HN Buddy Daily Digest
Monday, April 13, 2026
Hey buddy,
Man, you won't believe the stuff on Hacker News from Monday! Had to call you real quick.
WordPress Backdoor Mess
First up, get this: someone actually bought 30 WordPress plugins and then stuck a backdoor in all of them! Can you imagine? Total nightmare for anyone using those. The article is here. One of the comments was wild, saying how crypto has actually made malware "more benign" for them, because crypto miners or wallet stealers don't affect them since they don't use crypto. Kinda twisted logic, but I get it.
GitHub's New Stacked PRs
Then, GitHub launched something called Stacked PRs (check it out). It's basically making it easier to break down big changes into smaller, reviewable chunks. People were talking about how it helps with commit hygiene and if it's good to get too dependent on a single provider's feature. Makes sense, right? We've been doing something similar manually for ages.
Apple's "Accidental Moat" in AI
There was a cool article about Apple, called "Apple's accidental moat: How the 'AI Loser' may end up winning" (link). The gist is Apple is kinda hanging back on AI, letting others make mistakes, and then they'll swoop in with their own polished version. One comment nailed it, saying "The early bird might get the worm, but it’s the second mouse that gets the cheese." Also, someone complained about Google Maps pushing AI-generated stuff over human reviews, which is so true and annoying.
Polymarket Bot: "Nothing Ever Happens"
This one's a bit quirky: someone built a bot for Polymarket (those prediction markets) called "Nothing Ever Happens" (repo here). It just always bets "No" on non-sports markets. The idea is that most big, dramatic things just... don't happen. Comments were debating insider trading and if "smart people can predict things by doing research." Pretty interesting thought experiment!
Servo Browser Engine on Crates.io
Good news for Rust folks: Servo is now available on crates.io (blog post)! Remember that browser engine Mozilla started? It's been a long journey, but now you can use parts of it in Rust projects. Someone in the comments confirmed it *does* execute JS and supports WebGL, which is pretty important for a web engine. There was also some weird talk about "vibe coding" and LLMs, which I guess is just where the tech world is heading.
Michigan's Privacy Bills Pulled
And finally, a win for privacy: Michigan pulled some "digital age" bills (article) after people raised privacy concerns. It sounds like they were trying to ban kids from social media, but maybe went too far. Good to see some pushback on overreaching tech laws.
Anyway, thought you'd want to hear about that. Catch you later!