The hottest Security Substack posts right now

And their main takeaways
Category
Top U.S. Politics Topics

Burning the Haystack

Phoenix Substack 28 implied HN points 26 Jan 26
🕹 Technology Security
  1. Orchestration is the real security — treating the AI stack as a single system with explicit startup ordering and topology awareness prevents fragile, exposed deployments. Tools that give Kubernetes a brain (like Grove) let you define architectural intent so the system behaves safely by design.
  2. Continuous rotation and ephemerality stop attackers from persisting — automatically refreshing containers, nodes, and resources prevents intruders from gaining a foothold. Baking moving-target defenses into the pod lifecycle makes security preemptive instead of reactive.
  3. DevOps-driven orchestration beats static security teams — teams that control the orchestrator can kill and respawn infrastructure faster than traditional patch-and-report workflows, rendering many vulnerabilities irrelevant. Security becomes an operational side effect when rotation and orchestration are part of normal scaling and deployment.

Rapid Fire: What We Looked at this Week

DeFi Education 619 implied HN points 03 Dec 23
🔮 Crypto Security
  1. Crypto is really active right now, and it's important to stay updated to make good choices. Keeping informed helps you navigate through the chaos.
  2. There are archives available where you can learn the basics of crypto. It's useful to check them out if you're new or want to refresh your knowledge.
  3. If there are specific topics you want to know more about, you can leave comments to ask for more information. Engaging with the community can help everyone learn better.

Europe in the Element of Crisis

World Game 6 implied HN points 18 Feb 26
🌍 World Politics Security
  1. The EU is an unfinished political project that lives in a constant state of crisis, and many see upheavals as the engine that pushes European integration forward.
  2. The debate now centers on prognosis rather than principle: many critics have become euro-pessimists who doubt the EU's resilience and trust nation states more in emergencies, while supporters treat crises as necessary tests and opportunities for deeper unity.
  3. The 2022 invasion of Ukraine exposed Europe’s key vulnerabilities—overreliance on NATO/US for security and dependence on Russian energy—and has forced Europe to improvise, build strategic independence, and prepare to act more on its own.

#48 - The AI Agentic Traffic Jam Meets A Fun Knowledge Graph

OSS.fund Newsletter 18 implied HN points 12 Feb 26
🕹 Technology Security
  1. Agent sprawl is a real governance risk because most organizations can’t reliably list which AI assistants are live or what data and actions they can access.
  2. You need to know for each assistant what it can read, change, and trigger, who owns it, and whether actions are logged so you can make governance decisions.
  3. Modeling assistants, connectors, systems and policies as relationships (e.g., in a knowledge graph) lets you ingest partial truths, answer risk queries quickly, and apply controls like per-user SSO, logging, and human approval gates on a repeatable basis.

Integrating Microsoft Sentinel with GitHub

Rod’s Blog 456 implied HN points 18 Jan 24
🕹 Technology Security
  1. Microsoft Sentinel is a cloud-native security service that uses AI to analyze and detect threats.
  2. GitHub is a platform for software development using Git; integrating it with Sentinel helps monitor repositories and user activities.
  3. Two ways to integrate Sentinel with GitHub are using webhooks for real-time events and audit logs to track user actions.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

America First?

John’s Substack 12 implied HN points 17 Feb 26
🌍 World Politics Security
  1. Negotiations to end the wars in Ukraine and Iran are mostly performative because the parties’ goals are far apart and meaningful compromise looks unlikely.
  2. The US is relying on inexperienced, partisan private figures rather than seasoned diplomats to run major foreign-policy talks, a sharp contrast with how other great powers handle diplomacy.
  3. Israel and its lobby are exerting strong pressure for US action against Iran despite Iran not posing a clear threat and broad international opposition, highlighting serious ineptitude in US policymaking.

Import AI 360: Guessing emotions; drone targeting dataset; frameworks for AI alignment

Import AI 379 implied HN points 12 Feb 24
🕹 Technology Security
  1. Teaching AI to understand complex human emotions like joy, surprise, and anger can help in applications like surveillance and advertising.
  2. AI systems, like other software, are vulnerable to attacks, as shown by a demonstration breaking MoE models with a buffer overflow attack.
  3. Frameworks are being developed to ensure AI systems align with diverse human values, considering various perspectives and how to measure alignment.
  4. The development of AI systems is advancing in areas like emotion recognition, system security, and value alignment.
  5. Researchers are pushing the boundaries of AI capabilities, from emotion recognition to security to ethical alignment.
  6. Current AI trends indicate growth in researching human emotions, security vulnerabilities, and ethical considerations.

