Published on May 15, 2026 at 06:00 CEST (UTC+2)
Mullvad exit IPs are surprisingly identifying (102 points by RGBCube)
Mullvad exit IPs are surprisingly identifying
This article reveals that Mullvad VPN deterministically assigns static exit IPs per user based on their WireGuard key, rather than randomizing them on each connection. By mapping exit IP ranges across a set of servers, the author demonstrates that an adversary can uniquely identify a Mullvad user by observing just a few exit IPs. The research collected data from 3,650 public keys, showing that each server has a limited IP pool (e.g., 8–91 IPs), making fingerprinting trivially feasible. This undermines the privacy promise of the VPN, especially for users who don’t rotate keys frequently.
Removing the modem and GPS from my 2024 RAV4 hybrid (684 points by arkadiyt)
Removing the modem and GPS from my 2024 RAV4 hybrid
The author provides a detailed guide on physically removing the cellular modem and GPS module from a modern Toyota RAV4 to stop continuous telemetry collection. The post highlights how car manufacturers gather extensive data (location, speed, driver behavior) and share it with insurers and data brokers, often without meaningful opt-out options. It references past security incidents, such as Subaru’s remote unlock vulnerability and Tesla’s internal camera leaks, to underscore the privacy and security risks. The guide is a practical response to the “computer on wheels” problem, showing that hardware removal is a viable, if extreme, privacy measure.
A few words on DS4 (205 points by caust1c)
A few words on DS4
Antirez (creator of Redis) discusses the rapid success of DwarfStar 4 (DS4), a local AI assistant built around the DeepSeek v4 Flash model. He attributes its popularity to a confluence of factors: a quasi-frontier model that is large yet fast enough for local inference, an asymmetric 2/8-bit quantization that runs on 96–128 GB RAM, and the accumulated experience of the local AI community. He emphasizes that the project is not tied to a single model and will evolve to track the best open-weight models optimized for high-end Macs or GPU-in-a-box systems. The post reflects a growing demand for private, single-model AI experiences running on consumer hardware.
First public macOS kernel memory corruption exploit on Apple M5 (295 points by quadrige)
First public macOS kernel memory corruption exploit on Apple M5
Security researchers from Calif and Mythos Preview report the first public kernel memory corruption exploit targeting Apple’s M5 silicon, surviving the new Memory Integrity Engine (MIE). The exploit was developed in just five days, despite Apple’s five years of hardware and software mitigations. The team personally delivered their findings to Apple Park, noting that memory corruption remains the most common vulnerability class. Full technical details will be released after Apple patches the issue, which may take up to a year.
RTX 5090 and M4 MacBook Air: Can It Game? (513 points by allenleee)
RTX 5090 and M4 MacBook Air: Can It Game?
The author documents an impractical but successful experiment: connecting an NVIDIA RTX 5090 (600W GPU) to an M4 MacBook Air via Thunderbolt 4 eGPU enclosure. By engineering a custom PCI passthrough driver for macOS, they achieve playable frame rates in Cyberpunk 2077, Doom, and other titles, though with significant bandwidth bottlenecks. Performance comparisons show the M4 CPU holding up well, and the setup also enables local AI inference (Qwen, Gemma) at impressive speeds. The project underscores how Thunderbolt’s PCIe tunneling can be hacked together for unforeseen uses, despite Apple’s lack of official eGPU support.
Codex is now in the ChatGPT mobile app (231 points by mikeevans)
Codex is now in the ChatGPT mobile app
OpenAI announces that Codex, their AI model for code generation and interpretation, is now integrated into the ChatGPT mobile application. This enables developers and casual users to write, edit, and debug code directly from their smartphones. The move expands Codex’s accessibility beyond desktop IDEs and web interfaces, potentially accelerating mobile-first coding and on-the-go prototyping. It also signals OpenAI’s strategy to embed AI coding assistants into everyday tools where users already work.
New Nginx Exploit (318 points by hetsaraiya)
New Nginx Exploit
A critical heap buffer overflow vulnerability (CVE-2026-42945) in Nginx’s ngx_http_rewrite_module is disclosed, affecting servers using rewrite and set directives. The bug, introduced in 2008, allows unauthenticated remote code execution. Notably, it was autonomously discovered by DepthFirst’s security analysis system after a single click of onboarding the Nginx source. The disclosure also mentions three other related memory corruption issues found by the same AI-driven system. This highlights a shift toward automated vulnerability discovery using AI/ML.
Gyroflow: Video stabilization using gyroscope data (14 points by nateb2022)
Gyroflow: Video stabilization using gyroscope data
Gyroflow is an open-source application that stabilizes video footage using gyroscope and accelerometer data recorded by the camera (e.g., GoPro, Sony) or from external sources like Betaflight blackboxes. It provides precise motion-based stabilization without cropping or rolling shutter artifacts. The project is mature with 8.5k stars and extensive documentation, making it a popular tool for action camera users and FPV drone pilots. Its reliance on sensor data rather than purely visual analysis offers robust performance in low-light or high-motion scenarios.
