All the News that Matters

• Three stable kernel updates
  The7.0.4,6.18.27, and6.12.86stable kernels have been released; each contains another set of importantfixes.

• [$] LWN.net Weekly Edition for May 7, 2026
  Inside this week's LWN.net Weekly Edition:
  Front: LLMs and security; restartable sequences and TCMalloc; Fedora and GNOME bug reports; Prolly trees; Arm on s390. Briefs: NHS open source; Alpine outage; GCC 16.1; Incus 7.0 LTS; NetHack 5.0.0; PHP license; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.

• [$] LLM-driven security reports disrupt coordinated disclosure
  Predictions that LLM tools would cause a surge in reports of security vulnerabilitieshave, unquestionably, borne out. As expected, maintainers are having to wadethrough more security reports than ever before; in addition, LLM tools aredisrupting traditional-coordinated disclosure practices as well. The method of Copy Fail's disclosure, in particular, leftvendors, projects, and users scrambling. In addition, maintainers are seeingparallel discovery of the same security flaws within the embargo window. Bothof these developments mean that coordinated security disclosures may become athing of the past.
  

• Incus 7.0 LTS released
  Version7.0 of the Incus container andvirtual-machine management system has been released. Notable changes in thisrelease include the inclusion of a low-level backup API, the additionof basic S3 operations directly in Incus to replace the now-unmaintainedMinIO project, as well as the removal of support forcgroups v1 and xtables (iptables/ip6tables/ebtables). This is along-term-support (LTS) release, with support through June 2031.
  
  The first 2 years will feature bug and security fixes as well as minorusability improvements, delivered through occasional point releases(7.0.x). After that initial two years, Incus 7.0 LTS will move to security onlymaintenance for the remaining of its 5 years of support.
  
  A total of 204 individuals contributed to Incus between the 6.0 LTS and 7.0LTS releases with 45 contributing between the 6.23 and 7.0 LTS releases.
  

• Security updates for Wednesday
  Security updates have been issued by AlmaLinux (corosync, dovecot, image-builder, python-tornado, resource-agents, and systemd), Debian (openjdk-11, openjdk-17, and pyjwt), Fedora (pdns, pyOpenSSL, and squid), Slackware (hunspell), SUSE (alloy, avahi, bubblewrap, cmctl, coredns, curl, dpkg, firefox, golang-github-prometheus-prometheus, grafana, libpng12, PackageKit, sed, and xen), and Ubuntu (docker.io-app, nghttp2, python-django, and python-mako).

• [$] Hardware-assisted Arm VMs for s390
  A recentpatch set from Steffen Eiden and others has set the groundwork for allowinghardware-assisted emulation of Arm CPUs on s390 CPUs.Version two of the posting fixes a handful of smaller problems, but does notdiffer much.The patches were welcomedby the Arm maintainers, pending some discussion of how the collaboration between thearchitectures could be structured to prevent maintainability problems on the Armside. When those details are resolved, the patches could pave the way fortransparently running Arm-based virtual machines (VMs) on s390 hosts at native ornear-native speeds.
  

• Security updates for Tuesday
  Security updates have been issued by AlmaLinux (kernel, kernel-rt, libcap, LibRaw, openssh, thunderbird, and tigervnc), Debian (libarchive and lxd), Fedora (chromium, insight, nodejs20, rust-sequoia-git, and uriparser), Mageia (kernel, kmod-virtualbox), Oracle (kernel, libcap, thunderbird, and uek-kernel), Red Hat (.NET 10.0, .NET 8.0, .NET 9.0, fence-agents, sudo, and systemd), Slackware (httpd), SUSE (freerdp, hauler, helm, himmelblau, kernel, libspectre, thunderbird, trivy, and xen), and Ubuntu (curl, exim4, and sed).

• The retirement of the PHP license
  The PHP project has long shipped under its own license — except forthe parts under the Zend Engine License. The PHP project has now announcedthat the PHP license has been retired, and the PHP code has been relicensedunder the three-clause BSD license. See thisblog entry for more details.
  Getting here required more than writing an RFC. The PHP License gives the PHP Group the authority to change it, which meant tracking down each of the original PHP Group members and getting their written consent. Each approved the proposal. Perforce Software, the successor to Zend Technologies, needed to sign off on the Zend Engine side, as well. They provided a formal letter confirming their full authority and support for the change. I hired an attorney to review the proposal and provide advice on any legal questions that might surface during the discussion period. Speaking of which, I allowed for a six-month community discussion period preceding the vote, which passed unanimously.
  LWN covered the license-change process back in March.

• Alpine Linux systems currently offline
  The Alpine Linux account on fosstodon.org reportsthat all systems hosted at Linode, including its GitLab instance,"are suspended at the moment due to some billing issue". Theyare working to get it resolved, but in the meantime all of theirservices appear to be down.
  
  Update: Alpine Linux's servers are back online.
  
  
  

• [$] Bug-monitoring expectations and Fedora GNOME packages
  For a number of years, users submitting bugs reports against GNOME packages in Fedora havereceived an auto-reply saying that the reports were not activelymonitored; users were encouraged to file bugs with GNOME upstream instead. However,that practice seems to be in conflict with the Fedora Engineering SteeringCommittee (FESCo) policythat package maintainers "deal with reported bugs in a timely manner". OnApril 28, FESCo discussed the disconnect between practice and policy; so far,it has only opted to tweak the wording of the automatic response.
  

• NetHack 5.0.0 released
  Version 5.0.0of the NetHackdungeon-exploration game, a distant relative of Rogue andHack, has been released. NetHack's code is now compliant with theC99 standard, and the release includes more than 3,100bug fixes and changes, detailed in doc/fixes5-0-0.txt(may contain game spoilers). Saved games from previous versions willnot work with NetHack 5.0.0.
  

• Security updates for Monday
  Security updates have been issued by AlmaLinux (kernel, libcap, libtiff, sudo, and thunderbird), Debian (dovecot, imagemagick, incus, kernel, libexif, linux-6.1, openjdk-25, pyasn1, python-aiohttp, and thunderbird), Fedora (chromium, firefox, GitPython, glibc, insight, krb5, nano, nss, openssh, openvpn, perl-CryptX, python3.14, rust-openssl, rust-openssl-sys, rust-sequoia-git, and xen), Oracle (dtrace, fence-agents, grafana-pcp, libcap, libtiff, sudo, and xorg-x11-server-Xwayland), Red Hat (buildah, fence-agents, firefox, java-11-openjdk with Extended Lifecycle Support, LibRaw, nodejs24, nodejs:24, openssh, python-pyasn1, resource-agents, thunderbird, tigervnc, xorg-x11-server, and xorg-x11-server-Xwayland), Slackware (mozilla), and SUSE (avahi, curl, freeipmi, freerdp, google-guest-agent, google-osconfig-agent, gvim, helm, himmelblau, java-1_8_0-openjdk, kernel, krb5-appl-clients, libsodium, libssh, libtiff-devel-32bit, ntfs-3g_ntfsprogs, openCryptoki, openexr, ovmf, PackageKit, python-jwcrypto, python-Mako, python-PyNaCl, python311, python311-pypdf, sed, trivy, and vim).

• Kernel prepatch 7.1-rc2
  The second 7.1 kernel prepatch is out fortesting. "It's not small, and while it's a bit early to say for sure, Ido suspect we're seeing the same continued pattern of more patches thanusual - probably due to AI tooling - that we saw in 7.0."

• Eden: NHS goes to war against open source
  Terence Eden reportsthat the UK's NationalHealth Service (NHS) is preparing to close almost all of its open-source repositories as aresponse to LLM tools, such as Anthropic's Mythos, becoming moresophisticated at finding security vulnerabilities. He does not, to putit mildly, agree with the decision:
  
  The majority of code repospublished by the NHS are not meaningfully affected by any advancein security scanning. They're mostly data sets, internal tools,guidance, research tools, front-end design and the like. There isnothing in them which could realistically lead to a securityincident.
  
  When I was working at NHSX during the pandemic, we were soconfident of the safety and necessity of open source, we made sure theCovid Contact Tracing app was open sourced the minute it was availableto the public. That was a nationally mandated app, installed onmillions of phones, subject to intense scrutiny from hostile powers -and yet, despite publishing the code, architecture and documentation,the open source code caused zero securityincidents.
  
  Furthermore, this new guidance is in direct contradiction to theUK's TechCode of Practice point 3 "Be open and use open source" whichinsists on code being open.
  

• [$] Version-controlled databases using Prolly trees
  Modern database and filesystems make pervasive use ofB-trees, which are treestructures optimized for storing sorted lists of keys and values on blockdevices.Dolt is an Apache 2.0-licensed project that makes clever use of avariant of a B-tree to support efficient version control for an entire database.The data structure it uses could well be of interest to other projects.
  

Linux Insider"LinuxInsider"

• Edera Is Closing the GPU Security Gap for Autonomous AI
  As AI agents move into production, traditional container security is failing at scale. Edera is addressing this gap with hypervisor-based isolation designed for GPU-heavy, multi-tenant environments. The post Edera Is Closing the GPU Security Gap for Autonomous AI appeared first on LinuxInsider.

• Super Productivity App: The Closest Ive Come to a Workflow That Sticks
  Super Productivity stands out with flexible workflows, offline-first design, and free syncing. It adapts to how you work instead of forcing structure, making it one of the most practical tools I've used. The post Super Productivity App: The Closest Ive Come to a Workflow That Sticks appeared first on LinuxInsider.

• ClusterAPI Simplifies Provisioning but Leaves Ops Gaps
  ClusterAPI simplified Kubernetes provisioning, but operations remain complex. Teams still must correlate fragmented signals across systems, driving demand for AI-driven visibility and faster issue resolution. The post ClusterAPI Simplifies Provisioning but Leaves Ops Gaps appeared first on LinuxInsider.

