UPDATES
Hey, hope you’re doing well on your side!
Lots of stuff to share this week…
Automated Binary Exploits?
🔥🤯🔥🤯🔥🤯 (Not my subspace, but Rob is legit and I wouldn’t be surprised at all if this is true)
to put it another way, just an LLM using the command line as its sole tool is now able to zero shot perform binary exploitation
— #Rob Ghilduta (#@robertghilduta)
1:14 PM • Mar 31, 2025
My Debate with Marcus Hutchins About AI
Not sure if you’ve noticed, but Marcus and I disagree massively about AI. He thinks it’s basically autocomplete, and I think it’s going to disrupt/remove many millions of jobs. So we decided to debate about it on camera! It was really good, and not just from the point/counterpoint angle, but it was extremely civil as well! THE VIDEO
🗣️My question to you is: Did this help you make up your own mind? Who do you think made the stronger points? Which arguments swayed you? What you think we got wrong? And what should we cover in Part 2? COMMENT ON THE DEBATE | REQUEST TOPICS FOR PART 2
—
Claude Code is definitely the most HOLY CRAP ARE YOU SERIOUS? AI tool I’ve used so far. And I know everyone keeps saying that for new tools. It really does just feel different. I can seriously talk to it like a peer or senior developer and just have it go off and do things for me.
Things like Cursor and Cline still feel really powerful, but they feel like tools rather than developers—if that makes sense.
The difference is massive. Just go play with it. It’s a couple commands and you’re up and running. GO TRY CLAUDE CODE
—
🔥 Highly recommend this conversation with Arthur Kroeber and Dwarkesh Patel on China. Way better than the common, extreme takes by people like Zeihan. THE CONVERSATION VIDEO
—
Fascinated by the “What Do You Notice?” PsyOp, and What I Think is Happening
There’s a psyop (it’s a useful word, I think) going around that is absolutely tripping me out. It’s basically part of the “everything is horrible” propaganda message coming out of far-right and Russia propaganda farms, although I’m sure others would love to get in on the game as well.
So the way it works is super interesting, and viral. Here’s an example.
Look closely at the end of this footage of U.S. military aircraft in flight. What do you notice?
— #Mel Gibson 🇺🇸 Commentary (#@melgibsonhq)
3:11 AM • Jun 19, 2025
First, it requires you to watch the video all the way through, and multiple times.
It then implicitly asks you to use your own special analysis skills to figure out what’s wrong with it. Because gullible types love to believe they’re experts in lots of stuff.
They then paint a perfect picture in your brain without actually saying anything!
The watching brain basically tries to square the circle, coming up with an explanation when there isn’t one. Or even worse, there might not even be anything wrong with the video.
So the conspiracy brain goes on a special forces mission to solve the puzzle.
This is then followed up with 10 more videos hitting their feed, and one or two of them will give you an explanation. But only like 1 or 2 out of 10.
This makes the person think they’re figuring out the other puzzles on their own! Even though they’ve just been handed the narrative.
And here’s another one:
Americans are reporting their Summer no longer looks the same - describing it as a “White Out”.
You all know why…..it’s absolutely everywhere.
— #Concerned Citizen (#@BGatesIsaPyscho)
4:43 PM • Jun 19, 2025
Oh, and notice that these videos get millions of views.
So this is the narrative we’re currently being sold on X:
Weather is changing, food is changing, the world is basically different now in some inexplicable way (that you should try to intuit)
Women aren’t women anymore, and men aren’t men anymore
The US used to be on top, and now we’re just a bunch of pussies
Black people are nasty and violent, and nobody likes them, and for good reason
Anything that’s wrong with you, it’s from vaccines
The US is the most racist country ever, with constant crimes against non-whites
Liberals and Black people basically ruined the country
Russia is way nicer than the US. It’s full of pretty white girls and no Black people
You’ve been sold a lie that Russia is bad, but people love it there
Most importantly: you are being lied to, and you should be ANGRY
This is the message. And it’s like everywhere, but especially on X. There are like hundreds of these accounts, and if you click on any of the actual accounts, it’s nothing but these memes conveying the general message above.
