 05, 2026 A "brief" accounting of various reasons why vibe coding has just never clicked for me personally as a developer. There has been a lot of discussion online lately about vibe coding and and how Large...
2026-05-06. I opened a coordination case with CERT/CC’s VINCE covering the findings below. CVE assignment will go through that process. 2026-05-07. Naxclow contacted me one day after this post went live, acknowledged...
Smoke tests for fun and profit Smoking is bad for you. Testing software is good for you though. A while ago I wrote about detecting memory leaks in KDE CI. That works beautifully, and has already lead to real-world...