PyCon US 2026 Packaging Summit Recap (discuss.python.org)
Savepoint Project (www.namtao.com)
DeepSeek-V4-Flash means LLM steering is interesting again (www.seangoedecke.com)
Thinking in States (www.metalevel.at)
Introducing Incremental (blog.janestreet.com)
Content-defined chunking in Bazel''s remote cache (www.buildbuddy.io)
Hyperpolyglot Lisp: Common Lisp, Racket, Clojure, Emacs Lisp (hyperpolyglot.org)
The Piece Table - the Unsung Hero of Your Text Editor (dev.to)
Rust x GBA: Setup and Pixels (jonahnestrick.com)
Async I/O in Zig 0.16, today (lalinsky.com)
The Tomy Tutor and the state of 1983 home computers (oldvcr.blogspot.com)
Dusklight • Restoring light to a classic adventure (twilitrealm.dev)
A checkbox to enable the Django debug toolbar (mdk.fr)
experimental OpenBSD MAP-E CE support (feedback) (git.sr.ht)
Subscription Bombing: Email under Attack (cacm.acm.org)
The Futility of Lava Lamps: What Random Really Means (loup-vaillant.fr)
Data race freedom in OxCaml (kcsrk.info)
triad: data-oriented window manager for the River Wayland compositor (github.com)
Recent Kernel exploits, attack surface reduction, example IPSEC (www.openwall.com)
Starting Systems Programming, Pt 1: Programmers Write Programs (2025) (eblog.fly.dev)
A 90''s era Keygen-like for X11 for Unix/Linux (github.com)
A few ways of specifying per-theme colours in only CSS (chrismorgan.info)
My Thoughts on Bun''s Rust Rewrite (en.liujiacai.net)
Virtual Bevy Meetup 13 Recordings now on YouTube (rustunit.com)
Ascetic Computing (ratfactor.com)
Cheap smart doorbell allows fleet-wide account takeover and call hijacking (www.abgeo.dev)
The CTF scene is dead (kabir.au)
How to Write to SSDs (arxiv.org)
Explore Wikipedia Like a Windows XP Desktop (explorer.samismith.com)
Using Rust to parse Godot .tres files and walk the resource graph (assethoard.com)
Starting my own Content Delivery Network (www.youtube.com)
Prolog Projects Tips (occasionallycogent.com)
A History of IDEs at Google (laurent.le-brun.eu)
CVE-2026-40369: Arbitrary Kernel Address Increment via NtQuerySystemInformation (github.com)
Announcing the Zulip Foundation (blog.zulip.com)
LLM generated text should be off topic (lobste.rs)
Git Is Not Fine (www.billjings.com)
5 faster fast_blur in image-rs (apas.tel)
What we learned using AI agents to refactor a monolith (1password.com)
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens (projectzero.google)
Moving away from Tailwind, and learning to structure my CSS (jvns.ca)
Bug Archeology: Solving a decade-old Swift/C mystery (with LLMs) (samkhawase.com)
The Emacsification of Software (sockpuppet.org)
Welcome to ORDER BY jungle (boringsql.com)
Open Source Resistance (ossresistance.com)
security mitigations ansible role (git.sig-io.nl)
The old world of tech is dying and the new cannot be born (www.baldurbjarnason.com)
SQL: Incorrect by Construction (chreke.com)
Bidirectional Typechecking That Does Not Stop (semantic-domain.blogspot.com)
why use F# for scripting and automation? (iev.ee)
claude-for-legal: A suite of plugins for legal workflows (github.com)
Volkswagen- detects when your tests are being run in a CI server, and makes them pass (2015) (github.com)
Community building at the edge of the Internet (news.dyne.org)
PyCon US 2026 Typing Summit Recap (bernat.tech)
Mullvad exit IPs as a fingerprinting vector (tmctmt.com)
Prolog Basics Explained with Pokémon (unplannedobsolescence.com)
ssh-keysign-pwn: Read root-owned files as an unprivileged user (github.com)
Shell Tool Testing (zork.net)
In what way if any are you a tech minimalist while maintaining your job/love for tech? (lobste.rs)
Porting 3D Movie Maker to Linux (benstoneonline.com)
Amazonbot is finally respecting robots.txt (xeiaso.net)
