All the News that Matters

• Drauger OS Reworks Ubuntu LTS with KDE Plasma for Linux Gaming
  Drauger OS 7.8 reworks Ubuntu 26.04 LTS with KDE Plasma into a niche Linux gaming distro, adding kernel 7.0, Wayland by default, and gaming-focused tweaks.

• CachyOS Releases June 2026 Snapshot with Hyprland Noctalia Desktop Option
  The development team behind the Arch Linux-based CachyOS published a new ISO snapshot for June 2026 that includes the latest package updates, new features, and improvements.

• Linux 7.2 Surpasses More Than 43 Million Lines In The Kernel Tree
  Today marks the last day of the Linux 7.2 merge window with Linux 7.2-rc1 due out later today. With the many new features and improvements merged over the past week since the Linux 7.1 stable debut, the Linux kernel source tree now exceeds 43 million lines...

• COSMIC's New System Monitor Is Looking Very Slick
  Not only is GNOME 51 working to replace GNOME System Monitor with its new replacement, but over in System76's COSMIC space they have been baking their own new system monitor too...

• Shelly 2.4.1 GUI Package Manager for Arch Linux Improves Networking, Security
  Shelly 2.4.1 has been released today as the latest stable version of this open-source graphical package manager for Arch Linux and Arch Linux-based distributions, bringing various new features and performance improvements.

• Nourish: A New Wayland Compositor Powered By Vulkan With Infinite Scrolling/Panning
  The newest Wayland compositor on the block is Nourish, it's a Vulkan-powered and its unique selling point is offering "infinite" zooming and panning to in effect provide an infinite workspace...

• Coreboot 26.06 Adds Early Intel Nova Lake and AMD Strix Halo Support
  Coreboot 26.06 lands with early support for Intel Nova Lake and AMD Strix Halo, new mainboards, AMD recovery improvements, and boot performance work.

• WCH CH32V006EVT board supports Zephyr for low-cost RISC-V development
  Olimex recently featured the WCH CH32V006EVT, a low-cost evaluation board for the RISC-V-based CH32V006K8U6 microcontroller. The board is designed around WCH’s CH32V006 family and provides a compact platform for experimenting with the QingKe V2C 32-bit RISC-V core, Zephyr support, and basic embedded development features. The CH32V006K8U6 integrates a QingKe V2C processor using the RV32EmC instruction […]

• Experimental Code Enables Per-Monitor Backgrounds For GNOME Shell
  One of the limitations of GNOME's current multi-monitor handling is that the same background is used across the displays. For those that want to enjoy per-monitor background selection, some experimental / proof-of-concept code is now working to allow such per-monitor backgrounds to work with the modern GNOME desktop...

• Reserved THP Feature Proposed For Linux To Combine The Best Of HugeTLB & THP
  Linux kernel developer and Bytedance engineer Qi Zheng sent out a request for comments (RFC) patch series on a new feature called Reserved THP to combine the best of HugeTLB and THP kernel functionality...

• A 30-Year-Old GIMP Build Used to Create Tux Is Now a Linux Flatpak
  GIMP 0.54.1, the 1996 build used to create the original Tux mascot, has been revived as a Flatpak for modern Linux systems.

• EasyOS YouTube video series now has seven videos
  A series of videos are being created about EasyOS Linux distribution. Have now reached the seventh video in the series

• KDE Plasma 6.8 to Enable Triple Buffering by Default for NVIDIA GPUs
  KDE Plasma 6.8, scheduled for mid-October, is already taking shape with a notable KWin performance change for NVIDIA users.

• Linux MD RAID5 Seeing Scalability Improvements Up To 17%
  Posted to the Linux kernel mailing list this week was a new patch series working on scalability enhancements to the MD RAID5 software RAID code. Up to a 10~17% improvement was observed in some configurations with these RAID5 scalability patches...

• GNOME AI Assistant Adds Image Generation Support
  In development over the past three years has been Newelle as a GNOME-aligned AI virtual assistant. Out this week is Newelle 1.4.5 and it now adds AI image generation support and a redesigned chat interface...

• Sparky-aptus-upgrade on Sparky Linux 2026 06 instance in UEFI mode
  One of the most recent sparky-aptus-upgrade wipes out old boot-loader and prompts you to install new boot-loader . It suggests the options vda, vda2 (/boot ext4), vda3 ("/" btrfs) , neither one of options suggested is correct due to /boot/efi is mounted on /dev/vda1. The workaround is to reject install new boot-loader and wait until sparky-aptus-upgrade would exit warning you that boot-loader is missing. Then initiate ssh session to instance of Sparky Linux and issue . . . .

