Feed aggregator

You can track your runs, rides and lifts all in one place. This is when you can expect the update.

Article URL: https://martinfowler.com/bliki/Yagni.html

Comments URL: https://news.ycombinator.com/item?id=48226553

Points: 2

# Comments: 0

Article URL: https://lithub.com/robert-m-pirsig-on-the-book-he-wrote-and-the-one-he-didnt/

Comments URL: https://news.ycombinator.com/item?id=48226550

Points: 2

# Comments: 0

Two Microsoft Defender vulnerabilities are being actively exploited in the wild.

On May 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added a notable set of actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The KEV catalog tracks vulnerabilities known to be exploited in the wild and sets patch deadlines for Federal Civilian Executive Branch (FCEB) agencies.

Five of the added vulnerabilities are quite old by vulnerability standards. Patches were released in 2008, 2009, and 2010. But the Microsoft Defender vulnerabilities are from this year. Those two are:

• CVE‑2026‑41091 (CVSS score 7.8 out of 10): a Microsoft Defender elevation of privilege vulnerability. A local attacker who already has some access to a machine can abuse Defender to gain SYSTEM‑level permissions, effectively giving them full control over Windows.
• CVE‑2026‑45498 (CVSS score 4.0 out of 10): a Microsoft Defender denial‑of‑service vulnerability. Here, an attacker can interfere with Defender in a way that disrupts its normal operation. If attackers can crash or disable your antivirus engine on demand, they can create a safer environment for their malware to run undetected.

You should take patching these vulnerabilities seriously if:

• You rely on Microsoft Defender as your primary endpoint protection
• You manage Windows systems in a business, school, or local government environment
• You have shared machines, terminal servers, or any environment where multiple users log on to the same system

As you’d expect from us, we don’t advise relying on Windows Defender alone. There are better options available, and they are not mutually exclusive.

How to patch

Security products are software, and software has bugs. When those bugs end up in a list of known exploited vulnerabilities, ignoring them is like leaving your front door open because “the alarm will catch anyone coming in.” 

Make sure Windows Update is enabled and set to receive updates for Microsoft products. Defender platform updates are often delivered alongside regular cumulative updates.

Also check that recent Microsoft Defender security intelligence and platform updates are installed.

The first version of the Microsoft Defender Antimalware Platform with these vulnerabilities addressed is 4.18.26040.7.

You can usually find that version number in Windows Security:

1. Open Start and search for Windows Security
2. Go to Virus & threat protection
3. Click Settings or the gear icon
4. Open About

Even with auto-update enabled, I didn’t receive this patch immediately. Defender platform updates can lag behind definitions or only appear when a cumulative Windows update lands. Microsoft typically releases updates for the Microsoft Defender Antimalware Platform once a month, or as needed to protect against new threats. 

So, I’ll have to wait. Good thing I’m protected.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that's no longer the case. Read more in my article on the Fortra blog.

Article URL: https://www.politico.com/news/2026/05/20/chatgpt-state-ai-fight-00928903

Comments URL: https://news.ycombinator.com/item?id=48226002

Points: 1

# Comments: 0

Article URL: https://www.wsj.com/tech/ai/trump-executive-order-ai-advanced-models-57bcc955

Comments URL: https://news.ycombinator.com/item?id=48225990

Points: 1

# Comments: 0

Article URL: https://underreacted.leaflet.pub/3mmevu6woys27

Comments URL: https://news.ycombinator.com/item?id=48225985

Points: 1

# Comments: 0

Icouldn't find an open-source, agent-first way to monitor AI search results + traffic so I built Canonry out.

There are tons of nuances with AI web search but have gotten really good results using canonry locally as it can cross reference with GSC, GA to really get a holistic view on the search space.