It’s all to raise anger and sow division in the US (not sure what Europe/Asia are seeing). This is all propaganda to make people hate each other and blame each other for their problems. And to make them more likely to reject uniting narratives, government statements, and ultimately to violently riot.
Keep in mind, I’m saying this as an ex-military intel person (kind of). I spent a long time studying Influence Operations in the Army when I was assigned to S2 (Intelligence) for my battalion in the 101st Airborne. Am I an absolute expert in Influence Operations? Not really. But I’ve read many books on it, and on influence and propaganda in general, and studied it in the Army from lots of the literature I had access to there.
So I have a few questions for you, the one reading right now:
Have you noticed any of your friends feeling these feelings and/or adopting some of these viewpoints lately?
Are they on social media a lot? X in particular?
Have you noticed yourself feeling down on the US, or feeling more hateful and angry in general?
And do you consume a lot of social media?
All I’m saying is to pay attention to the narratives flying around. Pay attention to your own feelings about topics. Not just the facts you believe, but under-the-surface-level feelings you have about the state of things overall.
One of the most dangerous uses of AI to me is being able to automate this kind of stuff, and just flood the zone. And the better the tech gets the more effective and invisible the campaigns will be.
Watch for it.
👀
Sponsor
Only 57% of SOCs Have Metrics That Drive Decisions
Gartner reveals the metrics gap: most SOCs track everything but improve nothing. Their research shows how to join the 57% who drive real decisions—building KPIs for analyst performance, tool ROI, and incident closure. Transform your metrics from reporting burden to strategic asset.
Traditional Advertising is in Serious Trouble
This is an ad for a monocular made with Veo3. It’s better than most superbowl ads I’ve seen. I’ve watched dozens of these bigfoot videos. They’re completely hilarious. One question I have is how much of the humor comes from the script, the video, or the combination. Remember, my holy grail standard for AI intelligence is humor. THE AD
3.5M organic views on TikTok of Bigfoot selling a $100 gadget.
4 shots. 4 prompts.
You may not like it, but this is what the future of advertising looks like 🤣
— #PJ Ace (#@PJaccetturo)
5:30 AM • Jun 19, 2025
CYBERSECURITY
The Top Hacker on HackerOne is a Fully Automated AI Agent Called XBow
This AI bot has a higher score than any human tester. All human testers, actually. And yeah, I spoke with the founder of this company and he says it’s 100% automated. No humans involved. He didn’t seem like the lying type.
If you’re in security testing, or really anything in security, this should give you pause. My guess is that this level of autonomy is only possible privately right now, but that it’ll be super common in 6-18 months. THREAD | THE LEADERBOARD
Anthropic Says Multiple Models Resort to Blackmail to Avoid Shutdown
Really great research here, and props to them for publishing it. RELEASE THREAD
Russian Hackers Beat Gmail 2FA With App-Specific Password Social Engineering
Russian intelligence group APT29 tricked targets into generating Gmail app-specific passwords by sending fake State Department PDFs instructing victims to create app-specific passwords labeled "ms.state.gov" for "secure onboarding". THE ARTICLE | CITIZEN LAB ANALYSIS
Stargazers Trick Minecraft Players Into Installing Malware Through Fake Mods
The Stargazers Ghost Network is using 500 fake GitHub repositories to distribute malware disguised as Minecraft mods and cheats. THE ARTICLE | CHECK POINT RESEARCH REPORT
The 16 Billion Credentials Leak Is Just Another Compilation
That massive "mother of all breaches" everyone’s writing about is just a(nother) compilation of old stolen credentials from previous breaches. Tons of big outlets ran with it though 🤷🏻. THE ARTICLE
Minnesota Shooter Allegedly Used Data Brokers to Find Victim Addresses
The suspect apparently used people search websites to find his targets’ addresses, which is really easy to do.