XZ Backdoor: Times, damned times, and scams

Rhea's Substack 254 HN points 30 Mar 24
🕹 Technology Security
  1. The recent discovery of a backdoor in the xz/liblzma tarball raises concerns about trust in the free software ecosystem.
  2. Analyzing the time patterns of code commits can reveal valuable insights about a developer's work habits and potential attempts at deception.
  3. Changing time zones to manipulate commit timestamps can be a deceptive tactic in software development, but inconsistencies can ultimately reveal the truth.

AI Roundup 148: GPT-5.2

Artificial Ignorance 79 implied HN points 12 Dec 25
🕹 Technology Security
  1. OpenAI released GPT-5.2 (Instant, Thinking, Pro), which significantly improves performance on professional workflows like spreadsheets, coding, and multi-step projects while reducing hallucinations to make agents more enterprise-ready.
  2. The U.S. federal government is centralizing AI policy by threatening to override state rules and by allowing controlled chip exports to China for a revenue share, mixing regulatory power, national security concerns, and commercial incentives.
  3. Hollywood is adapting to generative AI: Disney struck a $1 billion deal letting users create short character videos under strict guardrails. This shows legacy studios will both license and tightly control AI-generated content while pursuing legal action over unauthorized model training.

Under the microscope: Small Soldiers (PlayStation)

Rings of Saturn 14 implied HN points 11 Feb 26
🕹 Technology Security
  1. The game packs eight button presses into a 32‑bit value (X=0, Square=1, Circle=2, Triangle=3) and extracts fields for starting level, difficulty, three ammo bits, and a checksum; the password is valid if the checksum equals the sum of the other fields and the values are within allowed ranges.
  2. Because the checksum is just the sum of level + difficulty + ammo, you can generate every valid level password programmatically; the three ammo bits map to the Rebound, Star Bolt, and Big Blast weapons, so a small script produces a complete set of passwords beyond the common Normal‑difficulty lists.
  3. There are static special passwords that trigger cheats (movie, invulnerability, all weapons) and two undocumented codes — one plays the staff credits, and the other, if entered twice, opens a cheat screen to pick starting level and toggle invulnerability/weapons; the full generation script is on GitHub.

Vẫn còn sống

Thái | Hacker | Kỹ sư tin tặc 1258 implied HN points 23 Feb 23
🕹 Technology Security
  1. The author is still working at Google and might even prefer being fired.
  2. There will be a major change coming up soon, leading to a pause in writing.
  3. The author is looking for individuals to join their team for various roles in tech and security, offering remote work options.

Pager Explosions

Vigilainte Newsletter 5 HN points 18 Sep 24
🕹 Technology Security
  1. The recent explosions of Hezbollah pagers might be due to a cyberattack, which raises concerns about security. Experts believe these devices could have been compromised before they were even delivered.
  2. There are two main theories: either explosives were included in the pagers or they were hacked to cause overheating. The second option is tricky because hacking multiple devices is quite difficult.
  3. This incident highlights a bigger issue: all communication devices can have weaknesses. It's really important to use good security measures and encryption to keep sensitive information safe.

Bluesky and SMM panels

Conspirador Norteño 28 implied HN points 25 Jan 26
🕹 Technology Security
  1. SMM panels are increasingly advertising on Bluesky, selling fake followers, likes, reposts, and other engagement that violate platform rules.
  2. Many promo accounts follow and repost each other and several promote the same websites. The panels often offer nearly identical APIs, letting customers automate purchases and replace banned accounts.
  3. Large batches of dormant accounts were created in short bursts with duplicate bios and default images, suggesting they were mass-produced to be reactivated later for astroturfing or spam.

