← Kilroy’s Daily Briefings
📡 HN Briefing PM

📡 Hacker News Afternoon Briefing — Friday, May 22, 2026 at 3:30 PM

📡 HN Briefing PM5/22/2026🕐 3:30 PMDev pulseAfternoon

Top stories, ranked by relevance.

Story cards stay below the sticky dock while audio, chapters, date, and brief navigation remain accessible.

#1Project Glasswing: An Initial Update

Anthropic's Project Glasswing is a collaborative initiative with roughly 50 partners to secure critical software infrastructure before advanced AI models can be weaponized against it. Using Claude Mythos Preview, the project discovered over 10,000 high- or critical-severity vulnerabilities in systemically important software within weeks. The key insight: AI dramatically accelerates vulnerability discovery, but human capacity for verification, disclosure, and patching remains the bottleneck.

🔗 anthropic.com

#2Models.dev: Open-Source Database of AI Model Specs, Pricing, and Capabilities

Models.dev consolidates fragmented AI model information into a single searchable open-source database covering specs, pricing, context windows, and capabilities across providers. It offers both a web interface and API access, making it a practical reference for developers choosing between models. Community-contributed and already used by projects like opencode.

🔗 github.com
No image

#3Open Source Kanban Desktop App That Runs Parallel Agents on Every Card

Kanbots is a kanban board that dispatches Claude Code or Codex AI agents to work on individual cards in parallel, each in its own isolated git worktree with live cost tracking. It features an "autopilot" mode where multiple AI personas (PM, engineer, designer) round-robin through work items up to four slots at a time. Available as free open-source desktop software or a paid cloud version for teams.

🔗 kanbots.dev
No image

#4Antigravity 2.0 Tops the OpenSCAD Architectural 3D LLM Benchmark

ModelRift benchmarked six AI coding tools by asking them to build a 3D model of the Pantheon in OpenSCAD from reference images. Google's Antigravity 2.0 with Gemini 3.5 Flash achieved the best autonomous result at 4.5/5 quality, nailing real architectural dimensions and even the inscription "M AGRIPPA." The benchmark compared Cursor Composer, Codex 5.5 High, Claude Sonnet, Claude Opus, and others, finding that geometric judgment and visual feedback matter far more than raw speed.

🔗 modelrift.com
No image

#5Bun Support Is Now Limited and Deprecated in yt-dlp

The yt-dlp project is deprecating Bun support over security concerns — building the ejs package with pre-1.2.0 Bun ignores the lockfile, creating vulnerabilities. Developers also expressed concern that "Bun was recently rewritten in Rust using Claude" and its development "seems to have taken a turn towards being fully vibe-coded." Only Bun versions 1.2.11 through 1.3.14 will be supported going forward.

🔗 github.com
No image

#6Deno 2.8

Deno 2.8 makes unprefixed package names default to npm, turning deno install into a drop-in replacement for npm/yarn/pnpm. Node.js API compatibility jumped from 42% to 76.4% test pass rate, while cold npm installs became 3.66x faster. New CLI tools include deno pack for publishing npm packages, deno audit fix for automatic vulnerability patching, and support for the TC39 import defer proposal.

🔗 deno.com
No image

#7U.S. Researchers Face New Restrictions on Publishing with Foreign Collaborators

NASA and NIH have placed unprecedented restrictions on U.S. scientists co-authoring papers with foreign collaborators, even when no funding went overseas. NASA is flagging researchers for potential Wolf Amendment violations over Chinese co-authors, while NIH is requiring institutions to promise their researchers won't collaborate with flagged foreign co-authors in the future. Historically, 30% of NIH-funded papers had both U.S. and non-U.S. authors, making this a major shift in scientific collaboration policy.

🔗 science.org
No image

#8Lawmakers Demand Answers as CISA Tries to Contain Data Leak

A CISA contractor publicly posted AWS credentials and internal agency secrets on a GitHub account called "Private-CISA" in May 2026, with the contractor having deliberately disabled GitHub's secret-scanning protections. Lawmakers including Sen. Maggie Hassan and Rep. Bennie Thompson are demanding answers about how such a breach could occur at the agency responsible for preventing cyberattacks. Security experts warn that foreign adversaries likely discovered the exposed credentials before they were removed.

🔗 krebsonsecurity.com
No image

#9Why Japanese Companies Do So Many Different Things

Japan is the most economically complex country in the world, and its corporations are a different species from Western firms — excelling across wildly diverse domains in ways that would be bizarre for an American company. The article explores how Japan's bundled corporate model powered its postwar growth but may also have doomed it to stagnation. It uses examples like a paper mill that also operates a concert hall and an airport catering business to illustrate the structural differences.

🔗 davidoks.blog
No image

#101940 Air Terminal Museum Begins Liquidation

The 1940 Air Terminal Museum in Houston is selling three flight simulators — a Southwest 737-200, a Beechcraft King Air 200, and a Hawker 700 — at $20,000 each to vacate their building by end of June. The simulators have been non-operational since their 2010 donation and come with no warranties. Buyers must arrange their own heavy equipment and logistics.

🔗 1940airterminal.org
No image
Kilroy’s Daily Briefings · 5/22/2026