Also, good time for a reminder that data brokers are way nastier than “the dark web”. They have way more data, way more organized, and they’re legal. THE ARTICLE | ORIGINAL SHOOTING REPORT
Sponsor
Are we using that app that was just breached?
This should be a simple question to answer, but with 90% of SaaS apps now introduced outside of IT, it’s not.
Don’t wait for the next incident to realize you don’t have the visibility you need. Find every SaaS app and account TODAY, including AI tools, free apps, shadow AWS tenants, risky OAuth grants, and more.
Secure your SaaS attack surface with Nudge Security.
Aflac Gets Hit by Scattered Spider in Ongoing Insurance Company Attack Wave
Aflac disclosed a breach that exposed customer health info and SSNs, part of Scattered Spider's current campaign hitting multiple US insurance companies. THE ARTICLE | AFLAC'S PRESS RELEASE
Apple and Google Keep Selling Chinese VPNs That Could Spy on You
The Tech Transparency Project found that both Apple and Google are still offering Chinese-owned VPN apps in their stores, including some tied to companies linked to China's military. THE ARTICLE | TTP'S INITIAL VPN REPORT | TTP'S SECOND REPORT
NATIONAL SECURITY
OpenAI Gets $200 Million Defense Contract to Build AI War Tools
The Pentagon just gave OpenAI $200 million to develop AI for national security and warfighting, their first official defense contract. THE ARTICLE | OPENAI ANDURIL PARTNERSHIP
China's Military Is Using AI for Intelligence Operations
Recorded Future found that China's People's Liberation Army has moved beyond just talking about AI for intelligence and is actually procuring and deploying generative AI tools for military intelligence work.
They're using everything from OpenAI models to domestic Chinese LLMs for tasks like processing satellite imagery and generating intelligence reports. THE REPORT | DOWNLOAD PDF
Iran's Using Hacked Security Cameras to Guide Missile Strikes on Israel
Israeli officials say Iran is exploiting internet-connected security cameras to gather real-time intelligence and adjust missile targeting. They’re urging citizens to disconnect their systems. THE ARTICLE | BLOOMBERG COVERAGE
Russia's Deadliest Kyiv Attack This Year Kills 15 as Peace Talks Stall
Russia launched its most deadly attack on Kyiv this year, killing 15 and injuring 156 people as diplomatic efforts continue to fail. This was the deadliest single attack on Ukraine's capital in 2025 so far. THE ARTICLE | OODALOOP
Former Army Sergeant Shows How Not to Be a Spy
Joseph Daniel Schmidt used Google to search "countries that don't extradite to USA" and emailed China from accounts in his own name. THE ARTICLE | DOJ PRESS RELEASE | ORIGINAL REGISTER COVERAGE
Taiwan Gets Ukraine-Tested Drone Software to Counter China
Taiwan just partnered with Auterion to get the same drone software that's been battle-tested against Russia in Ukraine, basically upgrading their defense capabilities with proven combat tech. THE ARTICLE | OODALOOP
Ex-CIA Analyst Gets 37 Months for Leaking Israel's Iran Attack Plans
Asif William Rahman photographed top secret documents about Israel's plans to attack Iran, edited them to hide their source, then shared them with unauthorized people before the documents went viral on Telegram. THE ARTICLE | DOJ PRESS RELEASE | PREVIOUS THN COVERAGE
DeepSeek Allegedly Using Shell Companies to Support Chinese Military
A State Department official claims Chinese AI company DeepSeek is using Southeast Asian shell companies to get banned Nvidia H100 chips and providing support to China's military operations. THE ARTICLE | REUTERS INVESTIGATION
US Pressures Vietnam To Remove Chinese Components From Tech Manufacturing The US is pushing Vietnam in tariff negotiations to reduce Chinese tech components in devices assembled there by Apple and Samsung before export to America. THE ARTICLE
AI
METR: A Better Metric for AI and Agents
I’m super into this METR metric for AI. It’s basically the length of task that an AI can carry out before shitting the bed. THREAD DESCRIBING THE METRIC | THE PROJECT WEBSITE
At a high level, our method is simple:
