Hacker News: bearsyankees

Hacker News: bearsyankeeshttps://news.ycombinator.com/user?id=bearsyankeesHacker News RSShttps://hnrss.org/hnrss v2.1.1Fri, 01 May 2026 23:57:53 +0000<![CDATA[New comment by bearsyankees in "Ask HN: Who is hiring? (May 2026)"]]>Strix (strix.ai, https://github.com/usestrix/strix)| Founding Engineer | NYC/SF

We built the largest open-source AI pentesting framework — 25k GitHub stars, 80k active users, 15B LLM tokens processed daily, 1,800 pentests run per day. Two of us right now. You'd be the third.

Looking for a founding-engineer engineer who's done 0→1 before and wants to own the architecture of something already at scale. You'll touch everything — infra, product, research tooling. Python/TypeScript stack, AI-native workflows, real security problems.

Email hiring@usestrix.com — tell us something you've built and why it was hard.

]]>Fri, 01 May 2026 16:56:05 +0000https://news.ycombinator.com/item?id=47977083bearsyankeeshttps://news.ycombinator.com/item?id=47977083https://news.ycombinator.com/item?id=47977083<![CDATA[Context.ai seemingly cause of Vercel breach]]>Article URL: https://twitter.com/jaimeblascob/status/2045960143209152981

Comments URL: https://news.ycombinator.com/item?id=47827611

Points: 3

# Comments: 0

]]>Sun, 19 Apr 2026 21:01:37 +0000https://twitter.com/jaimeblascob/status/2045960143209152981bearsyankeeshttps://news.ycombinator.com/item?id=47827611https://news.ycombinator.com/item?id=47827611<![CDATA[New comment by bearsyankees in "Open Source Isn't Dead. Cal.com Just Learned the Wrong Lesson"]]>https://x.com/steipete/status/2044423791405924562 very soon it seems...

]]>Wed, 15 Apr 2026 16:26:41 +0000https://news.ycombinator.com/item?id=47781387bearsyankeeshttps://news.ycombinator.com/item?id=47781387https://news.ycombinator.com/item?id=47781387<![CDATA[New comment by bearsyankees in "Open Source Isn't Dead"]]>I don't know if I fully agree with this -- how many people were actually self-hosting cal infra? I def could be wrong though

]]>Wed, 15 Apr 2026 16:25:10 +0000https://news.ycombinator.com/item?id=47781367bearsyankeeshttps://news.ycombinator.com/item?id=47781367https://news.ycombinator.com/item?id=47781367<![CDATA[New comment by bearsyankees in "Open Source Isn't Dead. Cal.com Just Learned the Wrong Lesson"]]>+1, at this point all companies need to be continuously testing their whole stack. The dumb scanners are now a thing of the past, the second your site goes live it will get slammed by the latest AI hackers

]]>Wed, 15 Apr 2026 16:24:28 +0000https://news.ycombinator.com/item?id=47781347bearsyankeeshttps://news.ycombinator.com/item?id=47781347https://news.ycombinator.com/item?id=47781347<![CDATA[New comment by bearsyankees in "Cal.com is going closed source"]]>Think this is a bad, bad move...

https://news.ycombinator.com/item?id=47780712

]]>Wed, 15 Apr 2026 15:50:29 +0000https://news.ycombinator.com/item?id=47780837bearsyankeeshttps://news.ycombinator.com/item?id=47780837https://news.ycombinator.com/item?id=47780837<![CDATA[Open Source Isn't Dead]]>Article URL: https://www.strix.ai/blog/cal-com-is-closing-its-code-due-to-ai-threats

Comments URL: https://news.ycombinator.com/item?id=47780712

Points: 356

# Comments: 186

]]>Wed, 15 Apr 2026 15:43:37 +0000https://www.strix.ai/blog/cal-com-is-closing-its-code-due-to-ai-threatsbearsyankeeshttps://news.ycombinator.com/item?id=47780712https://news.ycombinator.com/item?id=47780712<![CDATA[Show HN: Greptile for Security (open source)]]>Article URL: https://www.strix.ai/blog/pentesting-every-pull-request

Comments URL: https://news.ycombinator.com/item?id=47771386

Points: 2

# Comments: 0

]]>Tue, 14 Apr 2026 20:54:36 +0000https://www.strix.ai/blog/pentesting-every-pull-requestbearsyankeeshttps://news.ycombinator.com/item?id=47771386https://news.ycombinator.com/item?id=47771386<![CDATA[We love open source: finding a critical auth bypass in etcd (CVE-2026-33413)]]>Article URL: https://www.strix.ai/blog/where-others-missed-it-etcd-auth-bypass

Comments URL: https://news.ycombinator.com/item?id=47755711

Points: 4

# Comments: 0

]]>Mon, 13 Apr 2026 18:01:00 +0000https://www.strix.ai/blog/where-others-missed-it-etcd-auth-bypassbearsyankeeshttps://news.ycombinator.com/item?id=47755711https://news.ycombinator.com/item?id=47755711<![CDATA[What Now (and What's Next)]]>Article URL: https://www.strix.ai/blog/your-first-visitors-arent-users-theyre-bots

Comments URL: https://news.ycombinator.com/item?id=47754754

Points: 11

# Comments: 0

]]>Mon, 13 Apr 2026 16:48:39 +0000https://www.strix.ai/blog/your-first-visitors-arent-users-theyre-botsbearsyankeeshttps://news.ycombinator.com/item?id=47754754https://news.ycombinator.com/item?id=47754754<![CDATA[Yale senior hacks United, gets 2.6M miles]]>Article URL: https://yaledailynews.com/articles/hacking-helpfully-yale-senior-co-founds-a-startup-and-wins-rewards

