Zero Tweet

DHS has issued hundreds of administrative subpoenas to Google, Reddit, Discord, and Meta seeking identifying information on users who criticize ICE or share agent locations. Some companies have already complied with portions of these requests, raising First Amendment concerns.

The article discusses growing European interest in developing an independent nuclear deterrent, driven by concerns over US reliability and Russian aggression. Key figures at the Munich Security Conference are debating whether Europe needs its own nuclear capabilities outside of NATO's umbrella.

Overview: This is a promotional post for Intelligence Cyber Wizard, a cryptocurrency wallet recovery service founded in 2016 with offices in San Francisco and Switzerland. The post details their history, global presence at crypto conferences, and includes warnings about scammers impersonating them on social media. Engagement Level: Low-Medium. Sentiment: Highly skeptical—HN users typically view crypto recovery services with suspicion, often flagging them as potential scams or questioning their legitimacy.

Users discuss a uBlock filter list that hides YouTube Shorts from the interface, with many sharing alternative solutions like redirecting shorts to normal video URLs, using extensions like Unhook, or disabling watch history entirely. Engagement is High with extensive technical discussion and solution-sharing. Comments show frustration with YouTube's aggressive shorts promotion, viewing it as manipulative and addictive, while users enthusiastically exchange workarounds.

North Korean hackers pose as fake recruiters targeting devs with malicious coding challenges on LinkedIn and Reddit. Over 190 malicious npm/PyPI packages deliver a RAT that steals crypto and exfiltrates files. Engagement: Medium. Comments show cynical debate about job market desperation vs. gullibility, with some victim-blaming and broader critiques of LinkedIn and crypto.

This is a Show HN post for Threat Radar, a live cyber threat intelligence dashboard hosted at radar.offseq.com. The tool appears to provide real-time visualization of cybersecurity threats and threat intelligence data for security professionals.

Apple patched a decade-old iOS zero-day (CVE-2026-20700) that enabled sophisticated attacks including code execution and sandbox escape, likely exploited by commercial spyware vendors. The flaw was discovered by Apple and Google's Threat Analysis Group and linked to two WebKit zero-days patched in December 2025.

DHS has reportedly sent hundreds of administrative subpoenas to Google, Meta, Reddit, and Discord seeking to unmask anonymous accounts critical of ICE or sharing agent locations. These subpoenas don't require judicial approval, and while some tech companies have complied, DHS has withdrawn demands when targeted users fought back with lawsuits.

Summary: Textpattern CMS version 4.9.1 has been released with a focus on security fixes, patches, and general improvements. It's a maintenance update addressing vulnerabilities and refining the platform.

Summary: Telnet traffic plummeted 59% on Jan 14, 2026—six days before a critical root-access vulnerability (CVE-2026-24061) was publicly disclosed. GreyNoise researchers suspect Tier 1 telcos received advance warning and quietly implemented port 23 filtering.

Summary: Discusses using IP reputation as one layer in a multi-layered approach to preventing signup abuse. Emphasizes defense-in-depth strategy where no single signal is relied upon alone, but combined with other signals for better detection. Practical guidance for security teams building abuse prevention systems.

A developer is building a graph-based compliance risk engine and seeking honest feedback from the community. The project appears to leverage graph database technology for identifying and assessing compliance-related risks. Shared via a NetSec Telegram channel.

Article discusses methods for hacking pharmacy systems to obtain free prescription drugs and other unauthorized access. Covers vulnerabilities in pharmacy software and potential security risks in healthcare infrastructure.

Summary: The CIA reportedly investigated a secret experiment in Norway linked to "Havana syndrome," the mysterious health condition affecting US personnel abroad. This suggests possible directed-energy weapon testing on foreign soil.

Summary: Article appears to discuss "vibe-coding" (intuitive/AI-assisted coding) and its security implications, likely a cautionary tale about skipping security practices. Engagement: Unable to assess - no comments displayed. Comments Vibe: N/A - no comments available to analyze.

Summary: Israeli reservists were arrested for allegedly using classified military intel to bet on Polymarket about Israeli strikes on Iran, with one account winning over $150K by correctly predicting a 12-day war timeline. Shin Bet indicted suspects on serious security offenses.

Summary: A technical discussion question about how the token bucket algorithm controls and enforces bursty network traffic patterns. The post explores the mechanics of rate limiting through token accumulation and consumption.

Figure Technology, a blockchain-based lending company, confirmed a data breach caused by a social engineering attack on an employee. Hacking group ShinyHunters claimed responsibility and published 2.5GB of stolen customer data—including names, addresses, DOBs, and phone numbers—after the company refused to pay a ransom. The breach was part of a larger campaign targeting Okta SSO customers.

Summary: A frustrated iOS user created a countdown website threatening to switch to Android in 120 days if Apple doesn't fix the notoriously broken iOS keyboard. The keyboard suffers from autocorrect failures, incorrect key registration, and poor text selection—issues many users have experienced since iOS 17.

Summary: Google's Gemini 3 Deep Think achieved 84.6% on ARC-AGI-2, significantly outperforming competitors like Opus 4.6 (68.8%), though at $13.62 per task. The release has sparked debate about whether benchmark gains translate to real-world utility, with users reporting mixed experiences despite impressive scores.

A 2026 guide highlighting essential free security tools for everyday users. Covers must-have software for protecting your digital life without spending a dime. Useful roundup for anyone looking to boost their cybersecurity posture.

This security newsletter covers securing OpenClaw AI agents with new tools like ClawShield and clawdstrike, PortSwigger's Top 10 Web Hacking Techniques of 2025 featuring novel SSRF and SSTI methods, and how LLMs are revolutionizing vulnerability discovery - Claude Opus 4.6 found 500+ memory corruption bugs while a GitHub Action now detects "negative-days" (vulnerabilities patched before getting a CVE). 🔐

Summary: Microsoft patched a serious flaw in Windows 11 Notepad that let attackers silently execute programs via malicious Markdown links. The vulnerability (CVE-2026-20841) stemmed from Notepad's new Markdown support added after WordPad was discontinued.

Critical BeyondTrust vulnerability (CVE-2026-1731, CVSS 9.9) is now being actively exploited in the wild, allowing unauthenticated remote code execution. CISA also added 4 flaws to its KEV catalog, including a Notepad++ supply chain attack by China-linked Lotus Blossom that went undetected for 5 months. Patch immediately if you use these products.

Security researchers uncovered multiple malicious Chrome extension campaigns: "CL Suite" steals Meta/Facebook Business data and 2FA codes, "VK Styles" hijacked 500K VKontakte accounts, and "AiFrame" uses 32 fake AI extensions to siphon credentials from 260K+ users. A separate report found 287 extensions exfiltrating browsing history from 37.4 million installs—users should audit extensions and limit installs to essential, well-reviewed tools.

Summary: The FTC is escalating its antitrust probe into Microsoft, issuing civil subpoenas to competitors about potentially monopolistic practices in cloud computing and AI. Investigators are examining whether Microsoft's licensing and bundling of products like Windows, Office, and Copilot unfairly lock customers into its ecosystem.