1. We ask both skilled humans and AI systems to attempt tasks in similar conditions.
2. We measure how long the humans take.
3. We then measure how AI success rates vary depending on how long the humans took to do those tasks.— #METR (#@METR_Evals)
3:39 PM • Mar 19, 2025
Andrej Karpathy Says Prompts are Software 3.0
Karpathy did a major talk last week and basically said Software 3.0 is where prompting becomes the application, and we’re already in it.
He also said we’re in the decade of agents, not the year of agents. A must-watch. THE VIDEO | HN DISCUSSION
Sam Altman Says GPT-5 Is Coming This Summer THE ARTICLE
Google Uses YouTube Videos to Train Veo 3 Without Creator Consent
Google is training its AI video generator Veo 3 on YouTube's 20 billion video library, and creators have no way to opt out. THE ARTICLE | BRODIE MOSS VIDEO EXAMPLE
Google Releases the Stable Gemini 2.5 Model Family
Google released the stable version of Gemini 2.5, which includes several new models across different sizes and capabilities. THE ARTICLE | MATTHEW'S VIDEO BREAKDOWN
Wix Bought an AI That Lets Anyone Build Software by Chatting
Wix acquired Base44, which is an application building system, like a lot of the others out there. Major deviation from the core product, but I guess they know potential when they see it. THE ARTICLE
Meta's AI Can Produce Nearly Half of Harry Potter 1
Meta's Llama 3.1 can reproduce 42% of the first Harry Potter book word-for-word, which is way more than other AI models tested. Can’t tell if this is good or bad. THE STUDY
TECHNOLOGY
Amazon's CEO Flat Out Says AI Will Cut Corporate Jobs
Jassy told employees that Amazon will need fewer people doing current jobs and more doing other types as AI gets rolled out across the company. If you don’t believe AI is going to replace jobs given this kind of feedback from CEOs, it’s time to start questioning your premises.
What reason do all these CEOs have to lie? Not all of them are selling AI like Salesforce in a way that could make you think it’s just marketing. This is kind of like ignoring terrorist rhetoric: You should believe people when they tell you bad things they plan on doing. I’m not equating the two, of course, I’m just saying we should listen when people are telling you their honest opinions and intentions. THE ARTICLE | AMAZON'S MEMO TO EMPLOYEES
Microsoft Open Sources Edit - A New Command-Line Text Editor for Windows Microsoft's new CLI text editor called Edit is now open source and will be available in Windows Insider builds soon before shipping with Windows 11. THE ARTICLE
Oakley and Meta Released New Smart Glasses Last Friday
Meta's expanding beyond Ray-Ban with Oakley glasses aimed at athletes, while Apple just moved up their smart glasses launch to 2026. I’m getting a pair of these for sure. THE ARTICLE | OAKLEY META INSTAGRAM
Gartner Says AI Will Handle Half of All Business Decisions by 2027
AI agents are about to become the new middle management, with Gartner predicting they'll automate or augment half of all business decisions within two years.
I think that’s WAY too fast. Just because it could doesn’t mean it will. The tech is not the limiter. Companies are slow to do anything, including improvement. THE ARTICLE | GARTNER PREDICTIONS REPORT
iOS 26 Opens Up AirDrop and AirPlay Tech to Third-Party Apps
Apple's adding Wi-Fi Aware to iOS 26, which basically lets other apps build their own versions of AirDrop and AirPlay for file sharing and streaming. They're also making hotel and airport Wi-Fi login way less annoying by syncing that info across all your devices. THE ARTICLE | IOS 26 DEVELOPER BETA GUIDE
iOS 26 Finally Lets You Set Custom Ringtones the Easy Way
Apple's finally letting you turn audio files into ringtones directly from the Files app, no more messing around with GarageBand. 🙏🏻 THE ARTICLE
HUMANS
🔭 Astronomers Found All The Missing Matter In The Universe
Scientists appear to have found all the dark matter they were looking for. The short version is that it’s sitting in hot gas clouds between galaxies (fog), but was too thin to be visible. The only reason we knew it was there is because of its gravitational effects added up across the universe.