Comments URL: https://news.ycombinator.com/item?id=47662379

Points: 5

# Comments: 0

]]>Mon, 06 Apr 2026 15:42:46 +0000https://yaledailynews.com/articles/hacking-helpfully-yale-senior-co-founds-a-startup-and-wins-rewardsbearsyankeeshttps://news.ycombinator.com/item?id=47662379https://news.ycombinator.com/item?id=47662379<![CDATA[CVE-2026-33413 found in ETCD by open source AI agent (strix.ai), 8.8 CVSS]]>Article URL: https://www.wiz.io/vulnerability-database/cve/cve-2026-33413

Comments URL: https://news.ycombinator.com/item?id=47504424

Points: 1

# Comments: 0

]]>Tue, 24 Mar 2026 15:47:35 +0000https://www.wiz.io/vulnerability-database/cve/cve-2026-33413bearsyankeeshttps://news.ycombinator.com/item?id=47504424https://news.ycombinator.com/item?id=47504424<![CDATA[Caido partners with Strix for the best of both worlds in AI penstesting]]>Article URL: https://www.strix.ai/blog/partnering-with-caido

Comments URL: https://news.ycombinator.com/item?id=47415431

Points: 3

# Comments: 1

]]>Tue, 17 Mar 2026 17:06:23 +0000https://www.strix.ai/blog/partnering-with-caidobearsyankeeshttps://news.ycombinator.com/item?id=47415431https://news.ycombinator.com/item?id=47415431<![CDATA[First Impressions on Open-Source Claude Security (Strix)]]>Article URL: https://theartificialq.github.io/2026/02/28/strix-first-impressions.html

Comments URL: https://news.ycombinator.com/item?id=47234248

Points: 8

# Comments: 1

]]>Tue, 03 Mar 2026 15:54:47 +0000https://theartificialq.github.io/2026/02/28/strix-first-impressions.htmlbearsyankeeshttps://news.ycombinator.com/item?id=47234248https://news.ycombinator.com/item?id=47234248<![CDATA[Strix Is an Open-Source Claude Code Security]]>Article URL: https://www.strix.ai/

Comments URL: https://news.ycombinator.com/item?id=47125130

Points: 5

# Comments: 0

]]>Mon, 23 Feb 2026 17:05:54 +0000https://www.strix.ai/bearsyankeeshttps://news.ycombinator.com/item?id=47125130https://news.ycombinator.com/item?id=47125130<![CDATA[Finding a Cross-Tenant Vulnerability in GCP's Apigee]]>Article URL: https://omeramiad.com/posts/gatewaytoheaven-gcp-cross-tenant-vulnerability/

Comments URL: https://news.ycombinator.com/item?id=46888423

Points: 1

# Comments: 0

]]>Wed, 04 Feb 2026 17:08:12 +0000https://omeramiad.com/posts/gatewaytoheaven-gcp-cross-tenant-vulnerability/bearsyankeeshttps://news.ycombinator.com/item?id=46888423https://news.ycombinator.com/item?id=46888423<![CDATA[Reverse Engineering US Airline's PNR System and Accessing All Reservations]]>Article URL: https://alexschapiro.com/security/vulnerability/2025/11/20/avelo-airline-reservation-api-vulnerability

Comments URL: https://news.ycombinator.com/item?id=46328992

Points: 134

# Comments: 63

]]>Fri, 19 Dec 2025 18:15:17 +0000https://alexschapiro.com/security/vulnerability/2025/11/20/avelo-airline-reservation-api-vulnerabilitybearsyankeeshttps://news.ycombinator.com/item?id=46328992https://news.ycombinator.com/item?id=46328992<![CDATA[Reverse engineering a $1B Legal AI tool exposed 100k+ confidential files]]>Article URL: https://alexschapiro.com/security/vulnerability/2025/12/02/filevine-api-100k

Comments URL: https://news.ycombinator.com/item?id=46137514

Points: 821

# Comments: 288

]]>Wed, 03 Dec 2025 17:44:33 +0000https://alexschapiro.com/security/vulnerability/2025/12/02/filevine-api-100kbearsyankeeshttps://news.ycombinator.com/item?id=46137514https://news.ycombinator.com/item?id=46137514<![CDATA[Pwning OpenAI Atlas Through Exposed Browser Internals]]>Article URL: https://www.hacktron.ai/blog/hacking-openai-atlas-browser

Comments URL: https://news.ycombinator.com/item?id=46124637

Points: 2

# Comments: 1

]]>Tue, 02 Dec 2025 18:31:57 +0000https://www.hacktron.ai/blog/hacking-openai-atlas-browserbearsyankeeshttps://news.ycombinator.com/item?id=46124637https://news.ycombinator.com/item?id=46124637<![CDATA[Low PNR Entropy: I accessed all airline bookings via simple math]]>Article URL: https://alexschapiro.com/blog/security/vulnerability/2025/11/20/avelo-airline-reservation-api-vulnerability

Comments URL: https://news.ycombinator.com/item?id=46109876

Points: 4

# Comments: 1

]]>Mon, 01 Dec 2025 17:06:51 +0000https://alexschapiro.com/blog/security/vulnerability/2025/11/20/avelo-airline-reservation-api-vulnerabilitybearsyankeeshttps://news.ycombinator.com/item?id=46109876https://news.ycombinator.com/item?id=46109876