Heap Heap Hurray
Posts
🪅 Heap Heap Hurray Ed. #324

🪅 Heap Heap Hurray Ed. #324

Daily dispatches from the world of technology.

July 25, 2025

Good morning! Friday's here - let's end the week with a win!

Geek Gossip

#Amazon-Q - Amazon Q, their vibe coding extension for VSCode got hacked! Some hacker just slipped a malicious code into Amazon's AI coding assistant and it was like a self-destruct button! They were basically telling it to delete all customer data and it got shipped out to all users. Here’s the prompt / commit if you are interested. But equally worse is Amazon simply ignoring it - for a week or so it was live - and Amazon only came to know when a user pointed it out. They simply nuked it from their commit history and went on with their business as though it was just another day for them!

#ToptalHack - Another popular company’s codebase got hacked. Toptal, the network of freelancers had their Github org accunt hacked, resulting in some private repositories being made public.

#Kaggle-Competition - An AI coding challenge was launched way back in December 2024 and its results are just in. Participants were tasked with solving github issues and were ranked on how many tasks they completed successfully, with penalties for failures. But what caught the attention of people is the winner’s score - 7.5 %. That is, they won with correct answers to just 7.5% of the questions on the test.

#BiometricFingerprint - A not so believable article that we came across. Apparently, we can uniquely identify a person using WiFi - no, not by their network ids, but by how their body deflects the WiFi signals!

Latest Updates

TCS Cracks Down On Work-from-home Arrangements (in USA)
Tata Consultancy Services (TCS) has announced an instant five-day return-to-work mandate for US workers. Staff will be monitored and called out if they don't comply. The only exceptions are those based at client facilities or who have previously agreed upon work-from-home conditions.

India's Financial Watchdog Cracks Down On Myntra
Myntra allegedly violated foreign investment rules by channeling over $191 million through a related-party scheme. The Bengaluru-based fashion e-commerce firm violated the Foreign Exchange Management Act, known as FEMA, the Enforcement Directorate said.

Adani Exits Super App Play After $100 Mn Investment
Adani exits super app play after $100 mn investment. Adani Group has shelved its “super app digital ambitions, folding its digital arm, its airport business earlier this year.

Changelog

Google - Do you have a goog[dot]gl shortener link? Replace them with alternatives soon as Google is about to sunset their URL shortener service.

ChatGPT - Introduces "personality" feature allowing users to choose from various modes, including "Robot," "Cynic," "Listener," and "Sage" to personalize the AI's tone and interaction style.

Google Photos - New "Create" tab with AI-powered features, including photo-to-video generator and "Remix" style-transfer tool, now available in the U.S. for Android and iOS users.

Apple In-App Purchase - Introduces Retention Messaging API for Dynamic Cancellation Offers. Basically, if you now try to unsubscribe from any of your payments for an app, the app can now try to retain you with offers.

YouTube - Image-to-Video Tool Powered by Google's Veo 2 Model and Generative AI Effects

Trending Projects / Code Repositories

Liftkit | A UI framework based on the golden ratio. At its core, it's a set of formulas and variables that unlock advanced visual design features like optical spacing corrections and dynamic color, powered by Material 3.

Hyper Fetch | Fetching and realtime data exchange framework.

Track Weight | Did you know that you can use your Macbook to weight things? Yes - to determine the weight of stuff. Cool hack to check out

In Case You Missed It

🎁 We now have a dedicated page to list all events. We will be updating this page EVERY WEEK. We will of course be publishing new (and coming-soon) events in this section but for a comprehensive list of events, check the link(s) below:

Tech Conferences, Workshops & Meetups and Currently Running Hackathons

This link is EXCLUSIVELY accessible by subscribers of Heap Heap Hurray!

The Elastic Hackathon, "Forge the Future," invites teams of 3-5 to build innovative AI and data solutions using Elastic's search-powered AI stack and AWS. With a total prize pool of 6 lakh INR, including 3 Lakh INR for the winner, participants can solve real-world problems. Top teams also gain mentorship from Elastic and AWS experts and global blog features. More details here.

Job Board

Senior Software Engineer @ Studio Management (Remote)

✨Experience : 4+ years (Python | Django | Docker | AWS)

💰Expected Salary : ₹40L – ₹60L / year

Machine Learning Engineer @ Valuebound (Onsite - Bengaluru)

✨Experience : 3+ years (Python | Docker | Kubernetes)

💰Expected Salary : ₹18L – ₹30L / year

Technical Architect @ Team Management Services (Remote)

✨Experience : 10+ years (Python | Azure | Kafka | AWS | ELK Stack)

💰Expected Salary : ₹50L – ₹70L / year

Data Engineering Lead / Architect @ datavruti (Onsite - Multiple Locations)

✨Experience : 7+ years (Python | SQL | AWS)

💰Expected Salary : ₹50L – ₹60L / year

Miscellaneous

Improving Your Interview Game: Asking The Right Questions
When interviewing at a startup, asking the right questions can make all the difference in determining whether the company is a good fit for you. PostHog's experience interviewing over 2,000 candidates has highlighted two trends: candidates who ask great questions often make it further, while most don't ask the tough questions that would be useful for them. Here are some questions to ask during an interview.

Gzip Bomb Test Exposes Email Client Weaknesses
Gzip bomb is a way of decompressing a 10GB file to a much larger size. It works well with email clients, but not with some proxies. Recently, a gzip bomb test revealed vulnerabilities in various email clients, including Thunderbird, Gmail, Protonmail, and Evolution Mail, when handling maliciously compressed files.

Agent Docs Boost LLM Accuracy
Agent docs are a way to get better results from the agents. They make the agent output more consistent, more aligned with your codebase conventions, and more accurate.

Attention Subscribers

Every two weeks, on Friday at 7 PM IST, we distribute a “BONUS EDITION” featuring highly valuable links. These special editions are exclusively sent to our most dedicated and engaged subscribers. To ensure you receive these editions, please take the following actions:

1. Regularly open our emails. We track email open rates to identify our most active subscribers.

2. Engage with the links in our newsletter. While we provide concise summaries, your engagement is equally important.

Your active participation ensures you continue to receive these exclusive benefits. Thank you for your ongoing support and engagement.

If you are seeing the bonus edition posts in your SPAM folder, please do us a favour and mark it as NOT SPAM.

— Team HHH

We believe in sharing great resources, and these newsletters are some good ones. They offer sharp, focused insights - especially around tech topics we might only touch on briefly.

If you're into cryptocurrency and blockchain, we recommend Cryptogram - it dives deep into the space, which we don’t often cover in detail.

	CryptogramAn India-focused weekly newsletter on blockchain tech, global crypto markets and Web3 technologies which promise to change our future.

For startup enthusiasts, Rustic Flute is a must-read, especially since we’ve noticed many of you love staying on top of the latest in the startup world.

	Rustic FluteInvest in India's hottest startups alongside top VCs—access exclusive deals, insights, and market strategies trusted by 20,000+ readers.