Story cards stay below the sticky dock while audio, chapters, date, and brief navigation remain accessible.
Prompt Armor disclosed a vulnerability in Ramp's AI-powered spreadsheet feature that allowed indirect prompt injection to exfiltrate confidential financial data to attacker-controlled servers. The exploit worked because the AI could edit spreadsheets without human-in-the-loop review, letting malicious formulas slip through when analyzing tainted external datasets. Ramp patched the issue on March 16, 2026 following responsible disclosure.
A case-sensitive string "HERMES.md" appearing in git commit messages triggered an overzealous anti-abuse content filter in Claude Code, routing API requests to extra-usage billing instead of the user's included Max plan quota. A user on the $200/month Max 20x plan had $200.98 in erroneous charges while 86% of their plan quota remained unused. Anthropic initially refused a refund, sparking massive community backlash before acknowledging the bug.
Zed, the high-performance code editor built from scratch in Rust with a custom GPU-rendered UI, has hit its 1.0 milestone. The release features AI-native capabilities including parallel agent workflows, keystroke-level edit predictions, and support for multiple AI providers via their Agent Client Protocol. They're also launching Zed for Business with centralized team management and enterprise billing.
Alphabet released its Q1 2026 earnings, a closely watched report given Google's massive AI investments across Cloud, Gemini, and Search. The results come as the company faces increasing competition in AI infrastructure and model capabilities from OpenAI, Anthropic, and others. Wall Street is particularly focused on Google Cloud AI revenue growth and Gemini adoption metrics.
Neal.fun — known for viral interactive web experiments — released "Cursor Camp," which has captured Hacker News attention with 388 upvotes. The experience appears to be a playful interactive project likely riffing on the cultural phenomenon of AI-powered code editors and the developer tool hype cycle.
A critical Linux kernel vulnerability has been lurking since 2017 — a logic flaw in the authencesn function that chains through AF_ALG and splice() to give any unprivileged local user root access with just a 732-byte exploit. Every mainstream Linux distro (Ubuntu, RHEL, Amazon Linux, SUSE) is affected, and the exploit requires no race conditions or kernel offsets. Admins should patch to mainline commit a664bf3d603d or disable the algif_aead module immediately.
OpenTrafficMap is a real-time traffic visualization platform that displays live vehicle positions and traffic signal states on an interactive map via WebSocket data streams. It supports multiple vehicle types (cars, trucks, buses, bikes, pedestrians) and renders 3D vehicle models using MapLibre/Mapbox. An interesting open-data project with potential smart-city applications.
Laws of UX is a curated resource by designer Jon Yablonski compiling evidence-based psychological principles for interface design — including Fitts's Law, Hick's Law, Jakob's Law, and Miller's Law. The site serves as a reference for designers seeking to ground their decisions in cognitive science rather than intuition. Useful foundational knowledge for anyone building consumer products.
Andrew Ayer argues that FastCGI eliminates two critical attack classes that plague HTTP-based reverse proxying: desync attacks from inconsistent message parsing and header-spoofing vulnerabilities from trusted/untrusted header confusion. FastCGI's explicit message framing and HTTP_ prefix convention make these attacks structurally impossible. Despite its age, the protocol remains a practical and production-ready security win for backend communication.
The author argues that Lisp and Scheme enable faster prototyping because you can inspect state anywhere without refactoring around purity constraints, and the macro system beats Haskell's Template Haskell in expressiveness and simplicity. Integrated REPL workflows eliminate the edit-compile-run cycle that slows Haskell development. The piece is a pragmatic case for choosing "good enough" ergonomics over mathematical elegance.