• Percona, Chainguard Advance Secure-by-Default Open-Source Databases
  Percona and Chainguard aim to cut CVE patching and reduce overhead with secure-by-default images for open-source databases. The post Percona, Chainguard Advance Secure-by-Default Open-Source Databases appeared first on LinuxInsider.

• Rocky Linux Expands Into Enterprise AI Infrastructure
  CIQ is expanding Rocky Linux with enterprise and AI-focused versions designed to simplify deployments and improve GPU performance. The post Rocky Linux Expands Into Enterprise AI Infrastructure appeared first on LinuxInsider.

• The Patching Paradox Driving Most Breaches
  More than half of breaches occur after fixes are available, revealing an execution gap as delayed patching turns known vulnerabilities into ongoing enterprise risk. The post The Patching Paradox Driving Most Breaches appeared first on LinuxInsider.

• Lock Down Your Linux Laptop on Public Wi-Fi
  Public Wi-Fi exposes Linux systems to monitoring, spoofed networks, and data interception. This guide shows how to secure your device with VPNs, firewalls, and browser protections. The post Lock Down Your Linux Laptop on Public Wi-Fi appeared first on LinuxInsider.

• Percona Spins Off Everest DBaaS Into OpenEverest Project
  Percona is moving its Everest DBaaS platform into OpenEverest, a community-driven project focused on governance, vendor neutrality, and modern data infrastructure. The post Percona Spins Off Everest DBaaS Into OpenEverest Project appeared first on LinuxInsider.

• Oracle Declines Community Proposal for Neutral MySQL Foundation
  More than 500 developers are urging Oracle to consider a vendor-neutral foundation for MySQL, warning that limited community input could slow innovation and fragment the ecosystem. The post Oracle Declines Community Proposal for Neutral MySQL Foundation appeared first on LinuxInsider.

• How to Harden Firefox for Better Security on Linux
  This guide shows how to install the latest Firefox build on Linux and adjust key settings to reduce tracking, limit telemetry, and strengthen browser security. The post How to Harden Firefox for Better Security on Linux appeared first on LinuxInsider.

• Taiwan cops say student's radio kit brought bullet trains to a standstill
  Investigators spent weeks unravelling enthusiast's bedroom project

• GNOME may rule Ubuntu Resolute Raccoon, but X.org isn't roadkill yet
  Seven official flavors offer alternatives to the default Wayland-only desktop – and Xfce looks like the leanest

• Iran cybersnoops still LARPing as ransomware crooks in espionage ops
  MOIS-linked cyber outfit puts on a ransomware show to disguise the wide-open backdoor behind the scenes

• Young evil genius forces hamster to run on wheel to power his gadgets
  Okay, the rodent was a willing participant - after all, who turns down treats for a spin that charges a phone?

• AWS lets agents drive its virtual cloudy desktops – which could cost 500,000 tokens per click
  Vendor benchmark finds APIs let you do the job faster and cheaper

• Firefox integrates an ad-blocker, but not to block ads
  It's in Waterfox too, and there it does what you'd expect

• Mars rover hits rocky snag with power tool
  All driller, no filler

• The network password was a key plot point in one of the most famous movies of all time
  Fortunately, it was a legit contractor who guessed it

• Chrome silently installs a 4 GB local LLM on your computer
  You did remember to opt out of AI, didn't you?

• Home Office seeks three CTOs to keep borders, passports, and core IT ticking
  Roles span eGates, passports, visas, asylum applications, and enterprise services – yours for up to £105K

• Minister gives Palantir's NHS platform a clean bill of health
  £330M contract defended as value for money despite concerns over IP and lock-in

• Neocloud IREN buys OpenStack champion Mirantis
  Former bitcoin miner plans to build an easier cloudy AI on ramp while remaining a friend to FOSS

• Datacenter to become Arm’s biggest business ‘soon’
  Someone other than Meta is buying $1bn of its new AGI chips

• Using AI to click around on a website burns 45x as many tokens as just using APIs
  For AI agents, seeing is expensive

• Claude hitches ride on SpaceX's datacenter capacity
  Compute from Colossus leads to relaxed limits

• Musk has never built a wafer fab, but he wants to burn $119B on one anyway
  Initial phases of SpaceX's Terafab project in rural Texas are expected to cost about 1.25 Twitters

• Arctic Wolf kicks 250 employees out of the pack to save money for AI
  Cuts appear to hit sales, product, and marketing, accounting for under 10% of staff

• 1 in 8 employees totally cool with selling work credentials
  13% say they’ve sold logins or know someone who has, survey suggests

• We've only gone and done it: Changed what you're used to
  A new coat of paint

• Locked, stocked, and losing budget: AI vendor lock-in bites back
  Execs in the C-suite thought they could swap models in a week. They were hallucinating

• Anthropic's magic code-sniffer: More Swiss cheese than cheddar, for now
  AI vuln-hunter finds what humans taught it to find. Funny that

• AI quota inflation is no token effort. It's baked in
  We've been here before. This time, we may not get out

• QUIC will soon be as important as TCP – but it's vastly different
  Deciphering the third transport protocol's four RFCs is a task to rival the proverbial blind man trying to understand an elephant

• The only technology that died more times than VR is AI, and that seems to have worked out
  The perfect combination of hardware and experiences will arrive, no matter what Zuck and Neal Stephenson think

• What happened when AI ran into the cold hard reality of the legal profession
  Hallucinations don't fly in a court of law

• Apple's chips are the core of a new landscape, but its biggest win is Windows
  Walled gardens make more sense when it's an AI-lligator infested swamp outside

• Google is to journalism what Vikings were to monks. Now their man will run the BBC
  Canny planning or dangerous compromise? Matt Brittin takes the hotseat at a pivotal moment

• Calling out corporate BS? There's a steaming pile to aim for
  Your instinctive revulsion is spot on. Follow your nose

• DRAM drought to dog AMD's chips this year
  Commercial PC demand expected to cushion broader slowdown

• AI layoffs backfire as cutting staff doesn't cut it, firms warned
  Replacing meatbags with failure prone agents isn't the gold mine some CEOs hoped for

• Ruby inventor Matz working on native compiler with AI help
  Matz gets together with Anthropic's Claude to create an experimental ahead-of-time compiler for Ruby – though with many limitations

• IBM tried to kill Tab navigation. Microsoft told it Bill Gates' mother wasn't interested
  Big Blue escalated the OS/2 keyboard squabble through seven layers of management. Redmond's answer? Nope

• UK age-gating plans risk breaking the internet, privacy groups warn
  Activists say ministers are targeting access rather than Big Tech's data-hungry business models

• It's always DNS: Denic says sorry for crashing Germany's internet
  Major .de domains experienced hours-long outage after registry distributed faulty signatures

• UK puts £20.5M behind 'numberplate for the skies' to keep tabs on drones
  Remote ID system will log aircraft identity and location as ministers try to stop rogue flyers grounding airports

• It's game over for Copilot on Xbox
  Microsoft winds down console AI assistant as new boss says it no longer fits the plan

• Britain says Skyhammer drone interceptor passed Jordan tests with flying colors
  MoD eyes Middle East exports after desert trials of Cambridge Aerospace system

• Planning and land searches hit by IT problems in 3 councils following SaaS migration
  EXCLUSIVE: Searches go missing, house sales fall through, and a 5G mast erected by mistake

• India orders infosec red alert in case Mythos sparks crime spree
  Securities regulator urges market players to develop new strategies and nail cyber-basics before AI models fuel mass attacks

• Anthropic comes for the midmarket software spend
  Backed by private equity and banking giants, it will build custom AI systems for business bottlenecks

• OpenAI exec says company hopes to burn $50B of somebody else's money on compute this year
  If the numbers are large enough, perhaps we won't question the math

• Viva la revolución: LinkedIn profile visitor lists belong to the people, says Noyb
  GDPR Article 15 doesn't care if you want to make money by selling users' data back to them

• Astera speaks softly and carries a big switch
  High-speed connectivity without NVLink baggage

• Anthropic wants Claude to play with money, unleashes finance agents
  Always bet on backpropagation

• IBM asks DBAs to trust AI to act on their behalf
  With help from Google and Intel, Big Blue brings new automation to Db2

• ServiceNow clears agents for landing with new AI control tower
  ServiceNow acquisitions Veza and Traceloop join to monitor agents and AI workflows

• DIY mystery box will wow your friends by hinting at what the ionosphere is up to
  A rough guide to when your signal will behave, or not

• Attackers are cashing in on fresh 'CopyFail' Linux flaw
  Researchers dropped a reliable root exploit and it didn’t sit idle for long

• OpenClaw, but in containers: Meet NanoClaw
  A smaller, security-conscious take on the viral AI agent platform

• Open source registries don't have enough money to implement basic security
  Free beer is great. Securing the keg costs money

• Contain your Windows apps inside Linux Windows
  Can't live without Adobe? Get on board WinBoat – or WinApps sails a similar course

• More missions, less money, higher risk: NASA's back to the '90s playbook
  Faster, better, cheaper is back and history suggests you can't get all three at the same time

• Bun posts Rust porting guide, says rewrite is still half-baked
  Zig's no-AI policy is at odds with view that most open source code will be AI-written in future

• Real estate giant confirms vishing incident as ShinyHunters and Qilin both come knocking
  Cushman & Wakefield activated incident response protocols after serial extortionists issued separate threats

• SAP dives deeper into Iceberg with Dremio acquisition
  ERP giant previously leaned on Databricks for integration

• VMware claims Cloud Foundation on track for world domination
  Delivers update aimed at reducing hardware bill shock

• ShinyHunters claims dump puts 119K Vimeo emails in the wild
  Vimeo points finger at analytics supplier Anodot, says no logins or card data were touched

• Brit mathematician lets AI agent loose with credit card – cue password leaks, CAPTCHA chaos and more
  Professor Fry's AI experiment shows light and dark sides of agentic tech

• Romance scammers turn sweet talk into £102M payday
  Victims losing £280K a day to fake profiles and sob stories

• Vodafone dials up full control of joint venture with Three in £4.3B deal
  CK Hutchison takes early cash as UK mobile tie-up moves ahead of schedule

• Unexpected item in Windows' bagging area
  Activating Windows will cost more than a couple of cheap carrier bags

• NHS to close-source hundreds of GitHub repos over AI, security concerns
  Healthcare giant's maintainers handed May deadline to enact the change

• Microsoft's bad obsession is showing up in shabby services and slipshod software. Here's proof
  If you can't bother to keep GitHub running, why should we bother with you?