• Linux Kernel 7.0 Reaches End of Life, It’s Time to Upgrade to Linux Kernel 7.1
  This is your friendly reminder that the Linux 7.0 kernel series has reached the end of its supported life and that you should consider upgrading to Linux kernel 6.10 as soon as possible.

• Akrites Puts Up a United Front Against AI-Wielding Black Hats
  The name Akrites is derived from Akritai — the Byzantine Empire’s frontier guardians, who stood watch where threats arrived first and defenses were thinnest.

• Linux Gets Dirty Again: DirtyClone Kernel Flaw Can Lead to Local Root Access
  After DirtyFrag, DirtyClone exposes another Linux kernel flaw that may let local attackers gain root access on vulnerable systems.

• Shotcut 26.6 Open-Source Video Editor Released with Vulkan on Linux Support
  Shotcut 26.6 has been released today as the latest stable version of this open-source, cross-platform, and free video editing software that introduces new features and improvements.

• US Agency Cancels Contract For Warrantless Tracking of Mobile Devices
  America's Bureau of Alcohol, Tobacco, Firearms and Explosives has "canceled its contract for a surveillance tool that enables warrantless tracking of mobile devices," reports the Associated Press. They note the move comes "after lawmakers, a prosecutor and a judge raised concerns about the legality of the tool in criminal investigations."ATF, the federal agency responsible for enforcing the nation's gun laws, told The Associated Press that it discontinued what it called a "pilot" program using a tool called Webloc after Rep. Michael Cloud, a Republican from Texas, and Sen. Ron Wyden, a Democrat from Oregon, expressed reservations about the agency's use of bulk commercial location data. Webloc, which is made by a vendor called Penlink, sources data from consumer apps and advertising networks, which collect the location of mobile devices from consumers who download apps or browse the web... The U.S. Supreme Court ruled in 2018 that police needed a warrant to obtain historic movement data from cellphone companies on a criminal suspect. But it has never addressed the growing practice of commercially acquired data. Other users of Webloc include the U.S. military and U.S. Immigration and Customs Enforcement but also local law enforcement agencies such as police in places like Elk Grove, Calif. and Durham, N.C. The technology has also expanded around the world, with the national police in El Salvador and Hungarian intelligence agencies as customers, according to a report from earlier this year from Citizen Lab, a group of researchers at the University of Toronto who investigate digital threats to civil society. The article notes that other U.S. law enforcement agencies continue to buy commercial geolocation data, "including the FBI and the Department of Homeland Security."
  
  
  Read more of this story at Slashdot.
  

• Students Around the World are Using AI-Powered Smart Glasses to Cheat on Tests
  Students are using AI-powered smart glasses to cheat on tests, reports CNN. "And in East Asia's test-obsessed societies, where a single exam could impact the trajectory of a student's future career and social status, educators are scrambling to get ahead of the problem."Already, countries are stepping up inspections for test-takers. For China's grueling annual college entrance exam earlier this month — which more than 10 million hopefuls take each year — authorities required screening of all glasses. In the United Kingdom, the head of England's exam watchdog warned earlier this month that AI glasses and smart devices like earpieces could worsen cheating in exams... [T]wo incidents in South Korea were the country's first reported cases of cheating with AI glasses... In Taiwan, the university where a prospective student was caught cheating is now reviewing rules and standard operating procedures for AI eyewears during examinations. But experts worry these individual cases point to a more widespread issue. "If we're seeing a few cases being reported, we're seeing a lot more cases not being reported," said Thomas Corbin, lecturer at Deakin University in Australia, who has conducted research around the usage of AI-powered glasses and other smart devices in academic assessment. With the rapid development of AI technology, however, smart glasses are becoming slimmer, less noticeable, while integrating AI models that can operate independently with connectivity, raising concerns not only about exam integrity, but also about broader privacy risks... "Wearable AI is as much of a challenge to exams as ChatGPT was to essays in 2022 and I just don't think there is any real way that we can reliably have exam practices moving forward," Corbin said.
  
  
  Read more of this story at Slashdot.
  

