- Hive Five
- Posts
- π Hive Five 215 - Prompt Your Way To Personal Growth
π Hive Five 215 - Prompt Your Way To Personal Growth
The Definitive Guide on How to Use LLMs to Write Better Code, Beyond the Hook: A Deep Dive into the Latest Phishing Tricks, Exploiting Hidden Parameters in YouTube
Hi friends,
Greetings from the hive!
I was struggling to create tasks the way I wanted them formatted and feed them into Obsidian, so I let Cursor write the raw JavaScript to resolve the issue.
Mainly, I wanted to use a particular format for each of my markdown todo's:
- [ ] Task name or description - β[Current date] File name #[Type of todo: task, consume, idea]
Also, I started a Vibe Coding playlist. If you have any suggestions, feel free to let me know what's missing.
Let's take this week by swarm!
π The Bee's Knees
How @simonw uses LLMs to help them write code. Not getting the right results with vibe coding? You're not alone! It's tricky, but with the right techniques, you can make these models work for you. MORE
"Beyond the Hook" dives into the latest phishing tricks used by scammers in 2025, from simple fake pages to sneaky multi-factor authentication bypasses. Learn how these criminals set up their infrastructure and deliver their attacks. MORE
By exploiting a hidden parameter in YouTube's API, @brutecat was able to expose creator emails, resulting in a $20,000 bounty. MORE
"[...] In Google, there's something known as discovery documents that are essentially like swagger documents, intended for listing API methods on Google's public APIs such as their YouTube Data API (discovery). As it turns out, these discovery documents aren't just available for their public APIs but also for their private ones such as the Internal People API (discovery). [...]"
Popular GitHub Action tj-actions/changed-files has been compromised with a payload that appears to attempt to dump secrets, impacting thousands of CI pipelines. MORE
Scott Hanselman talks about AI hype, arguing it should improve lives, not just be trendy. He demos local AI models, showing how they can be useful without needing huge data or power. MORE
Brought to you by β
Hive Five Premium
Unlock exclusive benefits⦠and transform your skills, network, and results. Join our premium community for unparalleled access to resources, support, and exclusive content designed to help you achieve your goals faster.
What youβre missing:
Private Discord Community: Connect with like-minded individuals, share your journey, and receive support in our exclusive Discord server.
Complete Hive Archive: Access a vast library of resources, tools, videos, and audio β everything you need to succeed.
Bonus Content & Deep Discounts: Gain access to exclusive content designed to boost your effectiveness, plus significant discounts on paid resources.
Less Time, More Results: Spend less time searching and more time achieving your goals.
Join the premium members already experiencing the difference.
Interested in sponsoring the Hive Five? Secure your spot.
Upgrade Yourself β
You're getting the free version. Members get more β including exclusive & bonus content, access to an online community of smart and driven people, the complete Hive Archive, deep discounts, and so much more. See what you're missing.
π° Updates
β Changelog
Waymore v5.1 fixes a bug where the URLScan API returned a 429 error due to the User-Agent being flagged by a WAF. It now uses a specific User-Agent ("waymore by xnl-h4ck3r") to avoid this issue. MORE
πΌ Work
π° Career
If you hate your job, focus on creating value, expanding your skills, and strategically improving your current role or gradually developing an exit plan that leverages your existing professional experience. MORE
Sam Parr went from selling hot dogs to building The Hustle, a newsletter with 2 million subscribers, by throwing live events, creating viral content, and mastering copywriting. He also wasn't afraid to ask for help, pushing his network to grow his business. MORE
CrowdStrike is hiring a Reverse Engineer to analyze malware and improve threat detection on their Falcon platform. If you have experience with reverse engineering and want to stop breaches, this remote role might be for you. MORE
Bella is looking for a remote Reverse Engineering (RE) job while in grad school. She enjoys diving into software and specs, especially for embedded devices and telecom security research. MORE
π Productivity
Obsidian QuickAdd Plugin: How to Create Better Notes in Seconds. MORE
How to use the Things task manager to organize your life, like work and personal tasks, with areas, projects, and recurring reminders. Automate common tasks to save time and stay on top of everything. MORE
Make your Obsidian notes interactive with the Meta Bind plugin. Create input fields, metadata views, and buttons that link to your note's properties for live editing. MORE
Mochi is a simple flashcard app that uses markdown, tags, and even AI to help you study. It's also offline-first, so your data is stored locally and can be synced later. MORE
π Community
β‘οΈ Timeline
Have I Been Pwned is getting a rebrand! The new logo is based on a SQL injection pattern ( ';-- ) and the UX is being rebuilt with Bootstrap 5, Vanilla JS, and Sass, with the code open-sourced on GitHub. MORE
The German Hacking Championship (DHM) is a multi-day event where German students compete in CTF, network, and build lasting relationships. It's a great opportunity for young people to start a cybersecurity career. MORE
DHH criticizes Apple's recent ad, AI, and overall lack of progress, lamenting how far the company has fallen from its "Think Different" days.
