Hasty Briefs - Daily Tech News Brief

Bilingual

What My Livewire Honeypot Caught in Its First 60 Hours
2 days ago
- Livewire-honeypot, a FastAPI service mimicking a vulnerable Laravel app (CVE-2025-54068), caught its first real-world exploitation attempt by an Indonesian operator using Livepyre.
- The exploitation involved a three-request pattern from source IP 140.213.220.239, downloading a shell script (shoc.sh) from xantibot[.]pw to harvest credentials and database data from compromised PHP applications.
- The script (shoc.sh) searches for config files (e.g., .env, wp-config.php), extracts database credentials and APP_KEY, and uploads findings to a DigitalOcean Spaces bucket, while sending status updates via a Telegram bot.
- No persistence or backdoor is left on compromised systems; the operation focuses on one-time data exfiltration for sale, with IOCs limited to request logs rather than disk artifacts.
- The C2 domain xantibot[.]pw has been active since at least February 2026, hosted on Alibaba Cloud Singapore, and linked to multiple victim sites, but lacks prior public threat intelligence coverage.
- Discovery latency was 60 hours, with the trap likely found via certificate transparency (CT) logs, indicating attackers use new-cert feeds for target discovery within days.
dotNET (OK, C#) gets union types
a day ago
- Unions are a new feature in C# 15 and .NET 11, allowing types to represent multiple different cases.
- They are useful for scenarios like handling different OS record types (Windows, Linux, MacOS) without needing a common base class.
- The union keyword creates a union type, which can be instantiated via constructors or implicit conversions.
- Switch expressions provide a safe way to handle union types, with compiler-enforced exhaustiveness checks.
- Union types are implemented as structs with an IUnion interface and a Value property holding the inner object.
- Custom union implementations can avoid boxing for performance by using TryGetValue methods for each case type.
- Features like union member providers, closed enums, and closed hierarchies are planned for future releases.
US Government releases UFO sighting reports – 'Orbs swarming in all directions'
7 hours ago
- The Pentagon released a second batch of UFO files, including documents, audio recordings, and videos.
- Reports date back to 1948, describing sightings of orbs, discs, and fireballs, now termed 'unidentified anomalous phenomena' (UAP).
- A senior US intelligence officer witnessed 'orange orbs swarming' in 2025, forming a triangle before vanishing.
- Files include a 116-page report from 1948-1950 documenting 209 UAP sightings and investigations in Sandia, New Mexico.
- Videos show grainy infrared footage from 2018-2023, with some lacking a verified chain of custody, raising tampering concerns.
- One video depicts a UAP being shot down over Lake Huron in 2023, amid increased scrutiny of unidentified objects.
- The releases follow orders from Presidents Trump and Biden, with more files promised on a rolling basis.
- Officials state the files do not confirm extraterrestrial life, leaving interpretation to the public.
- Congressman Tim Burchett advocates for more transparency, calling the releases a 'drop in the bucket'.
Evaluating Spec CPU2026
3 hours ago
- SPEC CPU2026 is the latest update to the SPEC CPU benchmark suite, featuring 52 workloads, up from 43 in SPEC CPU2017, with increased source code complexity (KLOC).
- The reference system for SPEC CPU2026 is an Ampere eMAG 8180, which is outdated and easily outperformed by modern desktop CPUs like Intel's Lion Cove and AMD's Zen 5.
- Performance analysis shows Zen 5 and Lion Cove are closely matched in integer tests, while Zen 5 often leads in floating point tests, partly due to AVX-512 support in GCC 14.2.0.
- SPEC CPU2026 integer workloads generally have higher and tighter IPC (Instructions Per Cycle) distributions compared to SPEC CPU2017, indicating fewer cache misses and branch mispredicts, with less emphasis on branch prediction challenges.
- Top-down analysis reveals improved retiring slot utilization in integer workloads, with frontend latency limiting performance in code compilation tests like 721.gcc and 723.llvm, while floating point workloads focus more on core throughput.
- Instruction caching is more challenging in SPEC CPU2026, with larger code footprints reducing micro-op cache coverage on Zen 5, while Lion Cove's larger instruction cache handles misses better, and data-side cache misses are less common overall.
- The suite lacks some low-IPC workloads like 520.omnetpp from SPEC CPU2017, shifting focus toward core throughput, and may complement rather than perfectly replace its predecessor.
AI Engineering from Scratch
2 days ago
- AI Engineering from Scratch is a free, open-source curriculum with 435 lessons across 20 phases, covering topics from linear algebra to autonomous swarms.
- Lessons are available in four languages—Python, TypeScript, Rust, and Julia—and each algorithm is built from raw math before integrating any frameworks like PyTorch.