• 'Supergirl' Movie Criticized for Script, Poor Visual Effects
  The Onion joked the new movie Supergirl is about a hero who must single-handedly save the world "after the catastrophic collapse of interest in the genre." Unfortunately, The Hollywood Reporter says the film's reviews "range from negative to tepid praise (averaging a 58 percent Rotten Tomatoes score)." Many point fingers at the film's script, with Variety's line — "a comic-book movie with the worst script I can remember" — going viral... Not to pile on, but there's another recurring gripe from the reviews that stood out: Critics bashed the film as being murky, dark and gray, with poor VFX: "Muddy CG sludge" wrote one. Another said the film was full of "sludgy browns and grays" and "the visual murkiness of the settings makes it hard to follow the already unintelligible action sequences." A third wrote the "VFX is so rough it makes The Flash look like Avatar." Moviegoers increasingly despise murky, dark visuals (often used to hide weak effects), along with obvious CGI and incoherent action. They've seen it so many times they've become allergic. The Bulwark agrees that the action sequences are "terribly lit, incoherently staged, and just generally weightless and ugly... [I]t's reminiscent of the disaster that was The Flash: It's just very obvious during certain sequences that everyone was in a big green-screen warehouse and the camera was whipping around with the knowledge that everything would be painted in later, so who really gives a crap how anything looks on the day of." But they also call the movie "a tremendous slog of a film, a real step backwards for the James Gunn-overseen DC Universe of movies and TV shows" that's "neither fun nor exciting" and "feels empty." The film does have one bright spot: Lobo, who is played by Jason Momoa as something like Michael Keaton's Beetlejuice by way of Jason Momoa's Aquaman. He's blustery and cantankerous and saucy and just a little menacing; it's a perfect piece of casting and a really nice performance. Unfortunately, it's the only spark of life in what is otherwise a deeply dour, deeply boring piece of filmmaking... Supergirl is just a misfire on nearly every level, one that lacks the sincerity and fun of last year's reboot of this universe or the comic pathos present in Gunn's Peacemaker series on HBO Max. Reason calls it "dark, depressive, and dull" and "a downer of a movie in nearly every way." It's not fun. It's barely even righteous. It's just miserable. At one point, Supergirl flat-out murders a guy by pushing a giant sword through his neck. Somehow, I suspect even Zack Snyder would be appalled. Time argued fans of last decade's superhero movies "should be demanding more, not less." Though "Will there be rioting in the streets once audiences get some idea of how lousy Supergirl is? Probably not."
  
  
  Read more of this story at Slashdot.
  

• Developer AI Token Costs Could Exceed Their Salaries in Two Years
  "Enterprises may soon be paying as much for their developers' AI token usage as they do for their salaries," writes InfoWorld:According to Gartner, these costs will meet, or even exceed, the typical software engineer's monthly salary within the next two years. This is not only because developers are increasingly adopting generative AI and agentic tools, it reflects a trend toward consumption-based licensing models as vendors balance infrastructure investments with profitability... Gartner senior principal analyst Nitish Tyagi explained that it's important to note that Gartner's prediction is based on a global average salary of $2,000 per month; it doesn't mean AI token usage will exceed all salaries. For instance, in the US, yearly pay rates can be six digits or more. However, that kind of spend is not out of the realm of possibility, Tyagi emphasized. "I have heard scary numbers like 'My developer consumed $20K last month,' or 'A business user consumed $32K'." If these amounts sound shocking, that's the point. "The goal is to alarm the industry about the impact of token cost if it is not governed and controlled," he said... AI coding vendors have yet to deliver "mature, built-in cost optimization capabilities," Tyagi said, and prices will likely only continue to rise as vendors further build out their models while at the same time trying to remain profitable. Thus, enterprises struggle to forecast and control costs, and, because AI is moving so fast, many organizations lack the "maturity and frameworks" to determine ROI, he noted. Agent-driven workflows are difficult to govern, context windows become bloated, budgets are wiped out earlier than anticipated, and token spend becomes hard to justify.... "Without a governed engineering operating model, costs can escalate faster than the productivity gains these tools are designed to deliver," Tyagi said.
  
  
  Read more of this story at Slashdot.
  