Bitcoin DeFi (Part 2) - Rootstock and Babylon Chain

DeFi Education 359 implied HN points 07 Feb 24
🔮 Crypto Security
  1. Rootstock and Babylon Chain are important platforms in Bitcoin's decentralized finance (DeFi) space. They enhance usability and security for users dealing with Bitcoin.
  2. Layer 2 chains like Rootstock inherit security from the main Bitcoin network. This allows them to operate safely while expanding the functions available on Bitcoin.
  3. Understanding the potential of these DeFi platforms can help users make smarter investment choices. It's crucial for anyone interested in Bitcoin and DeFi to stay informed about these developments.

Accessing Microsoft Security Copilot Promptbooks

Rod’s Blog 436 implied HN points 08 Jan 24
🕹 Technology Security
  1. A promptbook in Microsoft Security Copilot is a set of prompts for specific security tasks, each needing specific inputs.
  2. Promptbooks like incident investigation can help create executive reports, while threat actor profile provides quick summaries about specific actors.
  3. To start using promptbooks in Security Copilot, go to the home screen, enter a "*" in the prompt bar, select a promptbook, fill required parameters, and run.

Responsible AI in Security

Rod’s Blog 396 implied HN points 19 Jan 24
🕹 Technology Security
  1. AI in security offers enhanced threat detection and response capabilities by analyzing data and providing insights.
  2. Responsible AI in security involves principles like transparency, safety, human control, and privacy to ensure ethical use.
  3. Security professionals can leverage responsible AI to improve performance while safeguarding data, privacy, and safety.

TLP Week in Review, 2/4-2/10

The Liberal Patriot 334 implied HN points 10 Feb 24
🇺🇸 U.S. Politics Security
  1. The post discusses the impact of Trump's actions on US national interests and the dangerous world he may have already created.
  2. There is a strong criticism of Republicans for favoring Russia over Ukraine, and the consequences outlined could be catastrophic.
  3. The report highlights Russia's crimes in Mariupol, Ukraine, and raises questions about accountability in the midst of devastation.

Batch Transactions for EOAs

The Variable 393 implied HN points 17 Jan 24
🕹 Technology Security
  1. Batch transactions for EOAs can make daily interactions faster, safer, and cheaper.
  2. Batch transactions fix security issues like stale approval attacks in Ethereum transactions.
  3. Batch transactions reduce state growth and remove the need for trusted intermediaries in EOA transactions.

Strategic Blindness

The Cosmopolitan Globalist 21 implied HN points 25 Jan 26
🌍 World Politics Security
  1. Intelligence often exists but leaders fail to act because they expect certainty, stick to predecided plans, and worry more about political optics than reality.
  2. Institutions that rely on outdated models—the 'Maginot mindset'—become brittle and can’t adapt to new forms of attack or surprise, so material strength alone is not enough.
  3. Weakening alliances, the dollar’s long-term status, and sustained gray‑zone pressure show that hard power used transactionally backfires; democracies need to shift from top‑down control to enabling distributed, adaptive responses.

What Venezuela Means

KERFUFFLE 35 implied HN points 04 Jan 26
🌍 World Politics Security
  1. International rules that limit war and protect state sovereignty are fragile but crucial; giving them up risks more violence and lawlessness.
  2. Those who cheer the end of a rules-based order underestimate how quickly that leads to a darker world where the strong oppress the weak.
  3. The recent military attack on Venezuela is a warning sign that this shift is happening, and people in safer countries shouldn't assume they're insulated.

The Securicode Edition

Why is this interesting? 422 implied HN points 05 Jun 25
🕹 Technology Security
  1. The Securicode keypad is a practical feature on vehicles that allows users to unlock doors without needing a key. It's been around since 1980 and remains popular because it's easy to use and very useful.
  2. Securicode introduces tiered access for vehicles, meaning you can allow someone to access your truck without giving them the ability to drive it. This is great for job sites where you might want to share tools without losing control of the vehicle.
  3. The long-lasting success of Securicode shows that simple solutions can be effective. More complex systems might be fancier, but they often require more resources, making Securicode a smart choice in automotive design.