- The learning approach involves reading problems, deriving math, writing code, running tests, and keeping artifacts, with no reliance on videos or hand-holding.
- The curriculum is hosted on GitHub, where it can be cloned or forked for self-paced learning without paywalls or signups, running on your own machine.
I love my Bluetooth keyboard
a day ago
- The author purchased a Bluetooth keyboard for their phone during a trip to China to facilitate note-taking.
- Texting friends with the keyboard enhances typing speed and allows copy/paste, though it may lead to verbosity.
- Using the notes app with a keyboard simulates a typewriter by limiting distractions and providing editing features.
- Keyboard shortcuts enable app switching and navigation on the phone, improving efficiency, especially with copy/paste.
- No specific keyboard recommendations, but the author suggests Bluetooth keyboards based on their positive experience.
Hengefinder: Finding When the Sun Aligns with Your Street
a day ago
- The project, Hengefinder, was developed to determine when the sun aligns with east-west streets, similar to Manhattanhenge, for any location.
- Three main challenges were tackled: calculating road bearings using spherical geometry, finding the sun's azimuth at sunset with a boundary search, and matching road bearing to sunset azimuth via a two-phase search.
- The corrected approach for road bearing involves scaling longitude by the cosine of latitude to account for Earth's curvature, enabling accurate angle calculation.
- For sunset timing, a binary search was used to find the last moment the sun is above a target altitude, ensuring the sun's disk is fully visible on the horizon.
- A two-phase search (coarse and fine) identifies henge dates by tracking the sun's azimuth curve, avoiding brute-force methods and minimizing API calls.
- The tool includes a website, mobile app (extended by John Pribyl), and an explainer page, with applications beyond Manhattan, such as Amsterdam's Haarlemmertrekvaart canal.
- Henges are geometrically rare but occur globally, often unnoticed, highlighting the interplay between human infrastructure and natural phenomena.
Bug 1950764: Work Around Crash on Intel Raptor Lake CPU
20 hours ago
- A revision authored by glandium was published for review on May 21.
- The commit titled 'Bug 1950764 - Work around crash on Intel Raptor Lake CPU' was made by Mike Hommey.
- Changes involve the path 'third_party/rust/zlib-rs/src/deflate/' with 13 lines modified.
- The event timeline includes multiple updates and reviews from May 21 to May 23.
The Lottery – Shirley Jackson (1948)
19 hours ago
- The story describes a seemingly normal village gathering for an annual lottery on a sunny summer day.
- The ritual, conducted by Mr. Summers, involves drawing slips of paper from an old, shabby black box, with traditions that have faded over time.
- Tessie Hutchinson arrives late and protests when her husband Bill draws the marked slip, leading to a second drawing among their family.
- Tessie draws the slip with a black spot and is stoned to death by the villagers, including her friends and neighbors, as part of the tradition.
Putin Can No Longer Hide His Catastrophe
3 hours ago
- Putin has lost control over the narrative protecting Moscow from war consequences, as recent Ukrainian drone and missile attacks directly hit the capital.
- Historical parallels, such as Japan's WWII propaganda collapse after the Marianas loss, illustrate how losing event control undermines regime narratives.
- Ukraine's improved long-range capabilities allow strikes on strategic Moscow targets, exposing Russian air defense vulnerabilities and shifting war momentum.
- Domestic Russian shock over Moscow's vulnerability is growing despite censorship, forcing media coverage and challenging Putin's 'special operation' story.
- The war dynamics have shifted against Russia, with Ukraine gaining strength and shaping the conflict, worsening Putin's domestic political predicament.
The Primordial Credit Argument for Unconditional Basic Income (UBI)
4 hours ago
- David Graeber's 'Debt: The First 5,000 Years' highlights that money originated as an acknowledgment of unpayable debts, particularly for valuable things like life, not just as a medium of exchange.
- The article introduces the concept of 'primordial debt'—the idea that individuals owe an unrepayable debt to society for the civilization that sustains them, and conversely, society owes each individual a 'primordial credit' for their existence and potential contributions.
- UBI is framed not as welfare or a handout, but as the smallest possible acknowledgment of this mutual, unpayable debt and credit, recognizing that human value exceeds any monetary price.
- Gratitude research shows that acknowledging what we owe others increases well-being, but chronic stress from economic insecurity can hinder this feeling; UBI can alleviate that stress, enabling more people to experience gratitude and contribute voluntarily.