int a 5; a a a; a ? (2011) (gynvael.coldwind.pl)
A Simple Runtime Invariant Miner (rahul.gopinath.org)
"This is written by an LLM" comments should be flagged as off-topic (lobste.rs)
Core Team Panel - Gleam Gathering 2026 (youtu.be)
Spam Resistant Forges (blog.feld.me)
PostgreSQL 18.4, 17.10 closing 11 CVEs (www.postgresql.org)
SQL’s ORDER BY Has Come a Long Way (modern-sql.com)
First public macOS kernel memory corruption exploit on Apple M5 (blog.calif.io)
Linux Compromises, Broken Embargoes, and the Shrinking Patch Window (www.askbaize.com)
How I Moved My Digital Stack to Europe (monokai.com)
HDD Firmware Hacking Part 1 (icode4.coffee)
LibreOps (libreops.cc)
C26 Shipped a SIMD Library Nobody Asked For (lucisqr.substack.com)
The element as a trap (hacktivis.me)
Passwords suck. Can passkeys replace them? (kerkour.com)
Mandy: ActivityPub on Goblins (spritely.institute)
How do I write Elixir tests? (hauleth.dev)
Bun''s Rust rewrite has been merged (www.reddit.com)
Coding Is Thinking: Why I Still Write Code by Hand (dev.to)
Notes from Optimizing CPU-Bound Go Hot Paths (blog.andr2i.com)
The Age of the Amplifier (www.construction-physics.com)
Hoot 0.9.0 released (spritely.institute)
Browsers Treat Big Sites Differently (denodell.com)
Classic 7 is a Windows 10 LTSC mod to look 1:1 to Windows 7 (classic7.lol)
httpx2 - Fork by Pydantic (tildeweb.nl)
Sculpt OS release 26.04 (genode.org)
May I recommend… understanding Emacs''s patterns (www.chiply.dev)
So you want to deploy FN-DSA (keymaterial.net)
5 Years and 5M Later: Inventing a New Programming Language for Web Development Was a Mistake Wasp (wasp.sh)
Pyrefly v1.0 is here (pyrefly.org)
Achieving NGINX Remote Code Execution via an 18-Year-Old Vulnerability (depthfirst.com)
Catching Typos on My Website with Browser Testing (wickstrom.tech)
How (and why) rqlite takes control of the SQLite Write-Ahead Log (philipotoole.com)
Points are a weird and inconsistent unit of measure (buttondown.com)
Fragnesia: New Linux Privilege Escalation Exploit (github.com)
What if there was no BASIC in EndBASIC? (blogsystem5.substack.com)
Setting up a free *.city.state.us locality domain (fredchan.org)
Lua as a practical "soft-bedrock" language (portal.mozz.us)
Reverting the incremental GC in Python 3.14 and 3.15 (discuss.python.org)
C26: Standard library hardening (www.sandordargo.com)
The Most Emacs Bzr Saga (thanosapollo.org)
Designing a Custom Query Language for Non-Technical Analysts (nchammas.com)
Securitybaseline.eu (securitybaseline.eu)
YellowKey Bitlocker Bypass Vulnerability (github.com)
Sovereign Tech Fund invests over 1 million in KDE software development (kde.org)
AI as Social Technology (knightcolumbia.org)
Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection (0day.click)
Erlang/OTP 29.0 Release (www.erlang.org)
An update on East River Source Control availability (ersc.io)
Dart Live, a compiler, VM, analyzer and hot reload on the web via Wasm (modulovalue.github.io)
MacBook Neo Review: The Laptop For The Rest Of Us (fireborn.mataroa.blog)
Tolaria, Rust, and Questions About What Makes a Mac App Feel Good to Me (shapeof.com)
Deterministic Fully-Static Whole-Binary Translation without Heuristics (arxiv.org)
A detailed introduction to Kakoune for the aspiring power user (ficd.sh)
Partial static single information form (bernsteinbear.com)
what 262,715 regex questions on stack overflow haven''t answered (iev.ee)
Solving the Rubik''s Cube (www.youtube.com)
Pycco: 100-line literate-style side-by-side documentation renderer (pycco-docs.github.io)
Shrinking the OxCaml js_of_ocaml bundle: 285 MB to 4 MB (kcsrk.info)
The BeBox: BeOS Hardware, Photos, and the Apple Deal That Wasn''t (www.jdhodges.com)
Soon We Can Finally Banish JavaScript to the ShadowRealm (css-tricks.com)