• An Amazon Seller Says They Were Offered a Way to Bribe an Amazon Employee
  Jack Nekhala had a business selling on Amazon — and in December he received an unusual offer, reports Bloomberg. A woman said she could bribe an Amazon employee "to help him retrieve $90,000 in funds that the e-commerce giant had frozen after suspending him over an alleged violation of review policy."Hoping to ingratiate himself with the company and restart his business, Nekhala offered to provide evidence, including recorded conversations and screen shots, that he said proved Amazon personnel were peddling inside information and influence. The smoking gun, Nekhala told the representative: information about his seller account. Only certain Amazon employees are supposed to have access to such details, but Nekhala had received them from the woman on WeChat, the Chinese messaging app. Nekhala's experience, which he documented and shared with Bloomberg, provides a rare glimpse into an international black market that has been a persistent scourge of Amazon's online store. On one side are sellers looking for a variety of favors: a competitive edge over their rivals, information on how to boost sales, a way to get themselves unsuspended. On the other are middlemen who lurk on message apps like Telegram, WeChat and WhatsApp offering access to people inside Amazon who can get things done for a price... It's impossible to determine the scope of the illicit activity, but it's an open secret among Amazon sellers and consultants, who are frequently approached on social-media platforms and messaging apps. "The message is always the same: 'I'm going to show you screenshots to prove I have inside access,'" said Chris McCabe, a former Amazon employee who runs a seller consulting firm... In 2020, federal prosecutors exposed an international bribery scheme involving Amazon sellers and employees. The ring allegedly extracted about $100 million in unfair advantages by bribing Amazon employees in Asia to help them sell more products and sabotage their competitors. Five people in the US were convicted and received jail terms or probation. Last year, law enforcement officials in India began investigating more than 20 former Amazon employees suspected of accepting bribes from trucking companies in exchange for routes, according to The Times of India. After Nekhala reported his own experience to Amazon, the representative committed to "do some digging" and to email him instructions on how his evidence could be shared, according to a recording of the conversation. But Nekhala said he never heard back. The employee who leaked his personal information had already been fired for unrelated misconduct, according to Amazon. Amazon told Bloomberg employee involvement was "very rare," and that "We invest heavily in this area and have dedicated teams and systems in place to prevent all types of fraud, including by our own employees."
  
  
  Read more of this story at Slashdot.
  

• IBM is Getting Ready to Scale Quantum Computing
  IBM spent a decade "building, testing and improving" quantum computing, reports the Wall Street Journal. "This year, the company is laying the groundwork to turn that technology into a fully-fledged, scalable business from an expensive science project."IBM said last month it plans to form a new independent subsidiary called Anderon, a foundry to produce the silicon wafers needed to make quantum-computing processors. The venture is seeded by a $1 billion investment from the Trump administration and another $1 billion of IBM's own cash.Anderon will give the company a new line of business in selling wafers to other quantum-computing companies. It will also provide a steady stream of wafers to continue developing its own quantum technology, positioning IBM to capture part of what the Boston Consulting Group projects will be a $90 billion to $170 billion market for quantum-computing providers by 2040... The company also plans to spend an additional $9 billion over five years to advance the final stages of its quest to build a quantum-mechanics-powered computer capable and reliable enough for widespread use, a goal known as fault tolerance. That computer, named Starling, is being targeted for 2029. With Anderon, IBM is thinking beyond Starling, or even a more powerful quantum computer planned for 2033.
  
  
  Read more of this story at Slashdot.
  

• Renewable Energy Just Hit 30% of America's Electricity Generation
  America generated 10.06% more energy with renewables in the first four months of 2026 than it did in the same period the year before. That's according to new figures from America's Energy Information Administration, cited in this report from Electrek:The growth was led by utility-scale solar (+21.3%), hydropower (+15.7%), small-scale solar In April alone, wind and solar each produced more electricity than US coal plants, while the combination of solar and wind produced 57.0% more electricity than nuclear power. The mix of all renewables, including biomass and geothermal, accounted for 30.0% of total US electrical generation during the first third of 2026 — up from 27.8% a year earlier... EIA reported that, in April, utility-scale solar capacity surpassed wind capacity for the first time (160,208.1 MW vs. 160,100.6 MW). Further, utility-scale battery energy storage capacity increased by 17,703.5 MW, or 58.1%. Nuclear added just 18.4 MW.The combined capacity growth of all utility-scale renewable energy sources for the 12-month period (55,980.3 MW) is two-thirds more (i.e., 67.6%) than that added during the previous 12 months (33,392.0 MW). "EIA projects no new nuclear generating capacity and a net decline of 5,200.5 MW in fossil fuel capacity."
  
  
  Read more of this story at Slashdot.
  

• How a Seemingly Harmless Image Can Jailbreak Vision-Language AI Models
  Slashdot reader BrianFagioli writes: Florida International University researchers have developed a technique called JaiLIP (Jailbreaking with Loss-guided Image Perturbation) that uses subtle image modifications to bypass AI safety guardrails. Unlike traditional jailbreaks that rely on carefully crafted prompts, the attack works through images that appear normal to human viewers. The researchers tested the technique against BLIP-2, a multimodal AI model, and found that manipulated images significantly increased the likelihood of harmful responses. According to the study, the approach outperformed previous image-based jailbreak methods and nearly doubled the number of unsafe outputs generated during testing. The findings highlight a potential security risk for businesses deploying AI systems that process both images and text. While most discussions about AI safety focus on prompts, the research suggests that seemingly harmless images may also serve as an attack vector.
  