• Classic ASCII game NetHack debuts version 5.0 just 11 years after last major release
  New monsters! New magic items! An Arm port! And compliance with a dead C standard

• Microsoft to stop taking reservations for 17 Azure VM flavours, kill 13 in 2028
  Haswell’s had its day and Skylake and Cascade Lake are draining away

• Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
  Vendors all use different formats. This tech translates them all so you can smooth your SOC

• Bad news for OpenClaw stans: Apple’s Mac Mini now starts at $799
  The tiny desktop is no longer Apple's most affordable computer

• Microsoft fixes VS Code after app gives Copilot credit for human's work
  Devs not thrilled that Git extension added the bot as co-author by default

• Kids say they can beat age checks by drawing on a fake mustache
  46% say age checks are easy to bypass, and nearly a third admit getting around them

• Hobbyist xenomorphs Raspberry Pi into Alien-themed DIY laptop
  Everything you need to build the PS-85 is available from its designer's website, even if you can't get to space

• Hands off my trademark! Notepad++ dev threatens legal action against macOS port
  It's not the fork that's the problem, it's the attempt to make it look official, says original Notepad++ dev Don Ho

• Inside Amazon Web Services' plan to make networking disappear
  The Register gets a look inside AWS' networking lab in Cupertino

• Shadow IT has given way to shadow AI. Enter AI-BOMs
  'If you don't have visibility, you can't understand what to protect'

• AI inference just plays by different rules
  Why no cloud storage architecture was designed for what agentic AI is about to demand

• Moving to mainframe can be cheaper than sticking with VMware: Gartner
  Serious Linux VMs will enjoy big iron – if you can learn to love lock-in risks and skills challenges

• If the vote you rocked, your personal info can be grokked
  Even limited voter rolls can be linked to identify people, research shows

• How TeamViewer ONE transforms IT operations from firefighting to autopilot
  Forget 'have you tried turning it off and on again?' Agentic AI support systems now seek and destroy tech issues before they're a problem.

• Hope your holiday was horrid: You botched the last thing you did before leaving
  That box-full-of-old-tech-you-should-probably-have-thrown-out-but-kept-just-in-case got a techie in trouble

• Ask.com, former home of search butler Jeeves, closes just as conversational search comes back
  Like actual butlers, this relic of the first dotcom boom has been a quaint anachronism for decades

• Five Eyes spook shops warn rapid rollouts of agentic AI are too risky
  Prioritize resilience over productivity, say CISA, NCSC and their friends from Oz, NZ, Canada

• Just in time for Labour Day, China makes it illegal to fire humans if AI takes their jobs
  PLUS: Samsung cashes in on RAM prices; Booze from space fetches huge price; China's hyperscalers surge

• Microsoft's turned Windows into a cesspool, but it wants to do better
  Windows is a mess, GitHub keeps wobbling, Copilot draws flak - what’s wrong at Redmond?

• Inference is giving AI chip startups a second chance to make their mark
  In a disaggregated AI world, Nvidia can be both a friend and an enemy

• Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents
  Take those token limits and shove them by vibe coding with a local LLM

• UK drivers' agency shrugs off claims of week-long booking site smashes, blames browser configs
  Agency insists everything is working fine, even though users spend days failing to load it

• Brace for the patch tsunami: AI is unearthing decades of buried code debt
  Britain's cyber agency says the bill for years of technical shortcuts is coming due, and it's arriving all at once

• ServiceNow under siege as Atlassian adds to ITSM take-outs
  CEO Mike Cannon-Brookes touts 'largest ever quarter for competitive displacements'

• Linux 7.1 will have an optional new NTFS driver
  Good news for those working with Windows, bad news for Paragon Software

• Decades-old Linux UI bug fixed by dev younger than the window manager
  Kamila Szewczyk prefers old software, as back then people understood something could actually be finished

• Forking frenzy ensues after Euro-Office launch sparks OnlyOffice backlash
  Meanwhile, Collabora splits from LibreOffice Online amid claims TDF ejected 'all Collabora staff and partners'

• SystemRescue 13 lands with Linux 6.18 and bcachefs support
  And other handy tools that could save your data in a crisis

• Artemis III aims for 'late 2027' for Earth orbit demonstration
  SpaceX and Blue Origin will absolutely be ready in time. Definitely

• Where to buy a non-Apple, non-Google smartphone
  Both Cupertino and Google are imposing ever stricter limits on their phones – but you have alternatives

• CIOs ready for another role-change as AI becomes agent of chaos
  If software writes software the risk is “systematic failure at scale”. Someone needs to take charge, argues Forrester

• That old phone in the kitchen drawer could save an industry
  Users have less cash to burn and less patience for AI in new models... now where to get the used stock

• First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed
  Exploitation was underway before patches landed, at least one victim reports ransomware demand

• Microsoft releases first big update after Nadella's vow to 'win back fans'
  Lots of fixes, some performance tweaks. Fingers crossed there's no out-of-band patch to follow

• OpenAI locks GPT-5.5-Cyber behind velvet rope despite slamming Anthropic for doing exactly that
  Altman's crew now doing the same gatekeeping it recently mocked

• SpaceX rocket set for unintentional Moon landing – well, a piece of it anyway
  But unlike most junkers, it'll be traveling faster than the speed of sound, claims astronomy software dev

• Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
  313 Team tells Canonical: pay up or the packets keep coming

• Who needs ghost train scares when Windows is such a fright?
  Things that go bork in the night

• Passport to £££: Home Office adds £216M to travel doc contract before a single bid's been placed
  Start date pushed back a year, annual cost up a third, and UK's now handing out eight million passports a year

• User found the perfect formula to make Excel misbehave
  For once, Oracle ERP wasn’t the problem

• Anthropic sues US government after unprecedented national security designation
  Brands Trump administration decision 'legally unsound' and has 'no choice but to challenge it in court'

• Qualcomm teases ‘dedicated CPU for agentic experiences’ and ‘agentic smartphones’
  Enters the custom AI silicon business with secret silicon for an un-named hyperscaler

• Fujitsu confirms mainframe biz to die in 2035, in time for quantum AI supercomputers to take over
  In talks with Japan, the UK, and Australia on defense tech that can ‘contribute to global stability’

• ICANN opens applications for new generic top-level domains for the first time since 2012
  $227k gets you a hearing for your dot.vanity project, or strings in one of 27 scripts

• The never-ending supply chain attacks worm into SAP npm packages, other dev tools
  Mini Shai-Hulud caught spreading credential-stealing malware

• Govern your bots carefully or chaos could ensue
  Stop the sprawl!

• Firefox maker torches Google for building Prompt API into browser
  Mozilla fears wiring an AI API into Chrome will make the web less open

• Bot her emails: most modern phishing campaigns are AI-enabled
  KnowBe4 says 86% of phishing it tracked used AI, and inboxes are only the start

• Mythos complicates the breakup, says Pentagon CTO, but Anthropic is still barred
  Emil Michael says agencies are evaluating the cybersecurity model, not deploying it

• Google Cloud Next proves what we suspected: Everything is AI now
  Join us for this week's Kettle as we dive into GCN and the latest not-so-alarming revelations about Mythos

• It's a myth that you need Mythos to find bugs: Open source models can do it just as well
  OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs

• Google stuffs Gemini into Android Studio Panda 2 to build apps from prompts
  The card game bridge could be a bridge too far for Mountain View's AI

• Dev stunned by $82K Gemini bill after unknown API key thief goes to town
  Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed

• Anthropic admits it dumbed down Claude when trying to make it smarter
  System changes and bugs overlapped to create the impression of general decline

• Anthropic's super-scary bug hunting model Mythos is shaping up to be a nothingburger
  Hackpocalypse deferred

• FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
  One alleged cyber contractor was extradited to the US over the weekend

• Phone users know when to hold ’em, delay upgrades amid inflation
  Analyst says handsets now stay in pockets for 4.2 years on average

• Bandwidth hogs rejoice, Celestica's latest switch is bristling with 64 ports of 1.6 Tbps Ethernet
  Networking kit arrives just in time for Nvidia's 1.6 Tbps ConnectX-9 NICs

• Google's fix for critical Gemini CLI bug might break your CI/CD pipelines
  This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows

• French prosecutors link 15-year-old to mega-breach at state’s secure document agency
  Two computer crime allegations follow up to 18M lines of data surfacing online

• Zed team releases version 1.0 of Rust-built editor: Traditional editor and AI tool
  Team wins praise for adding 'disable all AI features' setting for devs who want a code editor to be only a code editor

• AWS says acute server memory shortage is driving customers to the cloud
  When you can't get 'em with a 'transformation plan,' supply chain pain will do the job

• Survey says no, American workers are not keen on Microsoft's AI
  Lock-in worries threaten to dampen the E7 launch party

• SAP user group slams 'uncertainty' in ERP giant's API policy
  Concerns over new rules might stop customers from adopting innovations – including AI – that connect to SAP systems

• Microsoft boss tells investors the company is working to 'win back fans'
  But why did those fans go away in the first place, Satya?