The hidden cost of mpsc channels (blog.howardjohn.info)
"six CVEs for serious security vulnerabilities in dnsmasq" (lists.thekelleys.org.uk)
Quack: The DuckDB Client-Server Protocol (duckdb.org)
What is BusyBox? (specular.fi)
cost of enum-to-string: C26 reflection vs the old ways (vittorioromeo.com)
Redis and the Cost of Ambition (charlesleifer.com)
Bambu Lab is abusing the open source social contract (www.jeffgeerling.com)
Time travel without borders (guix.gnu.org)
All the ways to mock your Rust code (blog.appliedcomputing.io)
Killing a Cow made my JSON formatter 42% faster (jacobasper.com)
How Rockstar fit an entire city into PlayStation 2 memory (www.youtube.com)
Postmortem: TanStack npm supply-chain compromise (tanstack.com)
Any app on recent Android versions can leak certain traffic (mullvad.net)
Learning Software Architecture (matklad.github.io)
Fuzzing fork of go toolchain (blog.trailofbits.com)
Unison In Anger (blog.feld.me)
GitLab Act 2 (about.gitlab.com)
A Technical Guide to Compiling Emacs for Performance on Linux and Unix systems (www.jamescherti.com)
The Problem of Pedagogy in Advanced Mathematics (susam.net)
Kettle: Attested builds for verifiable software provenance (arxiv.org)
CSS & vertical rhythm for text, images, and tables (vincent.bernat.ch)
floci: Light, fluffy, and always free - The AWS Local Emulator alternative (github.com)
Popular Go library fsnotify raises supply chain alarms after maintainer access changes (socket.dev)
taken (sinceyouarrived.world)
Extraordinary Ordinals (text.marvinborner.de)
An annotated digest of the 12th International Workshop on Plan 9 (n-gate.com)
The Cathedral, the Bazaar and the Kitchen (blog.vrypan.net)
Zig vs Rust in 2026 (zackoverflow.dev)
iwp9 2026 (n-gate.com)
Fighting Hyrum''s Law in LLVM (maskray.me)
Gram 2.0.0 released (gram-editor.com)
An unusually practical update for EYG (eyg.run)
Tom''s Namespaces: An Odin Fanfic (zylinski.se)
"Respectful" YAML patching in Rust (verrchu.github.io)
Moving from lsp-mode in GNU Emacs to Eglot (utcc.utoronto.ca)
The anti-minimalist backlash is the bigger story behind Oxygen’s revival (filipfila.wordpress.com)
Exception Annotations: Lay of the Land (well-typed.com)
devenv 2.1: Nix with zsh, fish, and nushell via libghostty - devenv (devenv.sh)
Running local models on an M4 (jola.dev)
A modern feed reader (2024) (unterwaditzer.net)
Running my agents in a VPS (crowdhailer.me)
What is random generation? (alperenkeles.com)
Web Feeds in 2026: A Survey (mnot.net)
Im going back to writing code by hand (blog.k10s.dev)
omlx: LLM inference server with continuous batching & SSD caching for Apple Silicon — managed from the macOS menu bar (github.com)
Programmable Whitelist-based Configs: Embedding Rye in Go (ryelang.org)
Ratty: A terminal emulator with inline 3D graphics (ratty-term.org)
Local AI Needs to be the Norm (unix.foo)
Piping terminal output to the browser using systemfd (blog.izissise.net)
Mythos finds a curl vulnerability (daniel.haxx.se)
Fully Preserving Fisher-Price Pixter (dmitry.gr)
Up to 256 MB FERRIT modular F-RAM storage device preserves critical data for up to 200 years (www.cnx-software.com)
How Factorio Syncs A Million Objects over the network (www.youtube.com)
25 years of pathfinding problems with C (www.youtube.com)
dBase: 1979-2026 (delphinightmares.substack.com)
Unlocking Encrypted ZFS Volumes with a Passkey (withblue.ink)
You Need AI That Reduces Maintenance Costs (www.jamesshore.com)
Replacing Ctrl-R in Bash without TIOCSTI (blog.rickardlindberg.me)
My pastebin clone Vivipara and language musings (akselmo.dev)
Tiny-Lua-Compiler: Possibly the smallest Lua compiler ever (github.com)
ClaudeBleed: A Flaw In Claude''s Browser Extension Allows Any Extension to Hijack It (layerxsecurity.com)