- The article argues that UBI is fundamentally about trust—society trusting individuals to use resources wisely—which fosters social trust, reduces stress, and encourages contributions, reversing cycles of distrust and scarcity.
- Interdependence, not independence, is the true human condition; UBI supports 'civilizenius' (collective civilization-wide genius) by enabling diverse contributions and scenes where innovation and creativity thrive.
- Empirical evidence from UBI pilots (e.g., in Finland, Germany, and the U.S.) shows that unconditional cash improves well-being, autonomy, and social trust, without reducing work ethic, by reducing survival stress.
- UBI does not aim to settle debts but to acknowledge them, fostering a sense of gratitude and obligation that motivates people to contribute in varied ways, enriching civilization for future generations.
- The author personalizes the argument by reflecting on their own basic income since 2015, which allowed them to write and appreciate the accumulated human effort behind everyday conveniences.
- The conclusion emphasizes that UBI is a practical, non-utopian step toward a society where work is not a condition for survival, enabling more human flourishing and acknowledgment of our shared inheritance.
AlphaProof Nexus solves 9 Erdős problems and proves 44 sequence conjectures
4 hours ago
- Google DeepMind's AlphaProof Nexus solved 9 out of 353 open Erdős problems and proved 44 out of 492 open OEIS conjectures, tackling challenges unsolved for decades.
- The system combines large language models with the Lean formal proof assistant, using 'agentic loops' to generate and iteratively refine proofs, with verification ensuring logical correctness and countering AI hallucination.
- Each problem was solved at a cost of a few hundred dollars, making formal verification more accessible. The full Nexus architecture proved more efficient than a basic agent variant.
- This advancement builds on AlphaProof's previous success at the International Math Olympiad, now addressing research-level problems, and has implications for AI-driven verification in fields like smart contract auditing and zero-knowledge proofs.
Surface laptop ships with 8GB RAM for $1299 despite pushing 16GB for Copilot PCs
3 hours ago
- Microsoft is introducing an 8GB RAM variant of the Surface Laptop for Business 13-inch at $1,299.99 despite the company's previous advocacy for 16GB as a minimum for modern AI tasks.
- The decision is criticized as hypocritical given Microsoft's recent benchmark report mocking Apple's 8GB base model MacBook Neo, which is priced at only $599.
- The 8GB configuration is seen as inadequate for Windows 11's resource demands, including web apps and future agentic AI features, potentially leading to heavy SSD swapping and reduced performance.
Ebola Outbreak Now Third Largest Recorded and "Spreading Rapidly"
3 hours ago
- Ebola outbreak in Ituri province, DRC escalates, nearing 750 cases with 177 deaths and 1,400 contacts traced.
- WHO upgraded national risk level to 'very high'; outbreak spreads rapidly despite detection delay.
- First suspected case on April 24; WHO notified May 5, arrived with 80 existing cases.
- Outbreak driven by Bundibugyo virus strain lacking established vaccines or therapeutics.
- Challenges include armed conflict, population mobility, weak health systems, and acute hunger.
PHP's Oddities
4 days ago
- PHP often receives criticism based on outdated perceptions; modern versions are versatile and feature-rich.
- PHP's arrays are actually ordered key-value dictionaries, which can lead to unexpected behavior during mutations like sorting or filtering.
- Using functions such as array_filter() or unset() can disrupt array indices, requiring array_values() to reset them.
- Class property types in PHP introduce an 'uninitialized' state distinct from NULL, causing fatal errors if accessed before initialization.
- Untyped properties default to NULL, but typed properties (including nullable ones) remain uninitialized by default unless explicitly set.
- The type system's quirks, combined with dynamic property addition, complicate defensive coding and object structure clarity.
- Despite its quirks, PHP offers low development friction, effective frameworks like Laravel, and remains capable for various tasks.
Reverse engineering circuitry in a Spacelab computer from 1980
3 hours ago
- Spacelab was a reusable laboratory in the Space Shuttle's cargo bay, with a pressurized lab for experiments and unpressurized pallets for space-exposed instruments.
- The Spacelab computer was the Mitra 125 MS, a French 16-bit minicomputer built without a microprocessor, using TTL chips like the 74181 ALU for processing.
- The ALU system used eight 54S181 chips to form a 32-bit adder, spread across three boards with multiplexers, registers, and carry-lookahead chips for flexibility and speed.
- The computer was originally a European project but was later replaced by IBM AP-101SL computers in 1991 due to performance needs and political factors.
