Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
username223
2 days ago
|
parent
|
context
|
favorite
| on:
We pwned X, Vercel, Cursor, and Discord through a ...
It's wild how often we rediscover that executing untrusted code leads to decades of whack-a-mole security. Excel/Word plus macros, HTML plus JavaScript, SVG plus JavaScript, ...
eastbound
2 days ago
[–]
It’s wild how often specs are ok for 9 versions, and then at version 10, standard bodies decide to transform them into a trojan firehose.
It’s so regular like clockwork that it has to be a nation state doing this to us.
reply
moss_dog
2 days ago
|
parent
[–]
Any notable examples you can share?
reply
kevin_thibedeau
2 days ago
|
root
|
parent
[–]
PDF was purposely a non-Turing adaptation of PostScript. Then they added JavaScript support.
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