Robot Dogs Are a Security Nightmare (www.youtube.com)
Childhood Computing (lilysthings.org)
let-go: Almost Clojure written in Go (github.com)
Patching and forking in package managers (nesbitt.io)
the 90 day disclosure policy is dead (blog.himanshuanand.com)
We see something that works, and then we understand it (lemire.me)
Training an LLM in Swift, Part 1: Taking matrix multiplication from Gflop/s to Tflop/s (www.cocoawithlove.com)
wayland.fyi minimalist wayland special interest group (wayland.fyi)
A recent experience with ChatGPT 5.5 Pro (gowers.wordpress.com)
So you''ve installed fzf. Now what? (2023) (andrew-quinn.me)
9p file server daemon for UNIX-like systems (kamid.omarpolo.com)
plass: manage passwords (projects.omarpolo.com)
Debian must ship reproducible packages (lists.debian.org)
Cosmic Rays Are Quantum Computers'' Kryptonite—Software might just solve the problem (spectrum.ieee.org)
The Twin Diffie-Hellman Problem and Applications (2009) (eprint.iacr.org)
FreeBSD: Local privilege escalation via execve() (www.freebsd.org)
The Intolerable Hypocrisy of Cyberlibertarianism (matduggan.com)
Replacing a 3 GB SQLite database with a 10 MB FST (finite state transducer) binary (til.andrew-quinn.me)
Space Cadet Pinball on Linux (brennan.io)
Good First Issue: Make your first open-source contribution (goodfirstissue.dev)
Idempotency Is Easy Until the Second Request Is Different (blog.dochia.dev)
Fast Fourier Transforms Part 1: Cooley-Tukey (connorboyle.io)
A principled rethinking of array languages like APL (dercuano.github.io)
AI is Breaking Two Vulnerability Cultures (www.jefftk.com)
Relational modeling and APL (dercuano.github.io)
Point-Free Logic Programming (forum.malleable.systems)
Unlocking sudoku''s secrets (2025) (chalkdustmagazine.com)
Flipping the bozo bit on flips the learning off (surfingcomplexity.blog)
On DOS, floppies, NetBSD and nostalgia (exquisite.tube)
Abstract Machines for Logic Programs (chrisistyping.bearblog.dev)
Aurora: A Leverage-Aware Optimizer for Rectangular Matrices (blog.tilderesearch.com)
Three Cultures of Math (rkirov.github.io)
Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More) (heyitsas.im)
Where Have All the Complex Windows Malware and Their Analyses Gone? (r136a1.dev)
Laptops all have built-in security tokens these days (ahelwer.ca)
ACME CA Comparison (poshac.me)
Notes on using GNU Emacs'' Tramp system in an unusual shell environment (utcc.utoronto.ca)
Fixing QuickLook (2023) (foon.uk)
FFmpeg: The Incredible Technology Behind Video on the Internet (www.youtube.com)
Yggdrasil Network as an Embedded Go Library (dev.to)
Hacking Time: Spoofing Atomic Clocks with Audio Harmonics (josephhall.org)
.png)
My Agentic Trust Issues: From Prompt Injection to Supply-Chain Compromise on gemini-cli (www.pillar.security)
I Will Not Add Query Strings to Your URLs (susam.net)
WebRTC is the Problem (moq.dev)
The React2Shell Story and What Happened Next.js (sylvie.fyi)
On forking the Web (dillo-browser.org)
You gave me a u32. I gave you root. (io_uring ZCRX freelist LPE) (ze3tar.github.io)
Inflorescence – A cross-platform native GUI for Pijul (nest.pijul.com)
Chrome’s AI features may be hogging 4GB of your computer storage (www.theverge.com)
killswitch: add per-function short-circuit mitigation primitive [LWN.net] (lwn.net)
Steering Zig Fmt (matklad.github.io)
12th International Workshop on Plan 9 (Presentations) (www.youtube.com)
A Randomized Scheduler with Probabilistic Guarantees of Finding Bugs (www.microsoft.com)
CADara - I made an open-source fully in-browser CAD (cadara.app)
I learned something about GPUs today (foon.uk)
CVE-2026-31431: Copy Fail (retr0.zip)
jank now has its own custom IR (jank-lang.org)