• Fewer users, fatter wallets is why Anthropic tops OpenAI in LLM revenue stakes
  AI boom splits between companies hoarding eyeballs and those actually charging for them

• Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005
  Turns out the real problem is not AI but staff still clicking on dodgy emails from 'IT support'

• Ongoing supply-chain attack 'explicitly targeting' security, dev tools
  Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump

• Cursor-Opus agent snuffs out startup’s production database
  Relax, the data's been recovered. Continue with your vibe coding

• Medical and utility tech companies admit digital breakins
  Itron, Medtronic disclose breaches in Friday filings

• Cybersec is a thankless job: expanding workload and shrinking pay packet
  Global recruitment giant says 71% of human firewalls saw wages stagnate last year as threats and responsibilities grew

• Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt
  Security giant says attackers grabbed 'limited set' of data. Crooks claim 10 million records

• AI's not going to kill open source code security
  Cal.com considers AGPL a license to drill, but not everyone feels that way

• Crime crew impersonates help desk, abuses Microsoft Teams to steal your data
  Coming in cold with custom Snow malware

• ShinyHunters claim they have cruise giant Carnival's booty as 7.5M emails surface
  Leak-site bragging meets breach hunters as Have I Been Pwned flags millions of records

• What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
  Just in time for the Trump-Xi summit

• Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
  Emergency patches out now for those managing the millions of domains assumed to be affected

• Met Police's Palantir deployment has its own officers watching their backs
  Federation warns members to ditch work devices off duty as force uses AI to probe 600+ cops

• Britain's £6B armoured sickener Ajax cleared for duty despite injuring troops
  Investigation finds no single cause for soldiers falling ill, just bad bolts, cold air, and apparently the soldiers themselves

• Finance company stores DB credentials in helpfully labeled spreadsheet
  Great idea, guys. Let's keep all of the data in an Excel file with weak password protection

• Microsoft levels up Azure Local to make it fit for large-scale sovereign clouds
  Can now use SANs for storage, and adds a local control plane and key management

• ZTE partners with China's National Clinical Research Center for Interventional Medicine to build a new paradigm of smart interventional medicine
  ZTE and NCRCIM leverage 'CardioMind' AI and full-stack computing to drive global healthcare equity

• Google to sell its TPUs to some customers, who also fancy big-G GPUs
  AI is driving more searches and ads

• Microsoft lifts 2026 AI spend by $25 billion to cover component price rises
  Will write checks for $190 billion and even those megabucks may not satisfy demand

• Linux cryptographic code flaw offers fast route to root
  Patches land for authencesn flaw enabling local privilege escalation

• Amazon chips no longer just a side dish, they're a $20B biz
  The Trainium train keeps a-rollin'

• Researchers move in the right direction, develop powerful GPS interference alarm
  ORNL says portable detector kit can separate real GPS signals from fake ones even at equal strength

• UK watchdog targets Microsoft licensing in cloud competition probe
  CMA to assess whether the company's terms unfairly favor Azure over rival platforms

• Remote or not, workers are drifting back toward the city
  Global hiring data shows employees relocating nearer major hubs, reversing pandemic-era shift

• Google says it will let UK publishers opt out of AI overviews
  One search engine switch to rule them all in Google's response to UK competition watchdog

• Tencent says small clouds can’t get hardware, so big clouds can hike prices
  Baidu joins the Chinese cloud price rise party

• AWS giveth with its right hand and breaketh with its left
  Never attribute to malice what can be adequately explained by one very large org chart

• BBC World Service digital switch backfires as online audience drops
  MPs say the Beeb closed broadcast services expecting audiences to migrate online, but digital reach has fallen instead

• AWS S3 turns 20 and reaches ‘hundreds of exabytes’
  Cloudy storage service's scale gave it a hefty cultural footprint

• Iranian news service claims drone strikes on AWS were deliberate, to probe for US datacenter dependencies
  Remember: Truth is the first casualty of war

• Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
  Second try's a charm?

• Legacy TLS tour continues with Exchange Online blocking old versions from July 2026
  Microsoft readies the axe once again for yesterday's security

• Databricks can't seem to shake authors' copyright claim that could result in 'extraordinary' damages
  Authors say it acquired an LLM that was trained on their copyrighted data, and judge keeps asking for more info

• Fedora 44 is out – countless versions of it
  New sealed bootable container images and Stratis storage, too

• Cloudflare says autocrats, wars and elections caged the internet in Q1
  Iran went dark twice, AWS got droned, oh and TalkTalk broke something it refuses to talk about

• Yet another experiment proves it's too damn simple to poison large language models
  There is no 6 Nimmt! champion, but a $12 domain registration and one Wikipedia edit convinced several bots there was

• NASA boss: make Pluto a planet again
  Despite looming science cuts, Isaacman finds resources to poke the planetary hornet nest

• CISA flags data-theft bug in NSA-built OT networking tool
  GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough

• AWS plants more tombstones in the application graveyard
  Eleven up, ten down

• GitHub: Zounds, a genuinely helpful AI-assisted bug report that isn't total slop! Here, Wiz, take this wad of cash
  Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award

• AWS keynote hypes AI as magic. Its own engineers tell a different story
  No shortcuts, human-review everything, says internal team - and keep hiring junior developers

• Microsoft opens door to the past by releasing 86-DOS and PC-DOS 1.00
  Back to a time when source repositories were printouts and commits were hand-written notes

• US clarifies mobile hotspots part of foreign router ban despite rarity of American made consumer kit
  Silicon often from US, but the kit from APAC and elsewhere

• ZTE reports first-quarter revenue of RMB 35.0 billion, up 6% YoY, with computing revenue mix rising to 27%
  AI infrastructure and international growth offset domestic carrier shifts as 'Connectivity + Computing' strategy takes hold

• To fix this Wi-Fi network, we'll need a crane
  Won't somebody think of the children not being hit by a load of building materials?

• TUIT and ZTE unveil new initiatives for student internships and tech employment
  Empowering Uzbekistan’s digital future through international hackathons, AI integration, and advanced internship pathways

• Phone-to-satellite use goes into orbit, growing 25% in 8 months
  Still only a tiny slice of mobile activity overall

• EU waves through open source age-check tool to keep kids safe online
  'Online platforms can rely on our app,' says Commish, 'there are no more excuses'

• GitHub says sorry and vows to do better as uptime slips and devs complain
  After Hashicorp co-founder blasts the source shack and numbers slide

• Wind Telecom Dominican Republic and ZTE join forces to accelerate smart home innovation
  Elevating residential connectivity with AI-driven network optimization and secure cloud-based home monitoring solutions

• ZTE ensures 2026 Jiangsu Football City League opening ceremony with 5G-A, powering robot traffic police debut
  Pioneering the future of smart sports with the world’s first practical deployment of 5G-A 'EasyOn·Robot' private networks for humanoid traffic police

• ZTE and XLSMART officially launch Innovation Center in Jakarta, accelerating 5G-advanced and AI readiness for Indonesia
  Driving cross-sector digital transformation through collaborative 5G-A research and AI-powered network solutions

• GoDaddy customer claims registrar transferred 27-year-old domain without any security checks
  32 phone calls, 17 email chains, a 5-day ordeal, and no help during the daddy of all stuffups, claim those affected

• AI clause in new SAP API policy has partners worried over lock-in
  Expert says it could push customers and partners to work with undocumented APIs

• Bork in Prague: SUSE's keynote gods demand their tribute
  Linux vendor touts European independence while rate limits, Chromium popups, and cold sparks steal the show

• 30 ClawHub skills secretly turn AI agents into a crypto swarm
  Yet another reason not to feast on OpenClaw

• When robots join the race: 5G-A powers a new kind of marathon
  Human and humanoid runners share the track as next-gen connectivity underpins real-time AI performance

• Hashicorp co-founder Mitchell Hashimoto says GitHub ‘no longer a place for serious work’
  Bemoans frequent outages that mean he’ll move Ghostty elsewhere

• Future holiday horror: ‘A robot lost my luggage in Tokyo’
  Haneda airport will start testing humanoid robots, because everything that gets a plane flying was designed for our species

• The future of software development: Now with less software development
  At AI Dev 26 x SF, code slingers confront their relationship with AI

• Oracle plans to power its New Mexico mega datacenter with a 2.45GW fuel cell farm
  No sense in OpenAI stressing over its cloud bills if Oracle can't get the lights on

• Securing the Untrusted Agentic Development Layer
  Join us to learn how to architect a development environment where your builders and their agents can move fast and securely.

• Cloudera had US candidates send resumes to a fake email address, DoJ charges
  PERM filings require employers to show American workers had a fair shot at the role

• OpenAI jumps out of Microsoft's bed, into Amazon's Bedrock
  Altman's gaggle of GPTs now available in limited preview in an AWS region near you

• Don't pay Vect a ransom - your data's likely already wiped out
  'Full recovery is impossible for anyone, including the attacker'

• Trump admin pays wind developers to quit, back fossil fuel projects
  DoI offers up to $885M if they abandon offshore wind projects

• Vintage chatbot lives in the past like an elderly relative
  Talkie's training data stops at the end of 1930, and its creators hope it'll help us better understand how AI thinks

• IBM's AI coding 'partner' Bob hits general availability
  80,000 internal guinea pigs, Bobcoins, mainframe dreams and a name that really should have raised more flags

• Amazon unveils a Copilot for all your apps
  Retailer touts 'teammates' and always-on context as it muscles into an already crowded enterprise market

• Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
  Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump

• Despite proposed science cuts, NASA boss says 'We haven't canceled anything yet'
  That 'yet' is sure doing a lot of heavy lifting if the budget for science is slashed

• SpaceX dusts off Falcon Heavy for first flight in 18 months
  Side boosters to make simultaneous touchdown while center core takes one for the team

• Solid-state batteries hold more juice, but keep cracking up. Now researchers know why
  Two teams, similar diagnosis: Ceramic electrolytes still refusing to cooperate

• Nancy Grace Roman Space Telescope trumps Trump cuts, is launch-ready ahead of schedule
  Revolutionary telescope aiming for space after multiple near death experiences

• NASA reckons the Artemis II heat shield performed like a champ
  Good news for future missions as initial findings agree with agency's design decision

• FAA grounds Blue Origin's New Glenn as it probes missed satellite delivery 'mishap'
  One of two second stage engines misbehaved, administration must sign off report before flights resume

