“In startups, your junior dev is more of a threat to security than North Korea.” Appreciate a security expert who knows startups shouldn't waste resources overdoing security when they still don't have product-market fit.

Related Stories

Product Purgatory: When they love it but still don't buy

Curl: We still have not seen a valid security report done with AI help

AWS Built a Security Tool. It Introduced a Security Risk

HACKSAT25: The first multi-tenant satellite unikernel security challenge

The Chromium Security Paradox

For AI Startups, a 7-Day Work Week Isn't Enough

What C++ devs do when they don’t have a borrow checker… it’s chaotic but kinda impressive how effective it is

Hegseth’s Use of Passwords Raises New Security Concerns

People who don't ask me questions drive me crazy. Why are they like that?

Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape

Pentagon Targets Open Source Security Risks in Software Procurement Overhaul

Don't Die of Heart Disease

Don't watermark your legal PDFs with purple dragons in suits

Show HN: API Testing and Security with AI

Microsoft Confirms Critical 10/10 Cloud Security Vulnerability

May is 'Maintainer Month'. Open Source Initiative Joins GitHub to Celebrate Open Source Security

North Korea Stole Your Job. For years, North Korea has been secretly placing young IT workers inside Western companies

Google Doc Templates for Startups

DOGE has arrived at the heart of Homeland Security's biometrics operations

When flat rate movers won't answer your calls

I tested Firebase Studio so YOU DON'T have to (It's bad)

[NEED FEEDBACK] We built a code planner so you don’t have to fight your AI to get decent results

Trump administration asks Supreme Court to allow DOGE into Social Security systems

Security Researchers Create Proof-of-Concept Program that Evades Linux Syscall-Watching Antivirus

'ProtectEU' security strategy: a step further towards a digital dystopian future

US National Security Official Caught Using 'Less-Secure Signal App Knockoff'

RFC 5081: Using OpenPGP Keys for Transport Layer Security (TLS) Authentication

DoomArena: A Framework for Testing AI Agents Against Evolving Security Threats

Facebook's Content Takedowns Take So Long They 'Don't Matter Much', Researchers Find

Tech Jobs Aren’t What They Used to Be