Let''s Encrypt Stopping Issuance for Potential Incident (letsencrypt.status.io)
NixOS and Secrets (isabelroses.com)
Vulnerability Garden: A growing list of named vulnerabilities, attack techniques and exploits (vulnerability.garden)
Discovery & Validation in the Linux Kernel (Part 1): CAN Use-After-Free Race (www.bynar.io)
Rooting a VMC2040 security camera (www.marcusfolkesson.se)
What We Lost the Last Time Code Got Cheap (www.poppastring.com)
The Sync bound nobody asked for (verrchu.github.io)
Pushing Local Models With Focus And Polish (lucumr.pocoo.org)
Serving a Website on a Raspberry Pi Zero Running Entirely in RAM (btxx.org)
The surprisingly complex journey to text-selectable client-side generated PDFs (sdocs.dev)
Just Fucking Use Go - Blain Smith (blainsmith.com)
Wii IP6 webserver (wii.sjmulder.nl)
Getting peak TOPS on a Ryzen AI 7 350 NPU (destevez.net)
Stop MITM on the first SSH connection, on any VPS or cloud provider (www.joachimschipper.nl)
building a web server in aarch64 assembly to give my life (a lack of) meaning (imtomt.github.io)
hpke-ng: Faster, Smaller, Harder HPKE for Rust (symbolic.software)
Just Fucking Use React (justfuckingusereact.com)
blaise: A modern, self-hosting Object Pascal compiler built for the 2020s. Zero legacy, full ARC, and unified UTF-8 (github.com)
From Supabase to Clerk to Better Auth (blog.val.town)
The agent principal-agent problem (crawshaw.io)
Revisiting PQ WireGuard (eprint.iacr.org)
A Tale of Two Worlds, a Formal Story of WireGuard Hybridization (www.usenix.org)
jlearn: Machine Learning Library in J (github.com)
The cuda-oxide Book (nvlabs.github.io)
cuda-oxide: cuda-oxide is an experimental Rust-to-CUDA compiler (github.com)
Copy Fail 2: Electric Boogaloo (github.com)
Additive Blending on the Nintendo 64 (phoboslab.org)
Why Don’t Lowercase Letters Come Right After Uppercase Letters in ASCII? – Tyler Hillery (tylerhillery.com)
Cloudflare lays off 1,100 employees (blog.cloudflare.com)
Building Transit Tracker (blog.horner.tj)
Affordances of a screenless writing interface (jamesg.blog)
Mojo v1.0.0b1 (mojolang.org)
Dirty Frag: Universal Linux LPE (www.openwall.com)
Formatting an entire 25 million line codebase overnight: the rubyfmt story (stripe.dev)
Ploopy Bean - external trackpoint (ploopy.co)
jj v0.41.0 is out (github.com)
Behind the Scenes Hardening Firefox with Claude Mythos Preview (hacks.mozilla.org)
A PHP license change is imminent (lwn.net)
Potential Consequences of Using Postgres as a Job Queue (richyen.com)
VRL Log Splitting FlowG v0.55.0 (flowg.cloud)
Major DNS Outage Hits .de Domains: DNSSEC Failure on May 5, 2026 (www.ip.network)
AI Slop is Killing Online Communities (rmoff.net)
Try LispE in the Browser (naver.github.io)
Programming Still Sucks (www.stvn.sh)
DNSSEC disruption affecting .de domains (status.denic.de)
Making your own programming language is easier than you think (but also harder) (lisyarus.github.io)
aube, a fast Node.js package manager (aube.en.dev)
A new hash table for the Lwan web server (tia.mat.br)
Vibe coding and agentic engineering are getting closer than I’d like (simonwillison.net)
Google’s Prompt API (wil.to)
A Path Not Taken for OxCaml (joel.place)
cursed_browser: A web browser with no rendering engine — the VLM reads the HTML and hallucinates the page (github.com)
Branimir Lambov from IBM on Cassandra (theconsensus.dev)
Plastic Flowers to Protect the Hive (phildini.dev)
Canvas-ing the Web (meyerweb.com)
Arguments parsing in Guile (fishinthecalculator.me)
The Original Super Mario 64 Is Now Playable On GBA (retrododo.com)
Hardware-assisted Arm VMs for s390 (lwn.net)
Open weights are quietly closing up - and that''s a problem (martinalderson.com)
How an HTTP header caused time.gov to skew from UTC (alexsci.com)