π Follow
Awesome accounts to follow. Randomly selected from my curated Twitter lists.
β’ @mongobug | mongo | I like bug bounty programs and breaking things that other people have built. I love kudos.
β’ @nijagaw | Nico | Former Red Team at Tesla, Founder of @codegrazer, Penetrationtester, bughunter.
β’ @samengmg | samuel eng |
β’ @katherinecodes | Katherine Oelsner | Senior Software Engineer @github.
β’ @ow | Owen Williams β‘ | Kiwi in Canada via Amsterdam β’ Design manager @stripe leading developer experience + apps. prev @shopify.
π Level up
π° Read
Bellingcat unmasked a Malaysian wildlife trafficker, "BK," who openly advertised endangered animals online. MORE
Wiz Research discovered "SAPwned," a vulnerability chain in SAP AI Core that could've allowed attackers to access customer data and cloud environments. SAP has fixed the issues, preventing potential supply-chain attacks and data breaches. MORE
Github scam investigation: Thousands of "mods" and "cracks" stealing your data. MORE
Monorepos can be useful for big projects, but they often cause headaches when contributing or fixing bugs in open-source packages. They add complexity and can lead to more defects, so simpler approaches are often better. MORE
@m4st3rspl1nt3r found a vulnerability in all major mobile browsers that allowed an attacker within Bluetooth range to take over PassKeys accounts by triggering
FIDO:/
intents. MORE
π‘ Tips
Consider using color and categories in your calendar based on vibes and emotion. MORE
AI is changing the game. Learn how Marc practically uses AI to code 10x faster, design interfaces, and even brainstorm project architecture. MORE
Shaan Puri discusses the art of storytelling, emphasizing that a great story is not just a timeline of events, but a transformation that captures emotion and creates a specific reaction in the audience. MORE
How to craft precise AI prompts to streamline cybersecurity tasks and bypass AI content limitations. MORE
π§ Wisdom
Costco's success stems from its unique approach of prioritizing employee welfare, maintaining low prices, and creating a corporate culture that values simplicity, ethical leadership, and long-term sustainability over short-term profits. MORE
TESS discusses a collaborative RCE. By identifying an unusual subdomain running a third-party open-source software, they were able to find a critical security flaw that allows executing bash scripts server-side. MORE
Astronauts feel the "overview effect" when seeing Earth from space, gaining awe and unity. You can feel it too by looking at nature or using VR. MORE
Adam suggests ditching "vibe coding" for Claude Code, letting AI handle tedious tasks, and focusing on enjoyable parts of programming. MORE
A small company wanted to add AI but hired an agency that proposed a complex, expensive solution. A veteran dev, not wanting to spend so much time and money, learned GenAI and built the feature himself in 2 months. MORE
"[...] A good reminder why you can pick up GenAI - and you probably should. Real story: [...]"