• NASA Inspector fears new spacesuits won’t be ready for Moon landing
  Dud contracts, proprietary designs, and zero-experience supplier make for quite the mess

• You too can build a nuclear battery from junk you have lying around the house
  It won't provide much juice, but its creator calls it a 'nanowatt nuclear power plant'

• Blue Origin nails the landing, but puts the payload satellite in the wrong orbit
  Wouldn't be the first time a Jeff Bezos company left a package in the wrong place

• NASA working on ‘Big Bang’ upgrade to keep the Voyagers alive for longer
  Tests scheduled for May can’t come soon enough after VGER 1 power glitch led to instrument shutdown

• NASA gets the ball rolling on its part in Europe's jinxed Mars rover mission
  Rosalind Franklin moving again, though another budget cut looms

• Tenstorrent’s Galaxy Blackhole AI servers escape the event horizon
  RISC-V-based systems pack 32 Blackhole accelerators in a 6U, $110K chassis

• Brussels orders Google to share Android's AI sandbox with the other kids
  DMA enforcers want rival assistants to get same deep device access as Gemini

• Two men charged over series of arson attacks on 5G masts
  Pair accused of creating literal flame war as bonkers conspiracy theories grow

• Microsoft Outlook for iOS still down and out for many after 'service change'
  Sign-in failures, unexpected sign-outs... just another day for users

• SUSE's sovereignty pitch meets an inconvenient $6 billion question
  Linux vendor touts European independence at SUSECON as majority stakeholder quietly explores its options

• Rust-Written Redox OS Sees Improvements For Running On Real Hardware
  Redox OS is out with its status report for April 2026. During the past month this open-source, Rust-based operating system written from scratch has seen improvements for running on real hardware as well as a wide variety of other improvements for bettering this original OS project...

• D7VK 1.9 Brings Some Hefty Performance Improvements
  D7VK continues advancing for this Vulkan-based implementation of Direct3D 7 that also supports D3D 6 / 5 / 3 APIs too for vintage games ultimately rendered using the modern Vulkan API...

• Mesa 26.1 Released With Many Improvements For Open-Source Vulkan Drivers
  Eric Engestrom just announced another timely feature release of the Mesa drivers. Mesa 26.1 is out today for this collection of predominantly OpenGL and Vulkan drivers for a variety of hardware as well as the likes of Rusticl for OpenCL, Zink for OpenGL-on-Vulkan, various Windows acceleration components, and more...

• PCIe 8.0 Spec Draft 0.5 Released For 1TB/s Bi-Directional x16 Bandwidth
  The PCI-SIG today held a briefing around PCIe 8.0 that follows the PCIe 7.0 specification that was released to members last June...

• Linux 7.2 To Integrate The AMDGPU "Power Module" To Better Align With Windows
  Sent out today was a batch of "new stuff" for the AMDGPU graphics and AMDKFD compute kernel drivers that are ready for DRM-Next to queue until the Linux 7.2 merge window happens in June. Most notable is the introduction of the AMDGPU DC power module to better align with the Radeon power management behavior under Microsoft Windows...

• Nouveau vs. NVIDIA R595 Linux Driver For Workstation Graphics Performance
  When having the HP Z6 G5 A workstation in the lab for benchmarking, one of the curiosity-driven tests was seeing how well the latest open-source and upstream Nouveau driver stack is competing against the latest official NVIDIA R595 driver for workstations. The official NVIDIA Linux driver stack remains the best positioned software solution for RTX (PRO) hardware but Nouveau continues evolving while awaiting the Nova kernel driver to reach the limelight.

• Intel9s Vulkan Linux Driver Now Supports Device Generated Commands "DGC"
  Exciting yesterday in the land of Intel's open-source Vulkan driver "ANV" for Linux systems was introducing experimental support for descriptor heaps with the VK_EXT_descriptor_heap extension. Today there is another separate exciting development for this open-source Intel driver: Vulkan device generated commands are finally merged!..

• Vulkan SC SDK Released For Safety-Critical Graphics / Compute
  Yesterday was the OpenCL 3.1 release and today is another exciting development for The Khronos Group standards: the debut of the Vulkan SC SDK for safety-critical applications...

• Dell & Lenovo Now Sponsoring The Linux Vendor Firmware Service
  Dell and Lenovo have stepped up to become premier sponsors for the Linux Vendor Firmware Service (LVFS) that provides for seamless system firmware and device/component firmware updating under Linux with the Fwupd client...

• VKD3D-Proton 3.0.1 Brings More Improvements For Direct3D 12 On Vulkan
  Hans-Kristian Arntzen of Valve's Linux graphics driver team announced the release today of VKD3D-Proton 3.0.1 for Direct3D 12 over the Vulkan API...

• AMD Expands ROCm Support On Windows WSL To More Ryzen Hardware
  Back in March AMD announced the open-source ROCDXG library for improved ROCm support on WSL (Windows Subsystem for Linux). The ROCDXG-based solution provides better ROCm compatibility within these Linux confines atop Windows 11 compared to their prior, now-legacy-based WSL support. A new ROCDXG release now available further expands the ROCm WSL2 support to more Ryzen hardware...

• AMD Geode CPU Support Being Orphaned By Linux
  For those with fond memories of the AMD Geode x86 embedded processors, the Linux kernel is set to orphan these since discontinued and obsolete CPUs...

• Intel Kernel Graphics Driver Brings Panel Replay Tunneling For Linux 7.2
  Now that the Linux v7.1 merge window is well past, Intel kernel graphics driver engineers are busy prepping new feature code for introduction for targeting the Linux 7.2 kernel this summer...

• GCC Git Lands Fix For Missing AVX-512 Optimizations On AMD Zen 6
  Last week marked the release of GCC 16.1 as the first GCC 16 stable release. While that release introduces initial AMD Zen 6 "znver6" support well in advance of those next-generation AMD processors debuting, it's not yet in perfect shape with just today two missing optimizations around AVX-512 having been merged...

• Fedora Yet To Decide On x86_64-v3 Packages For Fedora Linux 45
  Last month a Fedora Linux change proposal was shared proposing that Fedora 45 be built with x86_64-v3 packages to complement the generic x86_64 (v1) packages currently being compiled. This has the possibility of providing greater performance out of packaged Fedora software but comes with the cost of greater burdens on web mirrors, QA / testing, and related infrastructure impact. The Fedora Engineering and Steering Committee "FESCo" decided today to wait on coming to a decision over this Fedora 45 change proposal...

• Flatpak 1.17.7 To Track The Age Of Configurations For Providing Much Better Performance
  Flatpak 1.17.7 is now available for continuing to advance open-source app sandboxing and distribution on the Linux desktop. Some interesting new features are in tow with this Flatpak update plus there is also an updated XDG-Desktop-Portal release too...

• Intel9s Vulkan Linux Driver Lands Experimental Support For Descriptor Heaps
  After the merge request was open the past three months for code originally authored eight months ago, the Intel "ANV" open-source Vulkan driver for Linux systems is now advertising support for descriptor heaps with the VK_EXT_descriptor_heap extension. But for the moment at least it's treated as experimental...

• Rusticl Driver Ready To Go With OpenCL 3.1 Working On Radeon, Intel Iris & Zink/Vulkan
  The Khronos Group today announced OpenCL 3.1 as the first major spec update in six years and incorporating various features into the core spec for enhancing AI and HPC capabilities. As a very exciting development, Rusticl as Mesa's lead OpenCL driver implementation is ready to go with same-day OpenCL 3.1 support pending...

• Linux 7.1 Features: New NTFS Driver, New Intel + AMD Hardware, Performance Optimizations & Modernization
  The Linux 7.1 development kernel that amounts to nearly 40 million lines has a lot of new features and changes in tow. While Linux 7.1 stable won9t be out until mid-June, here is a look at the interesting changes coming with this next stable version of the Linux kernel.

• Intel Drivers With Mesa 26.2 Ready With Xe In Linux 7.1 To Better Handle vRAM Pressure
  Merged to the Intel Xe kernel graphics driver with Linux 7.1 is an addition to improve the video RAM memory pressure or out-of-memory behavior for Intel graphics with dedicated video memory. Introduced is support for purgeable buffer objects via a new user-space API to provide usage hints for enhancing what is purged under vRAM pressure. Merged this week to Mesa 26.2-devel is support for the Intel Mesa drivers to make use of this new interface...

• Manjaro 26.1 Preview Released With GNOME 50, KDE Plasma 6.6 & Xfce 4.20 Options
  The preview release of the Arch Linux powered Manjaro 26.1 is now available for testing...

• AMD Preps Linux For CPPC HighestFreq Feature Coming With Future ACPI Spec
  An improvement on the way for the AMD P-State Linux CPU frequency scaling driver and the Linux ACPI Collaborative Processor Performance Control (CPPC) code at large is supporting a new "HighestFreq" register to be standardized by a future revision of the ACPI specification...

• OpenCL 3.1 Released To Bolster AI & HPC Workloads
  Six years after the debut of OpenCL 3.0 in provisional form, OpenCL 3.1 was announced today by The Khronos Group...

• Qt9s Latest AI Push Is Letting AI Agents Deal With Performance Profiling
  The Qt Group announced today the QML Profiler Skill for Agentic Development. This new "skill" can delegate code performance profiling to AI agents for 2D Qt Quick applications...

• AlmaLinux 10.2 Beta Released With Legacy 32-bit Software Support
  AlmaLinux 10.2 Beta released today as their next AlmaLinux 10 release coming down the pipe and derived from the upstream Red Hat Enterprise Linux 10.2 state. Plus this AlmaLinux release continues adding more changes on their own...

• NVIDIA Looking To Create New Tool For Generating AutoFDO Profiles For GCC
  NVIDIA compiler engineers are looking to develop a standalone tool that could be upstreamed into the GNU Compiler Collection (GCC) codebase for generating AutoFDO profiles for consumption by GCC in turn for better benefiting from automatic feedback directed optimizations (FDO) in the name of better performance...