Tesla Wall Connector bootloader bypasses the firmware downgrade ratchet (74 points by p_stuart82)
Tesla Wall Connector bootloader bypasses the firmware downgrade ratchet
Synacktiv researchers detail how they bypassed Tesla’s anti-downgrade mechanism on the Gen 3 Wall Connector charger. After Tesla added a security ratchet to firmware images to prevent rollbacks, the attackers abused the order of operations between partition table writes and slot erases to replay an old vulnerable firmware. This allowed them to reproduce the Pwn2Own 2025 attack chain via the charge port connector. The work demonstrates that even well-intentioned security patches can be subverted by careful hardware-level exploitation.
RISC-V Router (90 points by janandonly)
RISC-V Router
Start9 launches a crowdfunding campaign for an open-source router built on a RISC-V processor (SpacemiT K1), with a fully open boot stack and Linux kernel. It targets home self-hosters by offering a user-friendly GUI and seamless integration with StartOS for automated port forwarding. The router features Wi-Fi 6, 4GB RAM, and 16GB eMMC storage. The project aims to provide a maximally open and secure networking device, contrasting with closed-source commercial routers.
Local AI on consumer hardware becomes mainstream
The DS4 project (Article 3) exemplifies a surge in running large language models locally on high-end Macs and mini-PCs, enabled by aggressive quantization (2/8-bit) and models like DeepSeek v4 Flash. This trend matters because it decouples AI usage from cloud dependency, offering privacy, lower latency, and offline capability. Implications: Expect more open-weight model releases optimized for quantization, and a growing ecosystem of tools (like DS4) that streamline local inference. Developers should monitor RAM requirements – 96–128 GB is becoming a baseline for significant local AI, driving demand for high-memory consumer hardware.
AI-driven vulnerability discovery automates security research
The DepthFirst system (Article 7) autonomously found multiple critical bugs in Nginx after a single onboarding click, highlighting that AI/ML is now capable of independent security analysis at scale. This accelerates the vulnerabilities lifecycle but also arms both defenders and attackers. Implications: Security teams must adopt AI-augmented static/dynamic analysis to keep pace; source-code-level AI fuzzing will become a standard part of CI/CD pipelines. The reduction in human effort could lead to more zero-days being discovered and disclosed rapidly.
AI integration into mobile and everyday tools
OpenAI’s move to put Codex in the ChatGPT mobile app (Article 6) signals a push for AI coding assistants to be available anywhere, not just on workstations. This trend broadens access for non-developers and enables on-the-spot code creation. Implications: Expect AI-generated code to become ubiquitous in messaging apps, note-taking tools, and even AR/VR interfaces. Privacy and IP concerns will intensify as AI models operate on sensitive codebases in cloud or hybrid modes. Developers should anticipate a shift toward mobile-first coding workflows and voice-driven code generation.
AI-assisted hardware hacking and creative work
Several articles show AI being used as a starting point for creative/technical projects: the eGPU experiment (Article 5) author “asks AI about it” first, and the DS4 project (Article 3) relies on GPT‑5.5 to accelerate development. AI is no longer a black box – it’s a conversational collaborator that lowers the barrier to prototyping novel ideas. Implications: AI tools will increasingly serve as “co-pilots” for hardware design, reverse engineering, and experimentation. The trend suggests that future technical projects will integrate AI planning and troubleshooting as a standard step.
Privacy vs. AI telemetry in consumer devices
Articles on car telemetry (Article 2) and VPN fingerprinting (Article 1) reveal tension between AI-driven data collection and user privacy. Cars constantly upload sensor data to cloud AI services; VPNs expose users to deterministic fingerprinting that could be exploited by adversaries. This matters because AI models are often trained on such data, but users have limited control. Implications: Expect stricter regulations (e.g., right to physically disable modems), and a market for privacy-hardened AI services that process data locally. AI/ML developers must design systems that minimize data collection or offer verifiable anonymization.
Autonomous exploit development outpaces mitigation
The M5 kernel exploit (Article 4) was built in five days despite Apple’s extensive mitigations (MIE). The Nginx exploit (Article 7) was found by an AI system. This demonstrates that both AI and human attackers can rapidly bypass hardware/software defenses. Implications: AI/ML security research will bifurcate into defensive (automated patch generation) and offensive (autonomous exploit discovery). The window between vulnerability disclosure and patch deployment will shrink, forcing faster response cycles. For AI/ML practitioners, secure coding and adversarial testing become critical.
Open-source hardware and AI intersect for specialized devices
The RISC-V Router (Article 10) and Gyroflow (Article 8) represent open-source ecosystems that combine custom hardware with AI/ML processing. Gyroflow uses sensor data for stabilization, while the router targets self-hosting with open firmware. This trend matters because AI inference is moving to edge devices with open architectures, enabling user control and auditability. Implications: Expect more RISC-V based AI accelerators and edge inference devices that avoid vendor lock-in. Developers should design AI models for heterogeneous hardware (e.g., RISC-V + NPU) to tap into this growing market.
Analysis generated by deepseek-reasoner