Comments URL: https://news.ycombinator.com/item?id=48225978

Points: 1

# Comments: 0

Article URL: https://soundtestx.com/

Comments URL: https://news.ycombinator.com/item?id=48225970

Points: 1

# Comments: 0

Article URL: https://help.id.me/hc/en-us/articles/8214940302999-IRS-and-ID-me

Comments URL: https://news.ycombinator.com/item?id=48225956

Points: 1

# Comments: 1

Article URL: https://saffron.health/

Comments URL: https://news.ycombinator.com/item?id=48225930

Points: 1

# Comments: 0

Article URL: https://www.amd.com/en/products/processors/desktops/ryzen/ryzen-ai-halo.html

Comments URL: https://news.ycombinator.com/item?id=48225924

Points: 1

# Comments: 0

I've always been frustrated with search engines. Google used to be the one I always used, but it's now completely overrun with ads and AI Overview. Alternatives like Mojeek, Marginalia, DuckDuckGo, or Startpage don't seem to give me the results I'm looking for.

What's even worse is that search engines like DuckDuckGo, Startpage, and Ecosia are using AI Overviews too. These features ARE optional, but I still felt annoyed that I had to opt out of everything.

This is why I created my search engine Slick. Slick is an independent search engine with its own index. It aims to be everything users want from a search engine, whether that's privacy, speed, transparency, or customization.

We aim to let users have full control over their search engine. Currently, we have implemented this using custom per-domain ranking (similar to Kagi) and custom bangs (DuckDuckGo bangs, but faster and with the ability to add your own).

For revenue, we WILL be using ads in the future, but we want to approach them differently. The ads are intentionally made very visible (bright yellow text, bigger font, etc) instead of using a tiny "sponsored" label. Ads will only be visible on the first page, and there is a maximum of 1 ad per page instead of Google's 1-4.

We are also experimenting with keeping the ads in the actual search results, and I would really like your feedback on this. Since the ads are very visible, instead of forcing them to the very top, we rank them similarly to normal results (with a slight boost so they stay on the first page). The idea is that if an ad is shown, it should at least already be relevant to your query.

Now I'm not going to make the mistake of claiming "privacy" like I did in my Reddit post. Not because Slick isn't private, but because it's not open source and users currently have no way to verify what we say. We want users to feel safe when searching, which is why we want to eventually invest into audits regularly once the project is in a more stable position.

I've only been listing good things about Slick so far, so now it's time for the issues Slick is currently facing for full transparency.

Slick's major issues right now are result quality and speed. When I say bad result quality, I don't mean bad ranking. I've made a detailed overview of Slick's ranking in our blog pasted below. The issue mainly comes from our small index. Since we're a completely independent search engine, we have to do all of the crawling ourselves. Our web index is currently only around 2.5 million documents, although it is slowly growing.

The second issue is speed. This is something we are actively working to fix, but we are heavily limited by infrastructure. Slick isn't running on a massive server, or even a good PC. We are currently running on a Beelink EQR5, which is suboptimal (suboptimal may be an understatement).

These are only the issues I've personally noticed so far, but there are probably many more.

I posted Slick on Reddit a while back, but I didn't get exactly what I was hoping for. A lot of people told me that if the search engine was truly private, they would need the source code. That's part of why I've decided not to lean too heavily into privacy claims on this HN post.

I would really like your ideas, critiques, bug reports, and feedback on Slick. We hope you can support our endeavour to build a search engine that puts users first.

Blog: https://blog.slicksearchhq.com

Search Engine: https://slicksearchhq.com

Reddit: https://reddit.com/r/SlickSearchHQ

Comments URL: https://news.ycombinator.com/item?id=48225919

Points: 1

# Comments: 0

Article URL: https://dailygalaxy.com/2026/05/psychology-childhood-games-nostalgia-adults-former-self/

Comments URL: https://news.ycombinator.com/item?id=48225914

Points: 1

# Comments: 0

Article URL: https://twitter.com/i/status/2057437455243153653

Comments URL: https://news.ycombinator.com/item?id=48225912

Points: 2

# Comments: 0

It'll be the first live professional sporting event captured completely on iPhone devices, according to Apple.

Article URL: https://tinthe.dev/p/t/posts/therapy-for-ai

Comments URL: https://news.ycombinator.com/item?id=48225876

Points: 2

# Comments: 0

Article URL: https://corrode.dev/podcast/s06e04-rust4linux/

Comments URL: https://news.ycombinator.com/item?id=48225864

Points: 1

# Comments: 0