Last week at The Lunduke Journal (Oct 20 - Nov 2, 2024)

The Lunduke Journal of Technology 1148 implied HN points 03 Nov 24
🕹 Technology Security
  1. There has been a lot of news recently about Linux and its relationship with Russia, especially regarding programming bans. This issue seems to be getting more complicated in the coming weeks.
  2. The Internet Archive is in the spotlight with some strange developments that are capturing attention. It's raising questions about how information is preserved online.
  3. RISC OS has made progress by adding modern features like WiFi and a web browser. It's nice to see tech advancements, even amid all the chaos in the software world.

What Could Possibly Go Wrong with Sam Altman’s New Ambitions?

Marcus on AI 2489 implied HN points 09 Feb 24
🕹 Technology Security
  1. Sam Altman's new ambitions involve projects with significant financial and technological implications, such as automating tasks by taking over user devices and seeking trillions of dollars to reshape the business of chips and AI.
  2. There are concerns about the potential consequences and risks of these ambitious projects, including security vulnerabilities, potential misuse of control over user devices, and the massive financial implications.
  3. The field of AI may not be mature enough to handle the challenges presented by these ambitious projects, and there are doubts about the feasibility, safety, and ethical implications of executing these plans.

Block’s 40% purge, Karpathy’s agent lab & the vibe coding retention crisis

HackerPulse Dispatch 2 implied HN points 13 Mar 26
🕹 Technology Security
  1. Mass layoffs sold as “AI replacements” often look like plain cost-cutting, and the promised savings are mostly theoretical once you include compute, verification, and the work to redesign processes.
  2. Autonomous research agents can run hundreds of experiments overnight and find real, transferable improvements, shifting researchers’ jobs from running experiments to designing objectives, constraints, and evaluation.
  3. AI-driven ‘vibe coding’ makes quick prototypes but breaks in production—edge cases, security, integrations, and rising costs push users away, so experienced engineers are still needed to build reliable products.

How the reconciliation bill would change America

Can We Still Govern? 357 implied HN points 30 Jun 25
🇺🇸 U.S. Politics Security
  1. The recent reconciliation bill favors the rich while harming the poor, making it harder for those in need to access benefits like healthcare and food support.
  2. It significantly increases funding for the security state, leading to more aggressive enforcement actions and potentially less safety for everyday people.
  3. The bill could massively increase the national deficit and cut support for renewable energy, which would hurt efforts to address climate change and invest in future generations.

🧠 Knowledge Series #23: Passkeys explained

Department of Product 314 implied HN points 06 Feb 24
🕹 Technology Security
  1. Passkeys are digital keys replacing traditional passwords, enhancing security and creating unique keys for each account and device.
  2. Major companies like Uber, Apple, Google, and Microsoft are actively supporting and implementing passkeys for a passwordless future.
  3. Product teams can implement passkeys by understanding how they work and following a step-by-step guide for integration.

The Magnet 084: Mystery of the Motorized Garage Door

The Magnet 373 implied HN points 08 Jan 24
🕹 Technology Security
  1. The garage door in the author's property mysteriously stopped working, leading to a puzzling situation.
  2. Despite efforts to manually open the garage door, the issue was resolved by simply plugging in the motor power cord.
  3. The author was left questioning how and why the motor power cord was pulled out, as there were no easy access points.

Against America, Europe Can Become Europe

World Game 19 implied HN points 19 Jan 26
🌍 World Politics Security
  1. The United States has grown more openly hostile and willing to use economic and military pressure, treating Europe as weak and able to be coerced because of European dependence on American energy, technology and defence.
  2. That pressure could force Europeans to finally unite and assert real sovereignty, driving a strategic break from the United States and the creation of a shared, civilisation-level European identity and state.
  3. Europe must stop assuming values are universal and choose between the transatlantic alliance and an independent European project; preserving European ideals will require sovereignty, hard economic choices, and a clear political identity.

Under the microscope: Ford Racing (PlayStation)

Rings of Saturn 43 implied HN points 27 Dec 25
🕹 Technology Security
  1. The commonly cited "GIMMEGIMME" name-entry cheat does not unlock everything on the PlayStation release; that code is from the PC version and was copied into cheat sites for years.
  2. On the PlayStation game you unlock features by holding L1+L2+R1+R2 and entering specific button sequences on particular menu screens, with sequences that unlock all cars, all tracks, show credits, give money, or advance the career car.
  3. Emulator debugging and disassembly revealed the exact RAM addresses, screen IDs, and button-buffer checks that implement the PlayStation cheats, and also showed how GameShark memory writes can force unlocked values—explaining why online codes were often wrong.