  
  Read more of this story at Slashdot.
  

• France's Heat This Week Was Worse Than a Dire Scenario Imagined For 2050
  There's a deadly, record-breaking heat wave spreading east across Europe, reports the Washington Post — and it's even worse than a dire earlier forecast:The forecast was recorded in 2014 as part of a campaign coordinated by the World Meteorological Organization (WMO) that invited about 60 presenters worldwide to imagine a weather report from the year 2050. In one clip, Ãvelyne Dhéliat from French television network TF1 presented a hypothetical scenario of high temperatures 36 years into the future — during a heat wave in a warmer climate in 2050... One of the maps that Dhéliat shared was lit up in shades of orange, filled with temperature predictions of 40 degrees Celsius (104 degrees Fahrenheit), reaching as high as 43 degrees Celsius (109.4 degrees Fahrenheit). But it turns out, it didn't take 36 years for those imagined temperatures to be reached — and even exceeded. The heat on Wednesday alone, when the temperature soared as high as 112.3 degrees Fahrenheit (44.3 degrees Celsius), exceeded the 2050 projections in 19 out of 34 locations across mainland France — far sooner than some may have expected. Some places surpassed those hypothetical future temperatures by more than 20 degrees Fahrenheit. It's part of a dramatic shift in heat wave frequency across the country. Half of the heat waves observed since 1947 have occurred since 2010. "By 2100, heat waves could last up to two months continuously," the country's weather agency, Météo-France, said this week. It was hotter in France on Wednesday than in Las Vegas and Phoenix and just two degrees Fahrenheit shy of what was observed in Death Valley, California. An estimated less than one percent of the planet was hotter than France's hottest place... [T]he heat dome, which will linger into early next week, is only part of the story. This type of extreme heat is becoming more common as the planet warms, especially in Europe. Climate scientist Robert Rohde said in a post explaining the heat wave's causes that France and Western Europe should expect many more heat waves like this over the coming decades. "This isn't a fluke, but simply part of the new normal," he said. Thanks to Slashdot reader fjo3 for sharing the news.
  
  
  Read more of this story at Slashdot.
  

