Hacker News

Latest

We decreased our LLM costs with Opus

2026-04-29 @ 00:57:12Points: 88Comments: 29

Regression: malware reminder on every read still causes subagent refusals

2026-04-28 @ 23:59:57Points: 212Comments: 108

not malware, it still interprets the appended prompt to mean that it is disallowed to augment or write any code, and quits. And we're charged for every session that this happens in. Posting here because apparently they only addressed the issue in the past because of a Hacker News discussion. So here's hoping they'll see this and prioritize fixing it again so we can stop losing money.

How ChatGPT serves ads

2026-04-28 @ 23:54:14Points: 308Comments: 208

Apple CMF (Color-Matching Functions) 2026

2026-04-28 @ 23:43:53Points: 60Comments: 1

Before GitHub

2026-04-28 @ 21:17:40Points: 448Comments: 128

I won a championship that doesn't exist

2026-04-28 @ 20:38:21Points: 163Comments: 81

Ghostty is leaving GitHub

2026-04-28 @ 19:44:52Points: 2471Comments: 720

OpenAI models coming to Amazon Bedrock: Interview with OpenAI and AWS CEOs

2026-04-28 @ 19:24:43Points: 259Comments: 85

https://aws.amazon.com/bedrock/openai/

https://www.aboutamazon.com/news/aws/bedrock-openai-models

https://openai.com/index/openai-on-aws/

https://x.com/amazon/status/2049178618639839427

CJIT: C, Just in Time

2026-04-28 @ 19:10:14Points: 124Comments: 30

Show HN: Auto-Architecture: Karpathy's Loop, pointed at a CPU

2026-04-28 @ 17:12:30Points: 135Comments: 27

GitHub RCE Vulnerability: CVE-2026-3854 Breakdown

2026-04-28 @ 16:15:43Points: 344Comments: 76

Show HN: Drive any macOS app in the background without stealing the cursor

2026-04-28 @ 16:03:34Points: 123Comments: 28

The main problem: when a UI automation process controls a desktop app today, it usually takes over the human’s session. Your cursor moves, keyboard focus gets stolen, windows jump to the front, and you have to stop working until the agent is done. That is why we have historically avoided encouraging users to run these processes directly on their host machine, instead relying on VMs or GUI containers for concurrency and background execution.

But computer-use - the tools we give agents to operate computers like humans - does not scale cleanly that way. As models get smarter, agents need to share hosts safely, run in the background, and avoid collisions with the human or other agents using the same machine.

We realized macOS has no first-class API for "drive this app without touching the cursor". CGEventPost routes through the hardware input stream, so it moves your cursor. CGEvent.postToPid avoids the cursor warp, but Chromium treats those events as untrusted and silently drops clicks at the renderer boundary. Activating the target app first raises the window and pulls focus, defeating the point of background execution.

Cua Driver is our attempt at a real fix: a background computer-use driver for macOS that lets an agent click, type, scroll, and read native apps while your cursor, frontmost app, and Space stay where they are. The default interface is a CLI, so it is easy to script or call from any coding agent shell.

Try it on macOS 14+:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/trycua/cua/main/libs/cua-d...)"

The first internal use case was delegated demo recording. We ask Claude Code to drive an app while 'cua-driver recording start' captures the trajectory, screenshots, actions, and click markers. The result is an agent-generated product demo, Screen Studio inspired.

Other things we have used it for:

- Replacing Vercel’s agent-browser and other browser-use CLIs. With Claude Code and Cua Driver, you do not need Chrome DevTools Protocol at all.

- A dev-loop QA agent that reproduces a visual bug, edits code, rebuilds, and verifies the UI while my editor stays frontmost.

- Personal-assistant flows that use iMessage from Claude Code, Hermes, or other general-purpose agent CLIs.

- Pulling visual context from Chrome, Figma, Preview, or YouTube windows I am not looking at, without relying on their APIs.

What made this harder than expected:

- CGEventPost warps the cursor because it goes through the HID stream.

- CGEvent.postToPid does not warp the cursor, but Chromium drops it at the renderer IPC boundary.

- Activating the target first raises the window and can drag you across Spaces.

- Electron apps stop keeping useful AX trees alive when windows are occluded without a private remote-aware SPI.

The unlock was SkyLight. SLEventPostToPid is a sibling of the public per-PID call, but it travels through a WindowServer channel Chromium accepts as trusted. Pair it with yabai’s focus-without-raise pattern, plus an off-screen primer click at (-1, -1), and the click lands without the window ever raising.

One thing we learned: the right addressing mode depends on the app. Native macOS apps usually have rich AX trees, Chromium-family apps often need a hybrid of AX and screenshots, and apps like Blender or CAD tools may expose almost no useful AX surface. The mistake is defaulting to pixels everywhere - or defaulting to AX everywhere.

Long technical writeup: https://github.com/trycua/cua/blob/main/blog/inside-macos-wi...

I would like feedback from people building Mac automation, agent harnesses, or accessibility tooling. If it breaks on an macOS app you care about, that is useful data for us.