- The French computer industry, led by companies like CII and Bull under Plan Calcul, struggled against American dominance, with Bull facing multiple takeovers and nationalizations.
Claw Patrol: an open-source security firewall for agents
2 days ago
- Claw Patrol is an open-source security firewall designed to securely manage agent access to production systems.
- It addresses the dilemma of balancing agent utility with safety by enforcing access rules and preventing dangerous actions like DROP TABLE in SQL or destructive kubectl commands.
- The solution operates outside the agent, routing traffic through a gateway that terminates TLS, parses protocols (e.g., HTTP, SQL, Kubernetes), injects credentials, and evaluates requests against HCL rules.
- Credentials are stored on the gateway, not the agent, reducing the risk of leakage from compromised agents.
- Rules can allow, deny, or chain approvers (e.g., LLM judges or human approvals) based on parsed protocol facets like SQL verbs or Kubernetes resources.
- Claw Patrol supports tunneling to networks the agent's host can't reach, such as through EKS or Cloud SQL proxies, filling gaps left by other solutions focused only on HTTP.
- Currently released as alpha software under the MIT license, it includes documentation for extending protocol support and encourages community contributions.
Texas Woman files lawsuit after arrest for Facebook post about polluted water
4 hours ago
- Jennifer Combs was arrested on May 8 for a felony false alarm charge after posting on Facebook about Trinidad's water quality causing hospitalizations.
- Trinidad Police claimed her post spread false information causing fear, while Combs argues it was political retaliation, citing community complaints about water issues.
- Trinidad's mayor acknowledged aging water infrastructure struggles but wouldn't confirm sickness; a water boil notice was issued briefly in April.
- Combs filed a federal lawsuit against the city, with her attorney accusing officials of corruption and First Amendment violations.
- A constitutional law professor suggested Combs' speech may be protected, as it addresses public interest.
The Art of Money Getting
6 hours ago
- P.T. Barnum's book 'The Art of Money Getting' distills a lifetime of experience into 20 plainspoken rules for financial success.
- Key principles include choosing a vocation that aligns with your natural abilities to excel and avoid struggling in unsuitable work.
- Debt should be avoided as it compromises freedom and self-respect; maintaining income above expenses is crucial.
- Commit fully to tasks, as half-effort leads to poverty while thorough effort can lead to wealth in the same field.
- Integrity is essential for trust and reputation, which are long-term assets more valuable than short-term gains from dishonesty.
- Practical steps involve assessing and aligning work with abilities, eliminating debts systematically, and completing one task with maximum effort.
The FBI Wants 'Near Real-Time' Access to US License Plate Readers
5 hours ago
- Former Phoenix police officer involved in six shootings, four deadly, runs firearms training for ICE.
- Take It Down Act enables removal of nonconsensual nudes, but companies may use manipulative tactics to hinder data opt-outs.
- FTC settles with marketing firms over non-functional 'Active Listening' tech.
- Bipartisan lawmakers propose restricting automatic license plate readers (ALPRs) for police tracking.
- GitHub breached by cybercrime group TeamPCP in a series of similar attacks.
- Europe, led by France, seeks US-free tech alternatives amid US tech and government ties.
- FBI plans to buy nationwide ALPR data for 'near real-time' vehicle tracking access.
- Google discloses exploit for unpatched Chromium flaw allowing persistent service worker hijacks.
- FTC warns nudifying AI sites about Take It Down Act; DOJ arrests two men for deepfake sexual abuse.
- Former Florida prosecutor indicted for allegedly stealing Jack Smith's sealed report on Trump's classified documents.

Hasty Briefsbeta

What My Livewire Honeypot Caught in Its First 60 Hours

dotNET (OK, C#) gets union types

US Government releases UFO sighting reports – 'Orbs swarming in all directions'

Evaluating Spec CPU2026

AI Engineering from Scratch

I love my Bluetooth keyboard

Hengefinder: Finding When the Sun Aligns with Your Street

Bug 1950764: Work Around Crash on Intel Raptor Lake CPU

The Lottery – Shirley Jackson (1948)

Putin Can No Longer Hide His Catastrophe

The Primordial Credit Argument for Unconditional Basic Income (UBI)

AlphaProof Nexus solves 9 Erdős problems and proves 44 sequence conjectures

Surface laptop ships with 8GB RAM for $1299 despite pushing 16GB for Copilot PCs

Ebola Outbreak Now Third Largest Recorded and "Spreading Rapidly"

PHP's Oddities

Reverse engineering circuitry in a Spacelab computer from 1980

Claw Patrol: an open-source security firewall for agents

Texas Woman files lawsuit after arrest for Facebook post about polluted water

The Art of Money Getting

The FBI Wants 'Near Real-Time' Access to US License Plate Readers