• Max Planck Slapped With Two Paper Retractions By Suspected Rogue Algorithm
  Max Planck won 1918's Nobel Prize for physics. Yet two of his papers were retracted — a move now being criticized by Yves Gingras, a historian of physics at the University of Quebec and Mahdi Khelfaoui, a fellow historian of science at UQ Trois-Rivières. Science reports:The papers, both quietly retracted in 2011, originally appeared in the early 1940s in Naturwissenschaften, a German journal now owned by publishing giant Springer Nature. After some sleuthing, Khelfaoui determined one of the Planck pieces, a philosophical essay from 1942 titled "Sinn und Grenzen der exakten Wissenschaft" ("Meaning and Limits of Exact Science"), about how to achieve certainty in scientific knowledge, had also appeared in two other journals and been reprinted twice in books. Repackaging the same work multiple times is considered "self-plagiarism" and frowned upon today — the practice produces copyright conflicts and inflates scholars' publication records. The Naturwissenschaften site gives "copyright violation" as the reason for the retraction. Yet publishing identical material in multiple journals was widespread before the internet. "Science was more fragmented" then, Khelfaoui says. "You wanted different audiences ... to have access to your work." The practice was especially common for luminaries like Planck. Albert Einstein did the same (but escaped retractions). Springer Nature's "anachronistic" application of modern standards to a 1942 paper "distort[s] the historical record," Gingras and Khelfaoui argue in a preprint posted last month on arXiv. Any concerns about copyright violations are largely moot anyway: Because Planck died in 1947, his works are in the public domain in most countries. Gingras was especially incensed that Springer Nature deviated from the normal practice of merely slapping the word RETRACTED across the digital version of the paper while still allowing scholars to read the text. Instead, the publisher posted a blank white page with the cryptic phrase, "This article has been withdrawn due to article violation." Springer Nature is nevertheless still selling the empty PDF for $39.95. Suzanne Scarlata, a chemist and biochemist at the Worcester Polytechnic Institute and editor-in-chief of The Science of Nature, as Naturwissenschaften is now known, had not heard about the retractions before being contacted for this story... Scarlata suspects Springer Nature's internal policing software removed the paper and posted the retraction notice unilaterally, without human supervision: "I think it just happened with their algorithm," she says. "It's a mistake they should probably rectify." A second Planck paper was apparently removed because its response to a 1940 paper had used an identical title. Thanks to our long-time Slashdot reader He Who Has No Name for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• Scroll Burned in 79 AD Volcanic Eruption Finally Deciphered Using AI
  When Mt. Vesuvius erupted in 79 A.D., it buried hundreds of papyrusscrolls. They were rediscovered in the mid-1700s, remembers Smithsonian magazine, "the onlysurviving collection of its kind from the Greco-Romanworld..." "But when scholars tried to unroll them, the carbonized manuscriptscrumbled to dust."Every generation that followed faced the same dilemma: They could wait fortechnology to advance, abandoning hope of reading the ancient textsin their own lifetime. Or they could try to open the scrollsthemselves — and risk destroying them. In recent years, researchers have settled on a third option. Usingadvanced imaging and artificial intelligence, they're decipheringthe scrolls without needing to unroll them at all. The Vesuvius Challengehas accelerated the process by turning it into a public competition,complete with cash prizes. In 2023, a student won $40,000 fordeciphering asingle word — "purple" — from an unopened scroll. Later,contestants would identify 2,000 Greek characters from one scroll ($700,000) and the title of another ($60,000). Now, for the very first time,researchers have recovered allsurviving text from a single scroll. The nearly five-foot-longsegment includes roughly 20 columns of ancient Greek philosophy,accessible for the first time in nearly 2,000 years. "The tech actually does look like magic, but it's not," BrentSeales, a computer scientist at the University of Kentucky, saidat a pressconference. (The article points out that Seales partnered with two Silicon Valley investors in 2023 to launch the Vesuvius Challenge, and is now hailing "the restoration of lost voices from the ancient world."Seales has been working on virtually unwrapping thescrolls since the early 2000s. The process involved imaging thebundles of papyrus using technology similar to CT scanners, isolatingthin layers and then stitching them together.... "We've developeda systematic and a repeatable approach," Seales told the audience."Now it's only a matter of time until we read all of thescrolls."
  
  
  Read more of this story at Slashdot.
  

• California Sheriff Says Their Drone Disarmed a Suspect, Shares Video on Instagram
  The Los Angeles Police Department says about 1,500 police agencies across America have drone programs, reports SFGate, and 58 of those drone-using police agencies are in California. The Sacramento County sheriff's office recently posted drone footage on Instagram set to theme from "Mission: Impossible," claiming "a nationwide first" where their drone successfully disarmed a felon "seen earlier with a firearm" (though now not moving, but holding a knife while lying face down in a garage). In the video the "not responding" suspect continues not moving as the drone dangles a magnet which catches on the knife. The drone then pulls multiple times until it comes out of the unmoving suspect's hand. The sheriff's office says their footage shows their drone "disarm an armed suspect, helping bring the incident to a safe resolution," in their post on Instagram, "rather than rush into a potentially deadly encounter..."Was he pretending to be dead or simply lying in wait for deputies to approach...? It's also worth noting that our drones are labeled as "military equipment" (even though anyone can purchase them at their local Walmart), but are really just another piece of technology helping deputies resolve dangerous situations safely. Their use protects both law enforcement personnel and suspects. SFGate offers more reports from around California:In Yucaipa, officials launched a Drone as First Responder (DFR) pilot program on May 28, the San Bernardino County Sheriff's Department announced this month. According to the release, drones have already been used to respond to over 100 calls for service, arriving before deputies for 71% of them. "The drones also contributed to 12 arrests, assisted in locating persons of interest on 37 occasions, and provided aerial overwatch during 44 incidents," it continues, though details on how they assisted the police are unclear. The drones, manufactured by Skydio, were also used to locate a young person experiencing a mental health crisis and another person launching illegal fireworks.
  
  
  Read more of this story at Slashdot.
  