Safary Hack, Paid Post Explains How to Avoid the Losses...

DeFi Education 439 implied HN points 29 Nov 23
🔮 Crypto Security
  1. Check your DeFi transactions carefully before approving them to avoid losing funds. Malicious attacks can trick you into giving away your money.
  2. Frontend attacks can make trusted websites seem normal but steal your crypto. Always be cautious when interacting with these sites.
  3. Even experienced users can fall victim to these hacks, so it's important to stay informed and learn how to protect your assets.

Microsoft Security Copilot Gets Its Own Blog

Rod’s Blog 337 implied HN points 09 Jan 24
🕹 Technology Security
  1. A new blog has been launched in Microsoft Tech Community for Microsoft Security Copilot, focusing on insights from experts and tips for security analysts and IT professionals.
  2. The blog covers topics such as education on Security Copilot, building custom workflows, product deep dives into AI architecture, best practices, updates on the roadmap, and responsible AI principles.
  3. Readers are encouraged to engage by sharing feedback and questions with the blog creators.

What happened to the Gaza peace plan?

Comment is Freed 62 implied HN points 06 Dec 25
🌍 World Politics Security
  1. The peace plan is moving toward a second stage with an International Stabilisation Force meant to demilitarize Gaza, secure borders, and protect civilians, and detailed planning is already happening at a US-led coordination center.
  2. Political problems are blocking progress — the unrecovered remains of an Israeli and a dispute over whether the Rafah crossing should be two‑way are stalling implementation and complicating the return of Palestinian governance.
  3. Practical preparations (military specialists, NGOs, and EU oversight of crossings) exist, but growing violence, Israeli political disunity, and doubts about the ISF’s mandate threaten the plan’s momentum.

Issue #147: MrBeast Buys a Bank, Goldman Sachs Gives AI Agents Real Jobs, And Coinbase Wants Every AI Agent to Have a Wallet

Fintech Radar 6 implied HN points 16 Feb 26
💰 Finance Security
  1. Creators are starting to buy and run real financial assets, using massive audiences to scale fintech products and distribution quickly.
  2. Banks and fintechs are deploying autonomous AI agents to handle high-volume, rules-based work like accounting, onboarding, and AML, which reduces the need for additional headcount.
  3. Infrastructure for agentic money is being built fast — agent-specific wallets, machine-to-machine payment protocols, and programmable guardrails let AI agents hold and spend funds safely.

Poland's Alarm

Diane Francis 919 implied HN points 20 Apr 23
🌍 World Politics Security
  1. Poland is increasing its military to protect against Russian threats, wanting to lead Europe in security efforts. This shows Poland's strong belief in standing up to aggressors.
  2. European leaders need to pay attention to warnings about rising threats from Russia and China. If they ignore these problems, it could lead to bigger issues for the whole continent.
  3. There is a need for unity among European countries to ensure their security. Smaller nations are stepping up while larger ones like Germany and France may not be doing enough.

The View from France

The Cosmopolitan Globalist 55 implied HN points 06 Dec 25
🌍 World Politics Security
  1. Europe increasingly fears the United States may not defend it and now treats American envoys more like outside actors than reliable allies.
  2. Russia is openly menacing Europe while warmly courting U.S. businessmen in Moscow, a tactic meant to divide Europeans and undermine deterrence.
  3. European militaries are under-resourced and would need years to rebuild, and for now Ukraine’s resistance is seen as the primary barrier preventing a wider Russian attack.

Is a Peace Deal in Ukraine Possible?

John’s Substack 7 implied HN points 20 Feb 26
🌍 World Politics Security
  1. Two experts debated whether a peace agreement over the Ukraine war is possible, presenting sharply opposing views.
  2. One side argued a negotiated peace with Europe, Ukraine, and the US could be reached, while the other said no deal is possible and the war will be decided on the battlefield, ending in an armistice that creates a frozen conflict.
  3. The event measured audience opinion with a pre- and post-debate poll to see if views shifted, but the poll results were not disclosed.