• ROCm 7.2.3 Brings Minor Updates, ROCm XIO Documentation
  Less than one month after releasing ROCm 7.2.2, the ROCm 7.2.3 is now available with some minor improvements to this open-source AMD GPU compute and AI stack...

• Valve9s Steam Controller Now Shipping
  For those eager to get their hands on Valve's new Steam Controller, the gaming controller is now shipping...

• Omarchy 3.7 Linux Distribution Overhauls Gaming Support, Adds Unified CLI
  Omarchy as the Arch Linux based desktop distribution using the Hyprland compositor and led by David Heinemeier Hansson "DHH" is out with a big OS update...

• GCC 16 Compiler Delivering Some Decent Performance Gains Over GCC 15
  With the GCC 16.1 compiler released last Thursday, I have begun running more compiler benchmarks on this first GCC 16 stable feature release. GCC 16 comes heavy on new changes in being the annual feature release and delivering changes from AMD Zen 6 and Arm AGI CPU support to new C++ features and even the Algol 68 programming language front-end. It9s also looking quite good in the performance department relative to the GCC 15 compiler from last year.

• CachyOS Switches Python To Using Tail-Call Interpreter For 5~15% Better Performance
  CachyOS is a very fast out-of-the-box Linux distribution and for those concerned about Python performance, the newest updates to this Arch Linux based distribution will provide even better performance...

• Linux File-System Proliferation A Burden: Requirements Laid Out For Any Future File-Systems
  The growing number of file-systems within the Linux kernel source tree is causing an ongoing burden for upstream developers maintaining the virtual file-system (VFS) code around it and associated code. As a result of the continuing rise of new file-systems being proposed for the Linux kernel, documentation is being introduced to establish clear guidelines for getting new file-systems accepted into the mainline kernel...

• The text mode lie: why modern TUIs are a nightmare for accessibility
  There is a persistent misconception among sighted developers: if an application runs in a terminal, it is inherently accessible. The logic assumes that because there are no graphics, no complex DOM, and no WebGL canvases, the content is just raw ASCII text that a screen reader can easily parse. The reality is different. Most modern Text User Interfaces (TUIs) are often more hostile to accessibility than poorly coded graphical interfaces. The very tools designed to improve the Developer Experience (DX) in the terminal—frameworks like Ink (JS/React), Bubble Tea (Go), or tcell—are actively destroying the experience for blind users. ↫ Casey Reeves The core reason should be obvious: the command-line interface, at its core, is just a stream of data with the newest data at the bottom, linearly going back in time as you go up. Any screen reader can deal with this fairly easily, and while I personally have no need for such a tool, Ive heard from those that do that kernel-level screen readers are quite good at what they do. TUIs, or text-based user interfaces, made with modern frameworks are actually very different: theyre 2D grid of pixels, where every character cell is a pixel. abandons the temporal flow for a spatial layout.! It should become immediately obvious that screen readers wont really know what to do with this, and Reeves gives countless examples, but the short version is this: the cursor jumps all over the place with every screen update, which makes screen readers go nuts. Various older TUIs, made in a time well before these modern TUI frameworks came about, were designed in a much more terminal-friendly way, or give you options to hide the cursor to solve the problem that way. Irssi, for example, uses VT100 scrolling regions instead of redrawing the whole screen every time something changes. I had never really stopped to think about TUIs and screen readers, as is common among us sighted people. The problems Reeves describes seem to stem not so much from TUIs being inherently inaccessible, but from modern frameworks not actually making use of the terminals core feature set. I really hope this Reeves article shines a light on this problem, and that the people developing these modern TUIs start taking accessibility more seriously.

• Using duplicity to back up your FreeBSD desktop
  Backing up in modern times, we’ve had ZFS snapshots and replication to make this task extremely easy. However, you may not have access to another ZFS endpoint for replication, need to diversify risk by using a non-ZFS tool for backup, or are simply using UFS2, living the old skool life. For these situations, my first recommendation is to lean on Tarsnap for its ease of use and simplicity, making restoration just as easy as backing up. But some situations call for a different approach. Maybe you have a strict firewall at your company that doesn’t allow Tarsnap data streams to egress from your corporate network, or you have internal/easy access to storage endpoints, such as S3-compatible object storage or a large-file storage location with SFTP access. When you are faced with the latter, the duplicity (sysutils/duplicity in ports) utility is available as an easily installable package onto your FreeBSD system. ↫ Jason Tubnor at the FreeBSD Foundation The rest of the article explains how to use duplicity on FreeBSD for the purpose described above.

• Testing MacOS on the Apple Network Server 2.0 ROMs
  Earlier this year, Mac OS and Windows NT-capable ROMs were discovered for Apple’s unique AIX Network Server. Cameron Kaiser has since spent more time digging into just how capable these ROMs are, and has published another one of his detailed stories about his efforts. Well, thanks to Jeff Walther who generously built a few replica ROM SIMMs for me to test, we can now try the 2.0! MacOS ROMs on holmstock, our hard-working Apple Network Server 700 test rig (stockholm, my original ANS 500, is still officially a production unit). And there are some interesting things to report, especially when we pit the preproduction ROMs and this set head-to-head in MacBench, and even try booting Rhapsody on it. ↫ Cameron Kaiser A great read, as always.

• Windows gets a new Run dialog
  With Windows being as old and long-running as it is, theres a ton of old and outdated bits and pieces lurking in every nook and cranny. I have always found these old relics fascinating, especially now that over the past few years, Microsoft has attempted to replace some of those bits and pieces with modern replacements (not always to great success, but thats another story). One of those parts of the UI thats been virtually unchanged since the release of Windows 95 is the Run dialog, but thats about to change: Microsoft has released a completely new Run dialog to early testers. Windows Run, also known as the Run dialog, is a surface that has been around for over 30 years. It has become a heavily relied upon tool for developers and advanced users alike. Users have decades of muscle memory where they hit Win+R, navigate through their Run history, and hit Enter to quickly access various paths and tools. We all have our favorite tool we launch there as well. For us, some of our favorites are wt (Windows Terminal), mstsc (Remote Desktop) and winword (Microsoft Word). But it’s more than jUsT a TeXt BoX tHaT rUnS tHiNgS. The Run dialog can handle navigating both local and network file paths as well. And everything it does, it does fast. Win+R opens the run dialog seemingly instantly. If we wanted to modernize the Run Dialog to fit the modern Windows 11 design style, we had to make sure it did everything just as well as before. We needed to maintain the same performance while also keeping the user interface minimal, just as Windows 95 intended. ↫ Clint Rutkas at the Microsoft Dev Blogs The new Run dialog looks like it belongs in Windows 11, which is a nice improvement, but the most important part is that they actually seem to have made it a little faster. Sure, they may have only shaved off a few milliseconds from its opening time, but considering virtually everything else theyve touched in Windows over the years got considerably slower, thats a good showing for Microsoft. The new feature theyve added is that by typing ~\, you can open your home directory. The one casualty is the browse button, which according to Microsofts data, literally nobody ever used. I know its just a small thing and in the end not even a remotely consequential one, but with an operating system as old and storied as Windows, replacing these ancient parts that millions of people rely on every day absolutely fascinates me. There must be a considerable amount of pressure on the people developing something like this new Run dialog, especially with Windows reputation being at one of its lowest points, so its good to see them being able to deliver. The new Run dialog is available today for testers, and if youre on the Windows Insider Experimental Channel, you can enable it in Settings > System > Advanced. Coincidentally, on my Windows 11 machine that I use for just one stupid video game, this Advanced page displays a loading spinner for five minutes and then just dies. Also, Notepad wont start (one time it showed this dialog), and using the terminal to load it causes the old Win32 version of Notepad to open after 5 minutes of waiting, which then hangs and crashes. People pay money for this.