"The FRBs shine through the fog of the intergalactic medium, and by precisely measuring how the light slows down, we can weigh that fog, even when it's too faint to see." - Liam Connor, Harvard
I guess it was just an instrument issue. Like it wasn’t even a new type of matter. It’s just regular stuff. Anyway, pretty much guaranteed to win the Nobel in physics, or whatever the right field is. THE ARTICLE | THE NATURE ASTRONOMY STUDY
🔭 Rubin Observatory Takes Its First Images and They're Absolutely Stunning
The Vera C. Rubin Observatory just released its first images and they're absolutely incredible! Plus it found over 2,000 new asteroids in just a few hours of being on.
Rubin looking at the Virgo cluster
The telescope uses a completely different design with multiple mirrors and an insanely sensitive camera. I’m going to be updating my galaxy image for the house with one from Rubin!
Also kind of ironic that this thing goes live the day the story breaks about finding all the dark matter, when studying dark matter was a big mission for Rubin. THE ARTICLE WITH MORE IMAGES | THEIR VIDEO ON THE PROJECT | THEIR X ACCOUNT | HOW THEY COLLECT SO MUCH LIGHT | RUBIN'S GRAND PROMISE | RUBIN'S DARK MATTER MISSION
MIT Found That ChatGPT Use Leads to Measurable Cognitive Decline
MIT researchers used EEG monitoring to track brain activity in essay writers and found ChatGPT users showed the lowest brain engagement and consistently underperformed compared to Google searchers or brain-only writers.
The study tracked actual brain activity using EEG technology, making this harder evidence than typical behavioral studies. But the sample size was only like 50 people. THE ARTICLE | THE STUDY
Men Rate 61% of Women as Attractive: Women Rate Only 4.5% of Men as Attractive
A massive study analyzing 1.2 million dating app ratings found men rate women as attractive 13 times more often than women rate men, creating what researchers call "the attractiveness gap." THE PAPER | HN DISCUSSION
What Gets Measured, AI Will Automate
Current AI models are already disrupting jobs across creative and analytical fields, following a simple rule: if you can measure it, AI can learn to automate it. AI is already automating 43% of user interactions according to Anthropic's data, not just assisting but directly performing tasks. THE ARTICLE
Microsoft Data Shows the Infinite Workday Has Become the Norm
Microsoft analyzed trillions of data points and found that work now stretches endlessly, with employees getting interrupted every two minutes during business hours. THE ARTICLE | MICROSOFT'S WORK TREND INDEX
The 2024 Baby Name Data Shows We're In Peak Name Variation
The 2024 baby name data reveals extreme spelling is exploding (10 of the top 20 rising boys names have X or Z), classic names are dying (more girls named Calliope than Ann, Joan and Susan combined), and no individual name dominates like they used to. THE ARTICLE | WATTENBERG'S ANALYSIS | COHEN'S DATA DIVE
Finland Just Fired Up the World's Largest Sand Battery
Finland just turned on a massive sand battery that stores renewable energy as heat in 1,000 tons of sand, and the economics actually work. Sand batteries can store energy for months without significant loss. THE ARTICLE | HN DISCUSSION
Private Equity Has Quietly Taken Over and Destroyed Much of America
Megan Greenwell's new book argues that private equity firms have systematically bought up entire industries and optimized them into bankruptcy, wrecking healthcare, retail, and more. THE ARTICLE | MEGAN'S WIRED PROFILE
New COVID Variant NB.1.8.1 Rapidly Spreading in the US
A new COVID variant called NB.1.8.1 jumped from 15% to 37% of US cases in just two weeks, and experts are worried about a potential summer surge. THE ARTICLE | WHO VARIANT DESIGNATION | CDC VARIANT TRACKING DATA