π Resources
Jakobi revamped their website dashboard and started porting in their PowerShell payloads. MORE
DistrictCon 2025 talks, ranging from binary exploitation to infosec policy. The con focuses on community growth through action, engagement, and enlightening policymakers. MORE
Crowdsourced must-have Mac apps recommendations. MORE
π Explore
π§° Tools
Supercharge enhances your Mac experience with useful features like keyboard shortcuts and Finder tweaks. It gives you more control over your macOS without needing complex setups. MORE
JsRouteScan is a Burp Suite plugin that sniffs out routes in web responses using regular expressions. MORE
Anubis is a tool that finds subdomains and gathers info using sources like VirusTotal and Shodan. It helps you learn more about a target domain. MORE
Mailcat helps you find email addresses linked to a nickname without notifying the user. It checks multiple providers using APIs and SMTP, great for OSINT investigations. MORE
Gixy is a tool to analyze NGINX configuration. The main goal is to prevent security misconfiguration and automate flaw detection. MORE
π₯ Watch
The VueJS Amsterdam conference is the biggest Vue event with speakers like Evan You, creator of Vue, and talks on Vue, Vite, and Nuxt. DAY 1 | DAY 2
Prompt Your Way To Personal Growth with Steve Schlafman. He talks about using it for dream analysis, emotional breakthroughs, and personal growth. MORE
2025: The Dawn of Energy Abundance. Energy is the basis of everything. This video explores civilization's progress through history with the use of energy and what it may look like in the future. MORE
Johnny Harris discusses his unique approach to creating YouTube videos, emphasizing a storytelling process that prioritizes craftsmanship, curiosity, and human connection over algorithmic optimization. MORE
Anthropic's Model Context Protocol (MCP) is like a USB-C for AI, linking apps to powerful APIs. This tutorial teaches you to build and share MCP servers using TypeScript, so anyone can use your AI creations. MORE
π΅ Listen
Vercel's CEO Guillermo Rauch explains how the company revolutionizes cloud infrastructure by making web deployment as simple as using Squarespace, while leveraging AI and focusing on an application-first approach that abstracts away complex infrastructure challenges for developers. MORE
Ivan Zhao, co-founder of Notion, shares the challenging early years of building a horizontal productivity tool, describing the first three to four years as the "lost years" where they struggled to find product-market fit. MORE
How to become an XSS expert with renniepak. They talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and discuss if there's such thing as bug bounty methodology. MORE
Anne-Laure Le Cunff chats about using small experiments to live a more intentional life in the latest "Focused" podcast. Learn how tiny changes can make a big difference in your focus and productivity. MORE
In this episode of Syntax, Scott and Wes predict web development trends for 2025, like on-device AI and the resurgence of Vanilla CSS. They also discuss potential moves from Bun, React, and other frameworks. MORE
π Technology
The Model Context Protocol (MCP) is gaining traction as the leading standard for AI agents, thanks to its AI-native design and backing from Anthropic. Experts believe MCP will beat out OpenAPI as the top agent standard in July. MORE
Anders Hejlsberg, lead architect of TypeScript and Technical Fellow at Microsoft, introduces a new port of TypeScript in Native Go that will deliver the next generation of high-performance developer tooling. MORE
Supabase gained popularity by making PostgreSQL easier to use with tools like authentication and APIs. They focus on community input and creating helpful content, proving they're more than just a Firebase alternative. MORE
Lynx is a customizable, text-based web browser that's been around since 1992, making it the oldest browser still updated! It's great for low-bandwidth connections and protecting your privacy by blocking web bugs. MORE
EA open-sourced the code for classic Command & Conquer games, letting fans mod and preserve them. The community can now make new features and keep the games alive. MORE
π Interesting
Joe Lonsdale, who helped start Palantir, shared unfiltered advice on AI investing and hiring. He even talked about intelligence operations against his companies and building a new university. MORE
"[...] Why he's building the University of Austin: "We wanted to create a place for professors who are contrarian and refuse to go along with the mainstream. I really want to create a culture where it's actually okay to shock people, to offend people β because I think it's really healthy to have strong dialogue." [...]"
Imagine a worldwide AI "rainforest" accessible to everyone, fueled by shared knowledge and planetary data. This "Public Intelligence" aims to be a non-profit AI, ensuring AI benefits all, not just corporations. MORE
This resource offers positive affirmations to support healthy child development. It gives parents and caregivers tools to encourage kids' self-esteem and growth. MORE
Geist is a typeface from Vercel made for developers and designers. It has both a readable monospace version for coding and a sans version for design, inspired by Swiss minimalism. MORE
Eggnog's Time Portal is a daily challenge where you travel through time to identify historical events. MORE
π Quote
"Youβre successful as soon as you send your work out into the world."

π Learned something?
Upgrade Yourself β
You're getting the free version. Members get more β including exclusive & bonus content, access to an online community of smart and driven people, the complete Hive Archive, deep discounts, and so much more. See what you're missing.
Share Hive Five β
Share this newsletter with your friends and colleagues.
1 REFERRAL = 20% OFF EVERYTHING IN THE STORE
Until next week, take care of yourself and each other,
Bee π
This newsletter may contain affiliate links that support its costs. These links lead to tools, courses, and resources that I've personally found helpful.