• GNOME is good, actually
  While Im normally a KDE user, I do keep close tabs on various other desktop environments, and install and set them up every now and then to see how theyre fairing, what improvements theyve made, and ultimately, if my preference for KDE is still warranted. This usually means setting up a nice OpenBSD installation for Xfce, Fedora for GNOME, and less often others for some of the more niche desktop environments. Since GNOME 50 was just released, guess whos time in the round is up? Since everybodys already made up their mind about their preferred desktop eons ago, with upsides and downsides debated far past their expiration date, Im not particularly interested in reviewing desktop environments or Linux distributions. However, after asking around on Fedi, it seemed there was quite a bit of interest in an article detailing how I set up GNOME, what changes I make to the defaults, which extensions I use, what tweaks I apply, and so on. Of course, everything described in this article is highly personal, and Im not arguing that this is the optimal way to tweak GNOME, that the extensions I use are the best ones, or that any visual modifications I make are better than whatever defaults GNOME uses. No, my goal with this article is twofold: one, to highlight that GNOME is a lot more configurable, extensible, and malleable than common wisdom on the internet would have you believe. Its not KDE or one of those cobbled-together tiling Wayland desktops, but its definitely not as rigid as you might think. And two, that GNOME is good, actually. Tools of the trade The first thing I do is install a few crucial tools that make it easier to modify and tweak GNOME. I really dislike lists in articles, but I will begrudgingly use one here: After installing all of these tools, the actual tweaking can commence. Visual tweaks I didnt use to like GNOMEs Adwaita visual style, but over the years, it started growing on me to the point where I dont actively dislike it anymore. With the arrival of libadwaita, it has also become effectively impossible to theme modern GNOME applications, so even if you do change to something else, many of your applications wont follow along. If consistency is something you care about, youll stick to Adwaita, but that leaves one problem unresolved: applications that still use GTK3. These applications will follow a much older version of Adwaita, making them stand out like eyesores among all the modern GTK4 stuff. Luckily, since GTK3 applications are still properly themable, this is easily fixed: just install the adw-gtk3 theme, either by hand, or through your distributions repositories. To enable it, first install the user themes extension through Extension Manager, and then enable the theme in GNOME Tweaks for Legacy Applications!. Any potential GTK3 applications you still use will now integrate nicely with modern libadwaita applications. The one part of GNOME I really do deeply dislike is its icon theme. I cant quite explain why I dislike this icon set so much, but it runs deep, so one of the very first things I do is replace the default GNOME icon set with my personal favourite, Qogir. This is a popular icon set, so its usually available in your distributions repositories, but I always install it from its GitHub page. Changing GNOMEs icon set is as simple as selecting it in GNOME Tweaks. You cant get much more personal taste than an icon set, and there are dozens of amazing sets to choose from in the Linux world. Changing them out and trying out new ones is stupidly easy, and its definitely worth looking at a few that might be more pleasing to you than GNOMEs (or KDEs) default. Lastly, I open Add Water and enable the amazing GNOME theme for LibreWolf. Add Water basically makes this as easy as flipping a switch, so theres no need to copy any files into your LibreWolf profile or whatever. The application also provides a few more small tweaks to fiddle with, like enabling standard tab widths so tabs dont grow and shrink as you close and open tabs, moving the bookmarks bar below the tab bar, and many more. Extensions Since the release of GNOME 3 in 2011, extensions have been the most capable way to modify GNOMEs look, behaviour, and feature set. As far as I can tell, while the extension framework is an official part of the GNOME Shell, the extensions themselves are all third-party and not part of a vanilla GNOME installation. By now, there are over 2800 listed extensions, but that number includes abandoned extensions so its hard to determine the actual number of currently-maintained ones. Whatever the actual number is, theres bound to be things in there youre going to want to use. Here are the extensions I have installed. Lets just start at the top and work our way down. I guess Im forced to do another list. There are countless more extensions to choose from, and youre definitely going to find things you never even thought could be useful. Miscellaneous tweaks Theres a few other things I modify. In GNOME Tweaks, I make it so that double-clicking a windows titlebar minimises it while right-clicking it lowers it; two features I picked up during my years as a BeOS user that I absolutely refuse to give up. I configure the dock from Dash to Dock so that it always remains on top and never hides itself, no matter the circumstances. In Settings, I disable virtual desktops entirely (I dont like virtual desktops), and I make sure tap-to-click is disabled (if Im on a laptop). GNOME is good, actually After making all of these changes, I feel quite comfortable using GNOME, at least on my laptop. Its a nice, coherent experience, and offers what is probably the most polished graphical user interface you can find on Linux, even if it isnt the most full-featured. The third-party application ecosystem, through modern

• How fast is a macOS VM, and how small could it be?
  To assess how small a macOS VM could be, I ran the same VM of macOS 26.4.1 on progressively smaller CPU core and memory allocations, using my virtualiser Viable. The VM’s display window was set to a standard 1600 x 1000, and I ran Safari through its paces and performed some lightweight everyday tasks, including Storage analysis in Settings. Starting with 4 virtual cores and 8 GB vRAM, where the VM ran perfectly briskly with around 5 GB of memory used, I stepped down to 3 cores and 6 GB, to discover that memory usage fell to 3.9 GB and everything worked well. With just 2 cores and 4 GB of memory only 3.1 GB of that was used, and the VM continued to handle those lightweight tasks normally. ↫ Howard Oakley This is good news for people interested in the MacBook Neo who may also want to run a macOS virtual machine on it.

• Email is crazy
  Email is like those creaking old Terminators from the ’70s which continue to function without complaining. Designed for a world that doesn’t exist anymore, it has optional encryption, no built-in auth, three⁺ retrofitted security layers bolted on top, an unstandardized filtering layer and many more quirks. Yet billions of emails arrive correctly every single day. Email is not elegant but nonetheless it is Lindy. In the new age of agentic AI, we can only expect it to metamorphose into another dimension. ↫ Saurabh Sam! Khawase The fact that email is as complicated as it is bad enough, but having it be so dominantly controlled by only a few large gatekeepers like Google and Microsoft surely isnt helping either. I feel like email is no longer really a technology individuals can actively partake in at every level; it feels much more like WhatsApp or iMessage or whatever in that we just get to send messages, and thats it. Running your own mail sever isnt only a complex endeavour, its also a continuous cat-and-mouse game with companies like Google and Microsoft to ensure you dont end up on some shitlist and your emails stop arriving. I settled on Fastmail as my email service, and it works quite well. Still, I would love to be able to just run my own email server, or have some of my far more capable friends run one for a small group of us, but its such a daunting and unpleasant effort few people seem to have the stomach and perseverance for it.

• The day I logged 1 in every 2000 public IPv4: visualizing the AI scraper DDoS
  What if you run a few online services for you and your friends, like a small git instance and a grocery list service, but you get absolutely hammered by AI! scrapers? I cannot impress upon you, reader, that this is not only an attack that is coordinated, it is an attack that is distributed. I run a small set of services, basically only for me and my friends. I am not a hyperscaler, I am not a tech company, I am not even a small platform. I have a git forge where I put the shit I make, and a couple other services where me and my friends backup our files or write our grocery lists. I am not fucking Meta and I cannot scale the fuck up just because OpenAI or Anthropic or Meta or whoever is training a model that weeks wants to suck all the content out of my VPS ONCE MORE until it’s dry. ↫ lux at VulpineCitrus So how much traffic did the author of this piece, lux, get from AI! scraping bots? Within a time period of 24 hours, they were hammered by 2040670 unique IP addresses, 98% of which were IPv4 addresses, which means that 1 out of every 2000 publicly available IPv4 addresses were involved in the scraping. Together, they performed over 5 million requests. And just to reiterate: they were scraping a few very small, friends-only services run by some random person. This is absolutely insane. If, at this point in time, with everything that we know about just how deeply unethical every single aspect of AI! is, youre still using and promoting it, what is wrong with you? If youre so addicted to your AI! girlfriends unending stream of useless, forgettable sycophantic slop, despite being aware of the damage youre doing to those around you, theres something seriously wrong with you, and you desperately need professional help. You dont need any of this. The world doesnt need any of this. Nobody likes the slop AI! regurgitates, and nobody likes you for enabling it. Get help.

• Earliest 86-DOS and PC-DOS code released as open source
  Microsoft is continuing its efforts to release early versions of DOS as open source, and today weve got a special one. We’re stoked today to showcase some newly available source code materials that provide an even earlier look into the development of PC-DOS 1.00, the first release of DOS for the IBM PC. A dedicated team of historians and preservationists led by Yufeng Gao and Rich Cini has worked to locate, scan, and transcribe the stack of DOS-era source listings from Tim Paterson, the author of DOS. The listings include sources to the 86-DOS 1.00 kernel, several development snapshots of the PC-DOS 1.00 kernel, and some well-known utilities such as CHKDSK. Not only were these assembler listings, but there were also listings of the assembler itself! This work offers rare insight into how MS-DOS/PC-DOS came to be, and how operating system development was done at the time, not as it was later reconstructed. ↫ Stacey Haffner and Scott Hanselman Its wild that the source code had to be transcribed from paper, including notes and changes. You can find more information about the process on Gao’s website and Cini’s website.

• Apple gives up on Vision Pro, disbands Vision Pro team
  When Apple unveiled the Vision Pro, almost three (!) years ago, I concluded: If there’s one company that can convince people to spend $3500 to strap an isolating dystopian glowing robot mask onto their faces it’s Apple, but I still have a hard time believing this is what people want. ↫ Thom Holwerda at OSNews (quoting myself is weird) MacRumors Juli Clover, today: Apple has all but given up on the Vision Pro after the M5 model failed to revitalize interest in the device, MacRumors has learned. Apple updated the Vision Pro with a faster M5 chip and a more comfortable band in October 2025, but there were no other hardware changes, and consumers still werent interested. Apple has apparently stopped work on the Vision Pro and the Vision Pro team has been redistributed to other teams within Apple. Some former Vision Pro team members are working on Siri, which is not a surprise as Vision Pro chief Mike Rockwell has been leading the Siri team since March 2025. ↫ Juli Clover at MacRumors VR  what the Vision Pro is, whether Apples marketing likes to say it or not  has proven to be good for exactly two things: games and porn. The Vision Pro has neither. It was destined to be a flop from the start, as nobody wants to strap an uncomfortable computer to their face that does less than all of the other computers they already have, and what it does do, it does worse. I do wonder if this makes the Vision Pro the most expensive flop in human history. Has any company ever spent more on a product that failed this spectacularly?

• Apple wants to kill your Time Capsule, but they run NetBSD so they cant
  It seems like Apple is finally going to remove support for AFP from macOS, twelve years after first moving from AFP to SMB for its default network file-sharing technology. This change shouldnt impact most people, as its highly unlikely youre using AFP for anything in 2026. Still, there is one small group of people to whom this change has an actual impact: owners of Apples Time Capsule devices. Time Capsules only support AFP and SMB1, and with SMB1 being removed from macOS ages ago, and now AFP being on the chopping block as well, macOS 27 would render your Time Capsule more or less unusable. Its important to note that the last Time Capsule sold by Apple, the fifth generation, was released in 2013, and the product line as a whole was discontinued in 2018. If you bought a Time Capsule in the twilight years of the lines availability, I think you have a genuine reason to be perturbed by Apple cutting you off from your product if you upgrade to macOS 27, but at least you have the option of keeping an older version of macOS around so you can keep interacting with your time Capsule. It still feels like a bit of a shitty move though, as those fifth generation models came with up to 3TB of storage, which can still serve as a solid NAS solution. Thank your lucky stars, then, that open source can, as usual, come to the rescue when proprietary software vendors do what they always do and screw over their customers. Did you know every generation of Time Capsule actually runs NetBSD, and that its trivially easy to add support for Samba 4 and SMB3 authentication to your Time Capsule, thereby extending its life expectancy considerably? TimeCapsuleSMB does exactly that. If the setup completes successfully, your Time Capsule will run its own Samba 4 server, advertise itself over Bonjour (show up automatically in the Network! folder on macOS), and accept authenticated SMB3 connections from macOS. You should then be able to open Finder, choose Connect to Server, and use a normal SMB URL instead of relying on Apple’s legacy stack. You should also be able to use the disk for Time Machine backups. ↫ TimeCapsuleSMB Its compatible with both NetBSD 4 and NetBSD 6-based Time Capsules, although youll need to run a single SMB activation command every time a NetBSD 4-based Time Capsule reboots. This will also disable any AFP and SMB1 support, but that is kind of moot since those are exactly the technologies that dont and wont work anymore once macOS 27 is released. The installation is also entirely reversible if, for whatever reason, you want to undo the addition of Samba 4. This whole saga is such an excellent example of why open source software protects users rights, by design.