DISCOVERY
Heartwarming AI (evidently it exists)
A teacher shows her students AI images of them as adults, as their desired profession. So great. VIDEO
Good Workers Are Often Bad at Interviews
Traditional interviews don't predict job performance well, and many great employees would fail the interview process for the company and position they currently work in. THE ARTICLE | LOBSTERS DISCUSSION
Hormozi’s Highest ROI Spends THREAD
A Different View on China: They’re Actually Doing Great
This is a much better analysis on China than from Zeihan, from what I can tell. He just seems more knowledgable and balanced. And notice that Dwarkesh never had Zeihan on the show, which I think is because when he asked around everyone told him Zeihan is more of an influencer than an actual China expert. VIDEO
The AI Subsidy Is About to End
Sam Proulx argues that cheap AI tools have been subsidizing our lifestyle, but as these companies need to turn profitable, the prices will rise and the scene will die down. THE ARTICLE | HN DISCUSSION
Claude Code Feels Like Magic Because It Actually Understands Context
Another pro Claude argument. This one says Claude’s coding abilities feel magical because it maintains context across entire codebases and can reason about complex relationships between different parts of your project. THE ARTICLE | HN DISCUSSION
Caido Plugin Colors Similar Requests To Make Web Security Testing Way Easier
xssdoctor built this Caido plugin that automatically color-codes similar HTTP requests so you can visually organize your security testing workflow. THE PROJECT
CFOs Move AI From Science Experiment to Strategic Line Item THE ARTICLE
Ts-SSH Lets You SSH Over Tailscale Without Running the Daemon
A tool that gives you SSH access through Tailscale's network without needing the full Tailscale daemon running on your machine. THE PROJECT
There’s a New COVID Variant Spreading Fast THE ARTICLE
The Only Moat is Authenticity VIDEO
Police Are Casually Sharing Surveillance Tools
Local Oregon police departments and ICE are swapping surveillance techniques through casual email threads, including fake social media profiles and cross-department spying favors. THE ARTICLE | 404 MEDIA INVESTIGATION | SCHNEIER'S BLOG
My Overpowered AI Research Stack - NotebookLM, Deep Research, Grok, Gemini, o3-Pro, OpenAI THE ARTICLE
Two Horses Talking About How Cars Haven’t Replaced Them (I made the comic) COMIC
Disabling Starlink Mini's Built-In WiFi Router Mode
Oleg Kutkov figured out how to bypass the Starlink Mini's built-in WiFi router so you can use it with your own router instead. THE ARTICLE | HN DISCUSSION
A Framework for Skill Learning THE HN POST
Developer Switches from Docker to KVM for Better Scaling THE REDDIT POST | SYMPHON PRODUCT
Giving an LLM Command Line Access to Nmap THE ARTICLE
The Raspberry Pi 5 Actually Outperforms a 1990s Cray Supercomputer
A Raspberry Pi 5 beats the Cray Y-MP from 1990 in almost every benchmark, showing how far consumer computing has advanced in just 35 years. THE ARTICLE | HN DISCUSSION
We Should Stop Overthinking Performance and Just Measure Things THE ARTICLE
Baking With a Cow VIDEO
APHORISM OF THE WEEK
Don’t do things that you know are morally wrong. Not because someone is watching, but because you are. Self-esteem is just the reputation that you have with yourself.
GET THE MEMBER EDITION
You’re currently receiving the STANDARD edition. Members get additional content sections, including IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
In addition, you’ll get access to the extraordinary UL Member Community, which includes vibrant conversations with over 1,400 of the smartest and kindest people you’ll find on the internet, the Member Archive, UL Book Club, a monthly member meet-up, access to in-person events, and much more.