• Non-Invasive Stimulation of the Brain Ended Opioid Addiction, Cigarette Craving
  The Jerusalem Post reports that doctors at Haifa's Rambam Health Care Campus "have successfully treated their first Israeli opioid addiction patient using an experimental noninvasive brain technology, easing him through withdrawal in just 20 minutes..."[T]he team of specialists at the Haifa medical center intervened in the electrical activity of an area of the patient's brain called the nucleus accumbens, the core of the brain system responsible for feelings of satisfaction, pleasure, and reward. The treatment, based on technology from the Israeli company Insightec, is similar to the one used to treat symptoms of essential tremor and Parkinsonian tremor, under MRI control. In this case, the treatment was carried out with the help of a new technology that performs noninvasive neuromodulation, without heating or burning tissue, and allows stimulation in the same area of the brain to increase or suppress activity... "Tests carried out a week later produced negative results for opioids and other substances," [said Dr. Lior Lev-Tov, director of the functional neurosurgery unit in Rambam's neurosurgery division and the one leading the new study at the medical center.] "The patient himself reported a craving score of zero out of 10 for using the drug, and even another side effect, a drastic drop in the desire for cigarettes, from three packs a day to just a few cigarettes, and with no urge to use alcohol. In other words, in a treatment that lasted about 20 minutes net, our patient was completely freed from an extreme dependence that had accompanied him every day for years. This is nothing less than a medical and therapeutic revolution." Dr. Lev-Tov added that "This experience opens doors for us to treat a wide range of very serious illnesses such as PTSD, OCD, eating disorders, other addictions, severe depression, severe pain disorders, and I hope we will also be able to reach cognitive areas and treat attention deficit disorders, Alzheimer's, Parkinson's, and more." Thanks to Slashdot reader Bruce66423 for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• FSF 'LibreLocal' Organized From Prison by Iranian Man Jailed for 'Cyber-Crimes' After Promoting Free Software
  Thursday the Free Software Foundation blogged about this year's 47 'LibreLocal 2026' meetups, highlighting 10 that took place in Australia, Mexico, the United States, New Zealand, Cameroon, Switzerland, Spain, Argentina, China, and Iran. "Far from each other in many parts of the world, they came together around one unifying belief: free software."We envisioned LibreLocal as a collage of in-person community meetups that would bring people together to swap ideas, learn from each other, and celebrate free software. When we asked the free software community to organize LibreLocals last year, the response was very inspirational: 29 different meetups were hosted. After we made the global call this year, we were greeted with an even more enthusiastic response... Organizers hosted LibreLocals in cafes, bars, restaurants, libraries, universities, a computer repair shop, and even as part of a field trip to the System Source Museum, a museum dedicated to the history of computing in Hunt Valley, Maryland, USA. We also learned that a LibreLocal was organized inside Vakil Abad Prison in Mashhad, Iran by a free software supporter. Originally planned to be held in Shiraz, we were informed of this change in location on the LibreLocal wiki page set up for listing all LibreLocals. The updated entry, by another free software supporter in Iran, reads: "This year, one of our dedicated activists organized a LibrePlanet event from within prison in Iran. Currently serving a sentence for "cyber-crimes" related to his promotion of free software, he continues to introduce the principles of software freedom to his fellow inmates. We have placed this banner to honor his resilience and the community of individuals in prison who continue to stand for technological freedom. His identity will be revealed when it is safe to do so." Advocating for user freedom should never result in a prison sentence. We especially admire and respect the bravery and strength of those who fight for software freedom in the most dangerous and oppressive of environments. 50 people attended the LibreLocal meetup in Switzerland, according to one of the organizers, "forging connections between several local free software stakeholders and strengthening their cohesion." But the FSF's blog post stresses these are "ten stories among many more of free software supporters from across the globe... We also thank you our donors and associate members for the support that makes such meetups possible." The GNU Press Shop is now open through July 19 for their biannual fundraiser, offering a variety of freedom-respecting novelties including an FSF-branded antisurveillance webcam guard and both technical and philosophical books, like Richard Stallman's Free as in Freedom (which allegedly has turned up in Anthropic's training data). Other items include a slick new FSF logo sticker, a brass and zinc GNU "emblem" pin with real gold plating, and a cheeky sticker reminding everyone that "There is no cloud." And there's even a plush GNU toy.
  
  
  Read more of this story at Slashdot.
  