• Dillo 3.3.0 released
  Dillo is an amazing web browser for those of us who want their web browsing experience to be calmer and less flashing. Dillo also happens to be a very UNIX-y browser, and their latest release, 3.3.0, underlines that. A new dilloc program is now available to control Dillo from the command line or from a script. It searches for Dillo by the PID in the DILLO_PID environment variable or for a unique Dillo process if not set. ↫ Dillo 3.3.0 release notes You can use this program to control your Dillo instance, with basic commands like reloading the current URL, opening a new URL, and so on, but also things like dumping the current pages contents. I have a feeling more commands and features will be added in future releases, but for now, even the current set of commands can be helpful for scripting purposes. Im sure some of you who live and die in the terminal are already thinking of all the possibilities here. You can now also add page actions to the right-click context menu, so you can do things like reload a page with a Chrome curl impersonator to avoid certain JavaScript walls. This, too, is of course extensible. Dillo 3.3.0 also brings experimental support for building the browser with FLTK 1.4, and implemented a fix specifically to make OAuth work properly.

• Ubuntu is going to integrate AI!, but Canonical remains vague about the how and why
  Ubuntu, being one of the more commercial Linux distributions, was always going to jump on the AI! bandwagon, and Jon Seager, Canonicals VP Engineering, published a blog post with more details. Throughout 2026 we’ll be working on enabling access to frontier AI for Ubuntu users in a way that is deliberate, secure, and aligned with our open source values. By focusing on the combination of education for our engineers, our existing knowledge of building resilient systems and our strengthening silicon partnerships, we will deliver efficient local inference, powerful accessibility features, and a context-aware OS that makes Ubuntu meaningfully more capable for the people who rely on it Ubuntu is not becoming an AI product, but it can become stronger with thoughtful AI integration. ↫ Jon Seager at Ubuntu Discourse The problem with this entire post is that, much like all other corporate communications about AI!, its all deceptively vague, open-ended, and weasely. Adjectives like focused!, principled!, thoughtful!, and tasteful! dont really mean anything, and leave everything open for basically every type of slop AI! feature under the sun. Their claims about open weights and open source models are also weakened by words like favour! and where possible!, again leaving the door wide open for basically any shady AI! companys models and features to find their way into your default Ubuntu installation. Theres also very little in terms of concrete plans and proposed features, leaving Ubuntu users in the dark about what, exactly, is going to be added to their operating system of choice during the remainder of the year. Theres mentions of improved text-to-speech/speech-to-text and text regurgitators, but thats about it. None of it feels particularly inspired or ground-breaking, and the veneer of open source, ethical model creation, and so on, is particularly thin this time around, even for Canonical. I dont really feel like I know a lot more about Canonicals AI! intentions for Ubuntu after reading this post than I did before, other than Ubuntu users might be able to generate text in their email client or whatever later this year. Is that really something anybody wants?

• If 64bit Windows 11 contains a copy of 32bit explorer.exe, could you run it as its shell?
  Raymond Chen published a blog post about how a crappy uninstaller on Windows caused a mysterious spike in the number of Explorer (Windows graphical shell) crashes. It turns out the buggy uninstaller caused repeated crashes in the 32bit version of Explorer on 64bit systems, and  hold on a minute. The how many bits on the what now? The 32-bit version of Explorer exists for backward compatibility with 32-bit programs. This is not the copy of Explorer that is handling your taskbar or desktop or File Explorer windows. So if the 32-bit Explorer is running on a 64-bit system, it’s because some other program is using it to do some dirty work. ↫ Raymond Chen at The Old New Thing So I had no idea that 64bit Windows included a copy of the 32bit Explorer for backwards compatibility. It obviously makes sense, but I just never stopped to think about it. This made me wonder though if you could go nuts and do something really dumb: could you somehow trick 64bit Windows into running this 32bit copy of Explorer as its shell? Youd be running 32bit Explorer on 64bit Windows using the 32bit WoW64 binaries where you just pulled the 32bit Explorer binary from, which seems like a really nonsensical thing to do. Since theres no longer any 32bit builds of Windows 11, you also cant just copy over the 32bit Explorer from a 32bit Windows 11 build and achieve the same goal that way, so youd really have to go digging around in WoW64 to get 32bit versions. I guess the answer to this question depends on just how complete this copy of 32bit Explorer really is, and if Windows has any defenses or triggers in place to prevent someone from doing something this uselessly stupid. Of course, theres no practical reason to do any of this and it makes very little sense, but it might be a fun hacking project. Most likely the Windows experts among you are wondering what kind of utterly deranged new designer drug Im on, but I was always told that sometimes, the dumbest questions can lead to the most interesting answers, so here we are.

• 8087 emulation on 8086 systems
  Not too long ago I had a need and an opportunity to re-acquaint myself with the mechanism used for software emulation of the 8087 FPU on 8086/8088 machines. ↫ Michal Necasek Look, when a Michal Necasek article starts out like this, you know youre in for a learnin ol time. The 8087 was a floating-point coprocessor for the 8086 and 8088 processors, since back in those early days, processors did not include an integrated floating-point unit. It wouldnt be until the release of the 486DX, in 1989, that Intel would integrate an FPU inside the processor itself, negating the need for a separate chip and socket. Interestingly enough, Intel also released a cut-down version of the 486 with the FPU removed, the 486SX, for which an optional external FPU did exist.

• How hard is it to open a file?
  Sebastian Wick has a great explanation of why opening files  programmatically  is a lot more complex and fraught with dangers than you might think it is. This issue was relevant for Wick as he is one of the lead developers of Flatpak, for which a number of security issues have recently been discovered, and it just so happens that many of these issues dealt with this very topic. The biggest security issue found was a complete sandbox escape, originating from the fact that flatpak run, the command-line tool to start a Flatpak application, accepted path strings, since flatpak run is assumed to be run by a trusted user. The problem lay in a D-Bus service sandboxed applications could use to create subsandboxes, and this service was built around, you guessed it, flatpak run. The issues in question, including this complete sandbox escape, have been addressed and fixed, but they highlight exactly the dangers that can come from opening files. This subsandboxing approach in Flatpak is built on assumptions from fifteen years ago, and times have changed since then. If youre a programmer who deals with opening files, you might want to take a look at your own code to see if similar issues exist.

• Microsoft Issues Warning About Linux Vulnerability
  The company behind Windows has released information about a flaw that affects millions of Linux systems.
  

• Is AI Coming to Your Ubuntu Desktop?
  According to the VP of Engineering at Canonical, AI could soon be added to the Ubuntu desktop distribution.
  

• Framework Laptop 13 Pro Competes with the Best
  Framework has released what might be considered the MacBook of Linux devices.
  

• The Latest CachyOS Features Supercharged Kernel
  The latest release of CachyOS brings with it an enhanced version of the latest Linux kernel.
  

• Kernel 7.0 Is a Bit More Rusty
  Linux kernel 7.0 has been released for general availability, with Rust finally getting its due.
  

• France Says "Au Revoir" to Microsoft
  In a move that should surprise no one, France announced plans to reduce its reliance on US technology, and Microsoft Windows is the first to get the boot.
  

• CIQ Releases Compatibility Catalog for Rocky Linux
  The company behind Rocky Linux is making an open catalog available to developers, hobbyists, and other contributors, so they can verify and publish compatibility with the CIQ lineup.
  

• KDE Gets Some Resuscitation
  KDE is bringing back two themes that vanished a few years ago, putting a bit more air under its wings.
  

• Ubuntu 26.04 Beta Arrives with Some Surprises
  Ubuntu 26.04 is almost here, but the beta version has been released, and it might surprise some people.
  

• Ubuntu MATE Dev Leaving After 12 years
  Martin Wimpress, the maintainer of Ubuntu MATE, is now searching for his successor. Are you the next in line?
  

• Kali Linux Waxes Nostalgic with BackTrack Mode
  For those who've used Kali Linux since its inception, the changes with the new release are sure to put a smile on your face.
  

• Gnome 50 Smooths Out NVIDIA GPU Issues
  Gamers rejoice, your favorite pastime just got better with Gnome 50 and NVIDIA GPUs.
  

• System76 Retools Thelio Desktop
  The new Thelio Mira has landed with improved performance, repairability, and front-facing ports alongside a high-quality tempered glass facade.
  

• Some Linux Distros Skirt Age Verification Laws
  After California introduced an age verification law recently, open source operating system developers have had to get creative with how they deal with it.
  

• UN Creates Open Source Portal
  In a quest to strengthen open source collaboration, the United Nations Office of Information and Communications Technology has created a new portal.
  

• Latest Linux Kernel RC Contains Changes Galore
  Linux kernel 7.0-rc3 includes more changes than have been made in a single release in recent history.
  

• Nitrux 6.0 Now Ready to Rock Your World
  The latest iteration of the Debian-based distribution includes all kinds of newness.
  

• Linux Foundation Reports that Open Source Delivers Better ROI
  In a report that may surprise no one in the Linux community, the Linux Foundation found that businesses are finding a 5X return on investment with open source software.
  

• Keep Android Open
  Google has announced that, soon, anyone looking to develop Android apps will have to first register centrally with Google.
  

• Kernel 7.0 Now in Testing
  Linus Torvalds has announced the first Release Candidate (RC) for the 7.x kernel is available for those who want to test it.