Top Stories

Show HN: A Frontpage for Personal Blogs

674 points · blogosphere.app

A Show HN project that resonated deeply with the community — a curated frontpage that surfaces posts from independent, personal blogs. Think of it as an HN-style aggregator but exclusively for individual writers rather than publications or companies. The creator manually reviews and approves blog submissions, keeping quality high. With 674 points, this clearly struck a nerve: the HN crowd has long lamented the decline of the independent blogosphere and the consolidation of writing onto platforms like Medium and Substack. This is a love letter to the open web.

Artemis II Crew Capture “Spectacular” Image of Earth

545 points · bbc.com

The Artemis II crew — currently on humanity’s first crewed lunar mission since Apollo 17 — sent back a stunning photograph of Earth that’s generating massive public excitement. The image evokes the famous “Blue Marble” and “Earthrise” photos that defined earlier eras of space exploration. The HN discussion combines genuine awe with technical deep-dives into the camera equipment and orbital mechanics involved. A feel-good moment in an otherwise turbulent news cycle.

Oracle Files Thousands of H-1B Visa Petitions Amid Mass Layoffs

417 points · nationaltoday.com

Oracle laid off roughly 30,000 employees globally on April 2, while simultaneously having filed over 3,100 H-1B visa petitions in fiscal years 2025–2026 (436 this year alone). The optics are terrible: the company is cutting domestic workers en masse while continuing to petition for foreign labor, framing it as part of an AI and cloud infrastructure restructuring. The HN discussion is heated, touching on labor economics, the H-1B program’s structural issues, and the human cost for visa holders whose immigration status is tied to their employer.

iNaturalist

349 points · inaturalist.org

iNaturalist, the citizen science platform for identifying and cataloging biodiversity, hit the HN front page and sparked a surprisingly passionate discussion. The app lets anyone photograph a plant, insect, or animal and get an AI-powered species identification, contributing observations to a massive global dataset used by real researchers. With 349 points, the community clearly appreciates the intersection of AI, open data, and environmental science. Many commenters shared stories of how the app transformed casual walks into genuine learning experiences.

Anthropic Blocks Claude Code Subscriptions from Using OpenClaw

339 points · news.ycombinator.com

A Tell HN post revealing that Anthropic is no longer allowing Claude Code subscriptions to interface with OpenClaw, the popular open-source device pairing and orchestration tool. This comes on the heels of a serious privilege escalation vulnerability (CVE-2026-33579) discovered in OpenClaw, where any user with pairing access could silently gain full admin control. The timing suggests a security-motivated decision, though the community is debating whether it’s an overreaction or a prudent move given that 63% of public OpenClaw instances run without authentication.

OpenClaw Privilege Escalation Vulnerability (CVE-2026-33579)

264 points · nvd.nist.gov

A critical vulnerability in OpenClaw before version 2026.3.28 allows anyone with pairing access to escalate to full admin privileges. The bug is in the /pair approve command path, which fails to validate the caller’s security scopes during authorization. Rated CVSS 8.6 HIGH, this is especially dangerous because a majority of publicly exposed OpenClaw instances run without authentication. The fix is straightforward — upgrade to 2026.3.28 — but the incident highlights how quickly open-source infrastructure tools can become attack surfaces when deployed without basic security hygiene.

EFF: FAA Drone Restriction Is an Attempt to Criminalize Filming ICE

236 points · eff.org

The Electronic Frontier Foundation published a sharp critique of an FAA temporary flight restriction that bans drones within 3,000 feet of DHS vehicles, buildings, and convoys — effectively creating invisible, moving no-fly zones wherever ICE operates. Unlike traditional TFRs, this one provides no geographic coordinates or public notification. The EFF argues it’s a First Amendment violation designed to shield federal agents from accountability. A photojournalist and the Reporters Committee for Freedom of the Press have filed a lawsuit challenging the restriction.

Mintlify Replaces RAG with a Virtual Filesystem for AI Docs

234 points · mintlify.com

Mintlify published a detailed technical post about replacing traditional RAG (retrieval-augmented generation) with ChromaFs, a virtual filesystem that maps UNIX commands to vector database queries. Instead of retrieving text chunks that match a query, their AI assistant now explores documentation the way a developer explores a codebase — searching for exact strings, reading full pages, and traversing directory structures. The results are impressive: session creation dropped from 46 seconds to 100 milliseconds, and the system now handles 30,000+ daily conversations. A thoughtful rethink of how AI agents should interact with knowledge bases.

Post-Mortem: Axios NPM Supply Chain Compromise

201 points · github.com

The community is still processing the axios supply chain attack from late March, where a compromised maintainer account pushed backdoored versions (1.14.1 and 0.30.4) of one of npm’s most-downloaded packages (~100 million weekly downloads). The malicious versions installed a cross-platform Remote Access Trojan via a hidden dependency called plain-crypto-js. Multiple security firms have attributed the attack to North Korean state actors. The malicious packages were live for only 2–3 hours, but the blast radius for a package this popular is enormous. Anyone who installed those versions should rotate credentials immediately.