• Forget Prompt Engineering: 'Loop Engineering' Is All the Rage Now
  An anonymous reader quotes a report from Business Insider: For the most powerful voices in AI, it's all about being in the loop. Claude Code creator Boris Cherny recently said he doesn't write his own AI prompts much anymore. Thanks to loops, he doesn't have to. "It's an agent that prompts Claude," Cherny recently told CNBC, adding, "I don't write the prompt anymore. Claude writes the prompt, and now I'm talking to that new Claude that is kind of coordinating." In the same interview, Cherny said that loops and a similar feature were examples of the kind of work he would be proudest of in a decade. Cherny isn't the only one embracing "loop engineering." OpenAI engineer Peter Steinberger, the creator of the viral OpenClaw project, wrote a public reminder to users who are still writing out prompts for AI agents. "Here's your monthly reminder that you shouldn't be prompting coding agents anymore," Steinberger wrote recently on X. "You should be designing loops that prompt your agents." [...] Steinberger shared an example of a loop he uses: "Tell codex to maintain your repos, wake up every 5 minutes and direct work to threads. That makes it easy to parallelize+steer work as needed." Claire Vo, founder of ChatPRD and host of the "How I AI," said, "it's really just reminding people that you don't have to use your human fingers to type in a prompt in order for your agent to do work on your behalf." The days of directly prompting generative AI coding tools are "kind of over, or at least some think it's going to be," Addy Osmani, director of Google Cloud, wrote in his post explaining the concept.
  
  
  Read more of this story at Slashdot.
  

• % Prime Day Savings Are Live! Save up to 75% on training, certifications, bundles, and THRIVE-ONE Annual. Ends June 26.
  The biggest learning deals of the season have arrived. Save up to 75% on training, certifications, bundles, and more through June 26, and take the next step toward your professional goals. SAVE NOW
  
  The post % Prime Day Savings Are Live! Save up to 75% on training, certifications, bundles, and THRIVE-ONE Annual. Ends June 26. appeared first on Linux.com.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

Engadget"Engadget - Technology News & Expert Reviews"

• 5 easy ways to get more range out of your EV
  These little tricks will help you spend more time driving instead of charging.

• Australia doubles the maximum penalty for its social media ban
  The fine can now potentially hit 99 million AUD, or $68 million.

• Apple's touchscreen MacBook reportedly won't wait for the M7 chips
  The new models will launch with the M5 Pro and M5 Max, according to Mark Gurman.

• Mesh Wi-Fi or a range extender? Here's how to know which one you actually need
  Wi-Fi extenders are cheap, but come with distinct drawbacks.

• Flock cameras track more than your license plate, and they're spreading fast
  Mounting privacy and security issues have residents and activists concerned.

• Here's your daily reminder that you don't own digital content
  People in Europe will soon lose access to Studio Canal movies they paid for on the PlayStation Store.

• Are smart bulbs more expensive to run than standard LEDs?
  Do the benefits of features like dimming and scheduling make up for the constant energy draw needed for connectivity?

• Tesla settles lawsuit over fatal pedestrian crash involving Full Self-Driving
  The lawsuit dates back to a deadly incident in Arizona in 2023.

• SpaceX is reportedly planning to build its own natural gas pipeline in Texas
  The 8-mile pipeline would bring fuel for Starship to the company's Starbase.

• Ayaneo's new horizontal handheld is an even better remake of the Game Boy Micro
  The Pocket Micro 2 has a larger battery, improved controls and even a 3.5mm headphone jack.

• The Kindle app for iOS has features your aging Kindle doesn't
  Amazon's Kindle AI features help you read beyond the lines, so long as you have the right ereader.

• Engadget Indie Pitch: I'M YOUR HOST
  4Think Her Story, but weirder.4

• Engadget review recap: MSI Claw 8 EX AI+, Sony A7R VI, Ray-Ban Meta Optics and more
  A roundup of recent reviews published by Engadget.

• The differences between Dolby Digital, DTS and Atmos (and which is better)
  How to decide which of these surround sound formats is best for your home theater.

• NASA tests an in-orbit refueling device for deep space missions
  NASA is testing a 9cryocoupler9 developed by L3Harris for in-orbit refueling.

• A sidescrolling roguelite platformer, Steam Deck air hockey and other new indie games worth checking out
  The Steam Summer Sale is underway.

• Uber expands US driver background checks after sexual assault lawsuits
  Uber is adopting a more stringent background check process for drivers and couriers in the US.

• Apple is reportedly looking to buy chips from a US-blacklisted Chinese company
  Apple is seeking clearance from the Trump administration to buy chips from a company linked to the Chinese military, according to Financial Times.

• Apple executive in charge of Vision Pro is reportedly leaving for OpenAI
  Apple's Vision Pro chief is reportedly leaving for OpenAI to start a hardware division.

• OpenAI launches a limited preview of GPT-5.6 for a 'small group of trusted partners'
  OpenAI9s GPT-5.6 comes in three variants, including its most powerful and its most affordable models yet.

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice