All the News that Matters

• Fedora 42: Chromium Update FEDORA-2026-3736e2ff1a CVEs 2026-0899 2026-0900
  Update to 144.0.7559.59 * CVE-2026-0899: Out of bounds memory access in V8 * CVE-2026-0900: Inappropriate implementation in V8 * CVE-2026-0901: Inappropriate implementation in Blink * CVE-2026-0902: Inappropriate implementation in V8

• Fedora 42: MuseScore Patch for CVE-2025-56225 Denial of Service
  This update adds a patch to fix CVE-2025-56225, a flaw in the bundled version of fluidsynth.

• Fedora 42: libtpms Important CVE-2026-21444 Security Advisory
  Upgrade to libtpms 0.10.2 fixing CVE-2026-21444

• Fedora 43: Chromium Important Memory Access Insights FEDORA-2026-65945d88e4
  Update to 144.0.7559.59 * CVE-2026-0899: Out of bounds memory access in V8 * CVE-2026-0900: Inappropriate implementation in V8 * CVE-2026-0901: Inappropriate implementation in Blink * CVE-2026-0902: Inappropriate implementation in V8

• Fedora 43: libtpms 0.10.2 Important Update CVE-2026-21444
  Upgrade to libtpms 0.10.2 fixing CVE-2026-21444

• openSUSE Leap 16.0: Chromium Moderate Security Update 2026:20054-1
  An update that solves 10 vulnerabilities and has one bug fix can now be installed.

• Amarok 3.3.2 Brings Improvements to User Interface, Audio Backend, and More
  Amarok 3.3.2 has been released today as the second minor update to the latest Amarok 3.3 “Far Above the Clouds” series of this open-source music player application designed for the KDE Plasma desktop environment.

• CVE-2026-0915: GNU C Library Fixes A Security Issue Present Since 1996
  CVE-2026-0915 was published on Friday as a security issue with the GNU C Library "glibc" for code introduced 30 years ago. The latest Glibc Git code is now patched for this issue introduced in 1996...

• Zorin OS 18 Crosses 2 Million Downloads, Cementing Its Appeal to New Linux Users
  Zorin OS has reached an important milestone. The team behind the popular Linux distribution has announced that Zorin OS 18 has surpassed two million downloads, underscoring the growing interest in Linux as a practical alternative to mainstream operating systems.

• Shotcut 26.1 Beta Video Editor Adds New Hardware Decoder Options
  The Shotcut 26.1 beta was released overnight as the newest version of this Qt6-based, cross-platform video editing solution. Standing out the most with this new development release are some new GPU-accelerated hardware decode options for aiming to help speed-up this free software video editor...

• GNOME 49.3 Desktop Released with More Improvements and Bug Fixes
  The GNOME Project released today GNOME 49.3 as the third point release to the latest GNOME 49 “Brescia” desktop environment series with various bug fixes and improvements.

• GNOME 50 Will Make Sure You Don't Use Your Computer Past Your Bedtime
  As part of the GNOME Foundation funded Digital Wellbeing project, the GNOME Shell for GNOME 50 has merged options to prevent unlocking the desktop session past their bed time. The intent here is on rounding out GNOME's parental controls functionality...

• Sequent Microsystems Multichemistry Watchdog HAT Adds UPS Support for Raspberry Pi
  Sequent Microsystems has unveiled a multichemistry Watchdog HAT designed to provide battery-backed power, system monitoring, and automatic recovery for Raspberry Pi boards. The HAT targets mission-critical and unattended deployments, combining a hardware watchdog timer with an integrated UPS and battery charger. The Watchdog HAT supports a wide range of rechargeable battery chemistries, including Lithium-Ion, Lithium-Polymer, […]

• FreeBSD 15.1 Aims To Have KDE Desktop Installer Option
  FreeBSD 15.0 had been aiming to offer a KDE desktop installation option as part of the FreeBSD OS installer. This initiative as part of the FreeBSD laptop support enhancements project didn't pan out in time for FreeBSD 15.0 but now they are working on getting the installer option ready for FreeBSD 15.1. Adding a NVIDIA GPU driver option to the FreeBSD installer was also recently carried out...

• How to Install and Use Flutter on Linux
  In this article, you will learn how to setup and configure Flutter with Android Studio on Linux and quickly run a Flutter app to confirm the setup.

• Origami Linux’s COSMIC Desktop on Fedora Atomic Almost Wins Me Over
  Origami Linux pairs the Cosmic desktop with a Fedora Atomic base and a deliberately sparse default install, leaving most of the customization to you.

• Astronomers Finally Explain How Molecules From Earth's Atmosphere Keep Winding Up On the Moon
  An anonymous reader shared this report from CNN:Particles from Earth's atmosphere have been carried into space by solar wind and have been landing on the moon for billions of years, mixing into the lunar soil, according to a new study [published in the journal Nature Communications Earth & Environment last month]. The research sheds new light on a puzzle that has endured for over half a century since the Apollo missions brought back lunar samples with traces of substances such as water, carbon dioxide, helium and nitrogen embedded in the regolith — the moon's dusty surface layer. Early studies theorized that the sun was the source of some of these substances. But in 2005 researchers at the University of Tokyo suggested that they could have also originated from the atmosphere of a young Earth before it developed a magnetic field about 3.7 billion years ago. The authors suspected that the magnetic field, once in place, would have stopped the stream by trapping the particles and making it difficult or impossible for them to escape into space. Now, the new research upends that assumption by suggesting that Earth's magnetic field might have helped, rather than blocked, the transfer of atmospheric particles to the moon — which continues to this day. "This means that the Earth has been supplying volatile gases like oxygen and nitrogen to the lunar soil over all this time," said Eric Blackman, coauthor of the new study and a professor in the department of physics and astronomy at the University of Rochester in New York. Earth's magnetic field "somewhat inflates the atmosphere of Earth" when it's hit by solar winds, according to study coauthor Eric Blackman, a physics/astronomy professor at New York's University of Rochester. He told CNN the moon passes through this region for a few days each month, with particles landing on the lunar surface and embedding in the soil (because the moon lacks an atmosphere that would block them). This also means the moon's soil could actually contain a chemical record of Earth's ancient atmosphere, according to the study — "spanning billions of years..."
  
  
  Read more of this story at Slashdot.
  

• Acer Sues Verizon, AT&T, and T-Mobile, Alleging Infringment on Acer's Cellular Networking Patents
  Slashdot reader BrianFagioli writes: Acer has filed three separate patent infringement lawsuits against AT&T, Verizon, and T-Mobile, taking the unusual step of hauling the nation's largest wireless carriers into federal court. The suits, filed in the Eastern District of Texas, claim the companies are using Acer-developed cellular networking technology without paying for the privilege. Acer says it tried to negotiate licenses for years but reached a dead end, arguing it was left with no option except litigation. The case centers on six U.S. patents Acer asserts are core to modern wireless networks, rather than anything tied to PCs or laptops. The company describes itself as reluctant to pursue courtroom battles, but it has been quietly building a large global patent portfolio after pouring hundreds of millions of dollars into R&D. Acer also notes that some of its patents count as standard-essential, hinting the carriers may be required to license them. All three companies are expected to push back, and the dispute could become another long-running telecom patent saga. Consumers will not notice any immediate changes, but if Acer wins or settles, it may find a new revenue stream far beyond its traditional hardware business. Further coverage from Hot Hardware
  
  
  Read more of this story at Slashdot.
  

• China Builds 'Hypergravity' Machine 2,000X Stronger Than Earth
  Long-time Slashdot reader schwit1 shared this report from Futurism:China has unveiled an extremely powerful "hypergravity machine" that can generate forces almost two thousand times stronger than Earth's regular gravity. The futuristic-looking machine, called CHIEF1900, was constructed at China's Centrifugal Hypergravity and Interdisciplinary Experiment Facility (CHIEF) at Zheijang University in Eastern China, and allows researchers to study how extreme forces affect various materials, plants, cells, or other structures, as the South China Morning Post reports... [Once up and running, it will allow researchers to recreate "catastrophic events such as dam failures and earthquakes inside a laboratory, according to the university."] For instance, it can analyze the structural stability of an almost 1,000-feet-tall dam by spinning a ten-foot model at 100 Gs, meaning 100 times the Earth's regular gravity. It could also be used to study the resonance frequencies of high-speed rail tracks, or how pollutants seep into soil over thousands of years. The machine officially dethroned its predecessor, CHIEF1300, which became the world's most powerful centrifuge a mere four months ago... It can generate 1,900 g-tonnes of force, or 1,900 times the Earth's gravity. To put that into perspective, a washing machine only reaches about two g-tonnes.
  
  
  Read more of this story at Slashdot.
  

• Could We Provide Better Cellphone Service With Fewer, Bigger Satellites?
  European satellite operator Eutelsat "plans to launch 440 Airbus-built LEO satellites in the coming years to replenish and expand its constellation," Reuters reported Friday. And last week America's Federal Communications Commission approved SpaceX's request to deploy another 7,500 Starlink satellites, while Starlink "projects it will eventually have a constellation of 34,000 satellites," writes Fast Company, and Amazon's Project Leo "plans to launch more than 3,200 satellites." Meanwhile "Beijing and some Chinese companies are planning two separate mega-constellations, Guowang and G60 Starlink, totaling nearly 26,000 satellites," and this week the Chinese government "applied for launch permits for 200,000 satellites." But a small Texas-based company called AST SpaceMobile "believes it can provide better service with fewer than 100 gigantic satellites in space." AST SpaceMobile has developed a direct-to-cell technology that utilizes large satellites called BlueBirds. These machines use thousands of antennas to deliver broadband coverage directly to standard mobile phones, says the company's president, Scott Wisniewski. "This approach is remarkably efficient: We can achieve global coverage with approximately 90 satellites, not thousands or even tens of thousands required by other systems," Wisniewski writes in an email... The key is its satellites' size and sophistication. AST's first generation of commercial satellite, the BlueBird 1-5, unfolds into a massive 693-square-foot array in space. Today, the company has five operational BlueBird 1-5 satellites in orbit, but its ambitions are much bigger. On December 24, 2025, AST launched the first of its next-generation satellites from India — called Block 2 — and this one broke records. The BlueBird 6 has a surface of almost 2,400 square feet, making it the largest single satellite in low Earth orbit. The company plans to launch up to 60 more by the end of 2026. "This large surface area is essential for gathering faint signals from standard, unmodified mobile phones on the ground," Wisniewski explains. It is essentially a single, extremely powerful and sensitive cell tower in the sky, capable of serving a huge geographical area... To be clear, AST SpaceMobile's approach is not without its own controversies. The sheer size of the company's satellites makes them incredibly bright in the night sky, a significant source of frustration for ground-based astronomers. McDowell confirms that when it launched in 2022, AST's prototype satellite, BlueWalker 3, became "one of the top 10 brightest objects in the night sky for a while." "It's a serious issue, and we are working directly with the astronomy community to mitigate our impact," Wisniewski says. The company is exploring solutions like anti-reflective coatings and operational adjustments to minimize the time its satellites are at maximum brightness... AST SpaceMobile has already proven its technology works, the article points out, with six working satellites now transmitting at typical 5G speeds directly to regular phones.
  
  
  Read more of this story at Slashdot.
  

• Retailers Rush to Implement AI-Assisted Shopping and Orders
  This week Google "unveiled a set of tools for retailers that helps them roll out AI agents," reports the Wall Street Journal,The new retail AI agents, which help shoppers find their desired items, provide customer support and let people order food at restaurants, are part of what Alphabet-owned Google calls Gemini Enterprise for Customer Experience. Major retailers, including home improvement giant Lowe's, the grocer Kroger and pizza chain Papa Johns say they are already using Google's tools to help prepare for the incoming wave of AI-assisted shopping and ordering... Kicking off the race among tech giants to get ahead of this shift, OpenAI released its Instant Checkout feature last fall, which lets users buy stuff directly through its chatbot ChatGPT. In January, Microsoft announced a similar checkout feature for its Copilot chatbot. Soon after OpenAI's release last year, Walmart said it would partner with OpenAI to let shoppers buy its products within ChatGPT. But that's just the beginning, reports the New York Times, with hundreds of start-ups also vying for the attention of retailers:There are A.I. start-ups that offer in-store cameras that can detect a customer's age or gender, robots that manage shelves on their own and headsets that give store workers access to product information in real time... The scramble to exploit artificial intelligence is happening across the retail spectrum, from the highest echelons of luxury goods to the most pragmatic of convenience stores. 7-Eleven said it was using conversational A.I. to hire staff at its convenience stores through an agent named Rita (Recruiting Individuals Through Automation). Executives said that they no longer had to worry about whether applicants would show up to interviews and that the system had reduced hiring time, which had taken two weeks, to less than three days. The article notes that at the National Retail Federation conference, other companies showing their AI advancements included Applebee's, IHOP, the Vitamin Shoppe, Urban Outfitters, Rag & Bone, Kendra Scott, Michael Kors and Philip Morris.
  
  
  Read more of this story at Slashdot.
  

• 53% of Crypto Tokens Launched Since 2021 Have Failed, Most in 2025
  =["More than half of all cryptocurrencies ever launched are now defunct," reports CoinDesk, citing a new analysis by cryptocurrency data aggregator CoinGecko. And most of those failures occurred in 2025:The study looked at token listings on GeckoTerminal between mid-2021 and the end of 2025. Of the nearly 20.2 million tokens that entered the market during that period, 53.2% are no longer actively traded. A staggering 11.6 million of those failures happened in 2025 alone — accounting for 86.3% of all token deaths over the past five years. One key driver behind the surge in dead tokens was the rise of low-effort memecoins and experimental projects launched via crypto launchpads like pump.fun, CoinGecko analyst Shaun Paul Lee said. These platforms lowered the barrier to entry for token creation, leading to a wave of speculative assets with little or no development backing. Many of these tokens never made it past a handful of trades before disappearing.
  
  
  Read more of this story at Slashdot.
  

• How Much Do AI Models Resemble a Brain?
  At the AI safety site Foom, science journalist Mordechai Rorvig explores a paper presented at November's Empirical Methods in Natural Language Processing conference:[R]esearchers at the Swiss Federal Institute of Technology (EPFL), the Massachusetts Institute of Technology (MIT), and Georgia Tech revisited earlier findings that showed that language models, the engines of commercial AI chatbots, show strong signal correlations with the human language network, the region of the brain responsible for processing language... The results lend clarity to the surprising picture that has been emerging from the last decade of neuroscience research: That AI programs can show strong resemblances to large-scale brain regions — performing similar functions, and doing so using highly similar signal patterns. Such resemblances have been exploited by neuroscientists to make much better models of cortical regions. Perhaps more importantly, the links between AI and cortex provide an interpretation of commercial AI technology as being profoundly brain-like, validating both its capabilities as well as the risks it might pose for society as the first synthetic braintech. "It is something we, as a community, need to think about a lot more," said Badr AlKhamissi, doctoral student in computer science at EPFL and first author of the preprint, in an interview with Foom. "These models are getting better and better every day. And their similarity to the brain [or brain regions] is also getting better — probably. We're not 100% sure about it...." There are many known limitations with seeing AI programs as models of brain regions, even those that have high signal correlations. For example, such models lack any direct implementations of biochemical signalling, which is known to be important for the functioning of nervous systems.However, if such comparisons are valid, then they would suggest, somewhat dramatically, that we are increasingly surrounded by a synthetic braintech. A technology not just as capable as the human brain, in some ways, but actually made up of similar components. Thanks to Slashdot reader Gazelle Bay for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• 2026's Breakthrough Technologies? MIT Technology Review Chooses Sodium-ion Batteries, Commercial Space Stations
  As 2026 begins, MIT Technology Review publishes "educated guesses" on emerging technologies that will define the future, advances "we think will drive progress or incite the most change — for better or worse — in the years ahead." This year's list includes next-gen nuclear, gene-editing drugs (as well as the "resurrection" of ancient genes from extinct creatures), and three AI-related developments: AI companions, AI coding tools, and "mechanistic interpretability" for revealing LLM decision-making. But also on the list is sodium-ion batteries, "a cheaper, safer alternative to lithium."Backed by major players and public investment, they're poised to power grids and affordable EVs worldwide. [Chinese battery giant CATL claims to have already started manufacturing sodium-ion batteries at scale, and BYD also plans a massive production facility for sodium-ion batteries.] The most significant impact of sodium-Âion technology may be not on our roads but on our power grids. Storing clean energy generated by solar and wind has long been a challenge. Sodium-ion batteries, with their low cost, enhanced thermal stability, and long cycle life, are an attractive alternative. Peak Energy, a startup in the US, is already deploying grid-scale sodium-ion energy storage. Sodium-ion cells' energy density is still lower than that of high-end lithium-ion ones, but it continues to improve each year — and it's already sufficient for small passenger cars and logistics vehicles. And another "breakthrough technology" on their list is commercial space stations:Vast Space from California, plans to launch its Haven-1 space station in May 2026 on a SpaceX Falcon 9 rocket. If all goes to plan, it will initially support crews of four people staying aboard the bus-size habitat for 10 days. Paying customers will be able to experience life in microgravity and conduct research such as growing plants and testing drugs. On its heels will be Axiom Space's outpost, the Axiom Station, consisting of five modules (or rooms). It's designed to look like a boutique hotel and is expected to launch in 2028. Voyager Space aims to launch its version, called Starlab, the same year, and Blue Origin's Orbital Reef space station plans to follow in 2030. Thanks to long-time Slashdot reader sandbagger for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• Predator Spyware Turns Failed Attacks Into Intelligence For Future Exploits
  In December 2024 the Google Threat Intelligence Group published research on the code of the commercial spyware "Predator". But there's now been new research by Jamf (the company behind a mobile device management solution) showing Predator is more dangerous and sophisticated than we realized, according to SecurityWeek. Long-time Slashdot reader wiredmikey writes: The new research reveals an error taxonomy that reports exactly why deployments fail, turning black boxes into diagnostic events for threat actors. Almost exclusively marketed to and used by national governments and intelligence agencies, the spyware also detects cybersecurity tools, suppresses forensics evidence, and has built-in geographic restrictions.
  
  
  Read more of this story at Slashdot.
  

• To Pressure Security Professionals, Mandiant Releases Database That Cracks Weak NTLM Passwords in 12 Hours
  Ars Technica reports:Security firm Mandiant [part of Google Cloud] has released a database that allows any administrative password protected by Microsoft's NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the deprecated function despite known weaknesses.... a precomputed table of hash values linked to their corresponding plaintext. These generic tables, which work against multiple hashing schemes, allow hackers to take over accounts by quickly mapping a stolen hash to its password counterpart... Mandiant said it had released an NTLMv1 rainbow table that will allow defenders and researchers (and, of course, malicious hackers, too) to recover passwords in under 12 hours using consumer hardware costing less than $600 USD. The table is hosted in Google Cloud. The database works against Net-NTLMv1 passwords, which are used in network authentication for accessing resources such as SMB network sharing. Despite its long- and well-known susceptibility to easy cracking, NTLMv1 remains in use in some of the world's more sensitive networks. One reason for the lack of action is that utilities and organizations in industries, including health care and industrial control, often rely on legacy apps that are incompatible with more recently released hashing algorithms. Another reason is that organizations relying on mission-critical systems can't afford the downtime required to migrate. Of course, inertia and penny-pinching are also causes. "By releasing these tables, Mandiant aims to lower the barrier for security professionals to demonstrate the insecurity of Net-NTLMv1," Mandiant said. "While tools to exploit this protocol have existed for years, they often required uploading sensitive data to third-party services or expensive hardware to brute-force keys." "Organizations that rely on Windows networking aren't the only laggards," the article points out. "Microsoft only announced plans to deprecate NTLMv1 last August." Thanks to Slashdot reader joshuark for sharing the news.
  
  
  Read more of this story at Slashdot.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

• Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation.
  Exciting news! The Tazama project is officially a Digital Public Good having met the criteria to be accepted to the Digital Public Goods Alliance ! Tazama is a groundbreaking open source software solution for real-time fraud prevention, and offers the first-ever open source platform dedicated to enhancing fraud management in digital payments. Historically, the financial [0]
  
  The post Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation. appeared first on Linux.com.
  

• Xen 4.19 is released
  Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
  
  The post Xen 4.19 is released appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• New users can get a year of one of our favorite budgeting apps for only $50
  A new year is the perfect time to get your spending in order, and if you9re not trying to build your own spreadsheet, budgeting apps are one of the best ways to do it. To save yourself some money in the process, you can pick up a year-long subscription to Monarch Money, one of Engadget9s favorite budgeting apps, for just $50 if you use code NEWYEAR2026 at checkout and you9re a new subscriber. That9s a 50 percent discount on the service9s normal $100 price.
  
  Monarch Money makes for a capable and detailed budgeting companion. You can use the service via apps for iOS, Android, iPadOS or the web, and Monarch also offers a Chrome extension that can sync your Amazon and Target transactions and automatically categorize them. Like other budgeting apps, Monarch Money lets you connect multiple financial accounts and track your money based on where you spend it over time. Monarch offers two different approaches to tracking budgeting (flexible and category budgeting) depending on what fits your life best, and the ability to add a budget widget on your phone so you can know how you9re tracking that month.
  
  
  
  How budgeting apps turn your raw transactions into visuals you can understand at a glance is one of the big things that differentiates one app from another, and Monarch Money offers multiple graphs and charts to look at for things like spending, investments or categories of your choice based on how you9ve labelled your expenses. The app can also monitor the spending of you and your partner all in one place, to make it easier to plan together.
  
  The main drawbacks Engadget found in testing Monarch Money were the app9s learning curve, and the differences in features (and bugginess) between Monarch9s web and mobile versions. Still, for 50 percent off, the Monarch Money is well worth experimenting with if you9re trying to save money in 2026, especially if you want to do it collaboratively with a partner.
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/apps/new-users-can-get-a-year-of-one-of-our-favorite-budgeting-apps-for-only-50-204507576.html?src=rss

• Apple's latest 25W MagSafe charger is on sale for $30
  If you want a wireless charger for your iPhone and prefer to stick with Apple, Amazon has a sale that may pique your interest. The retailer is selling the one meter Apple Magsafe charger for $30, saving you $10 off the regular price, while also selling the two meter model for $40 ($10 off).
  
  
  
  If you have an iPhone 16, iPhone 17 or iPhone Air, this cable can charge your device at 25W as long as it9s connected to a 30W power adapter on the other end. While you9ll need a more recent iPhone to get the fastest MagSafe charging speeds, the charger can wirelessly top up the battery of any iPhone from the last eight years (iPhone 8 and later). With older iPhones, the charging speed tops out at 15W. The cable works with AirPods wireless charging cases too — it9s certified for Qi2.2 and Qi charging.
  
  The MagSafe charger is one of our favorite iPhone accessories, and would pair quite nicely with your new iPhone if you9re picking up one of the latest models. If you9re on the fence about that, be sure to check out our reviews of the iPhone 17, iPhone Pro/Pro Max and iPhone Air.
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/deals/apples-latest-25w-magsafe-charger-is-on-sale-for-30-141707297.html?src=rss

• Disney+ and Hulu deal: Get one month of the bundle for only $10
  The peak time for deals on streaming services — the holiday shopping season — has come and gone, but Disney is back with a fresh offer for the new year. New and eligible returning subscribers can get one month of the ad-supported Disney+ Hulu bundle for just $10. That9s $3 off the usual monthly rate for the bundle, and more than 58 percent off if you consider the prices for each service individually (Disney+ at $12 per month and, separately, Hulu also at $12 per month).
  
  We9d be remiss if we didn9t mention that this isn9t quite as good as the Black Friday deal we saw last year, which offered the same bundle for $5 per month for one year. However, if you missed that offer or just want to try out Disney+ and Hulu for a brief period of time, this is a good way to do so.
  
  
  
  Disney+ and Hulu make one of the most balanced streaming pairs available, blending family-friendly favorites with acclaimed originals and network TV staples. Disney+ brings a vast library of animated classics, blockbuster franchises and exclusive content from Marvel, Pixar, Star Wars and National Geographic. It’s the place to stream nearly every Star Wars film and series, plus the full Marvel Cinematic Universe lineup and Disney’s most recent theatrical releases.
  
  Hulu balances things out with a more adult-oriented lineup of current TV shows, next-day network episodes and a growing roster of award-winning originals. The platform hosts series like The Bear, The Handmaid’s Tale and Only Murders in the Building, alongside comedies, thrillers and documentaries that regularly feature in awards conversations. It’s also the home for next-day streaming of ABC and FX shows, making it especially useful if you’ve already cut the cable cord but still want to keep up with primetime TV.
  
  The Duo Basic bundle ties these two services together under a single subscription, offering a simple way to expand your library without juggling multiple accounts. This tier includes ads on both platforms, but the trade-off is significant savings compared with paying for each service separately. For many households, that’s an acceptable compromise when it means access to such a wide range of content.
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/deals/disney-and-hulu-deal-get-one-month-of-the-bundle-for-only-10-192814033.html?src=rss

• The plan for a gaming-themed Atari hotel in Las Vegas has reportedly been scrapped
  Six years after the announcement of plans to build Atari Hotels in eight cities across the US, including Las Vegas, only one now seems to be moving forward, in Phoenix, Arizona. The Las Vegas deal ultimately "didn9t come to fruition," spokesperson Sara Collins told Las Vegas Sun this week, and Atari Hotels is putting its focus into the Phoenix site "for the time being."
  
  Phoenix was always meant to be the first site, followed by other hotels in Austin, Chicago, Denver, Las Vegas, San Francisco, San Jose and Seattle. But Las Vegas is now apparently off the table, and there haven9t been any signs of life around the other planned locations. The FAQ on the Atari Hotels website notes, "Additional sites, including Denver, are being explored under separate development and licensing agreements." The Atari Hotel project was announced in 2020 just before the onset of the COVID-19 pandemic and consequently experienced development delays. Construction on the Phoenix hotel, which was supposed to break ground in 2020, is expected to begin late this year, with its opening now planned for 2028. 
  
  But maybe don9t hold your breath. According to a December press release, the company is still trying to raise $35 million to $40 million to fund the "playable destination" for gamers in Phoenix.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/the-plan-for-a-gaming-themed-atari-hotel-in-las-vegas-has-reportedly-been-scrapped-214212269.html?src=rss

• Amazon's live-action God of War adaptation adds Teresa Palmer
  Amazon is reportedly adding Teresa Palmer (The Fall Guy, Warm Bodies, Hacksaw Ridge) to its pantheon of Norse gods for its God of War TV show adaptation. As first reported by Ryan Hurst, but it could hint at the direction the TV show may take.
  two seasons.
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/tv-movies/amazons-live-action-god-of-war-adaptation-adds-teresa-palmer-201604602.html?src=rss

• TikTok's latest spinoff app feels a lot like Quibi, but with shorter and cornier content
  In another attempt to reduce our attention spans to mush, TikTok has released the PineDrama app, which offers serialized drama series that are roughly a minute per episode. As first spotted by TikTok, but instead of trendy dance videos, you can scroll through and watch "micro dramas."
  
  For those new to the category, micro dramas are bite-sized TV shows shot in vertical video and available in minute-long episodes. Don9t expect any nominations for Best Original Screenplay with series like The Officer Fell For Me or Married to my past life9s nemesis, since they typically offer soap opera vibes with cliffhangers that keep users scrolling to the next episode. The app is designed to keep people on it with a Discover tab, a place to save favorites and the ability to react in real time alongside other viewers.
  
  Right now, the micro dramas on PineDrama are all free to watch and don9t have any ads. It9s unclear if TikTok will introduce any costs or ads to the app, since other micro drama options like DramaBox or ReelShort have a paid structure. Late last year, TikTok also introduced a way to watch micro dramas within its own app, with a section called Minis. It9s not the first time we9re seeing shorter TV show formats, since Quibi made waves with a format of episodes that were less than 10 minutes long. However, maybe even 10 minutes was too long since the startup eventually called it quits after eight months.
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/tv-movies/tiktoks-latest-spinoff-app-feels-a-lot-like-quibi-but-with-shorter-and-cornier-content-185702010.html?src=rss

• It's the last day to get up to $90 off reMarkable E Ink tablet bundles
  E Ink tablet maker reMarkable is running a bundle deal right now that can save you between $80 and $90 when buying a reMarkable 2 along with a Marker stylus and a folio case. The savings vary depending on the bundle you configure, but this can bring your out-the-door cost down to $449 from $529 for the tablet, Marker stylus and polymer weave book folio. The offer runs through January 17.
  
  The company also sells a newer stylus called Marker Plus that lets you erase by flipping it around just like a real pencil, but that will cost you an extra $50. If you’ve been eyeing a dedicated writing tablet for work, school or just jotting down notes without the distraction of endless apps, this bundle deal is an ideal opportunity to pick one up.
  
  
  
  The reMarkable 2 earned our top pick for best e-ink tablet. In our review, we said the tablet was prettier than ever with a 10.3-inch display and a handsome aluminum frame. The tablet is only 4.7mm thick and weighs less than a pound, helping it feel lean and portable.
  
  The display can detect over 4,000 different levels of pressure with the Marker stylus, allowing for precise shading when sketching and the latency between the stylus and the screen is just 21ms. reMarkable fitted the display with a resin layer on top of the glass to make writing on it feel more realistic. We didn9t think this passed muster, but we found writing on it was a joy nonetheless.
  
  The tablet supports PDFs and ePUBs, which can be added via the companion mobile app or a desktop computer. You can also pair the reMarkable 2 with Google Drive, Microsoft OneDrive or Dropbox to access files. The battery is rated for an impressive two weeks between charges.
  
  The reMarkable Paper Pro, a higher-end model with a richer feature set like a full color display and a built-in reading light, is our pick for best premium e-ink tablet. The pricier tablet also has bundle deals right now with savings up to $80 depending on configuration.
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/mobile/tablets/its-the-last-day-to-get-up-to-90-off-remarkable-e-ink-tablet-bundles-150242090.html?src=rss

• Get NBA League Pass for up to 55 percent off right now
  NBA League Pass, the streaming service that lets you catch hundreds of out-of-market NBA games, is on sale right now for up to 55 percent off. The League Pass Premium subscription is on sale for $75, down from $160, while League Pass Standard is marked down to $50 from $110. We9re almost halfway through the season at this point, so it makes sense for a service like League Pass to start offering some discounts.
  
  The Standard plan includes commercials and support for only one device at a time, while the Premium tier offers no commercials, in-arena streams during breaks in the game, offline viewing of full games and concurrent streams on up to three devices at once.
  
  
  
  Last year, League Pass added multiview, which allows you to view up to four games at once on a single screen. This is included across both subscription tiers. The service also added a smart rewind tool that automatically selects key highlights and plays from each game.
  
  Outside the US and Canada, League Pass carries every single NBA game live, but within these countries a bevy of restrictions apply. In the US, any games being shown on your regional sports network will be blacked out as the service is meant for out-of-market games only. Also, any nationally broadcast games will not be available live, but instead will be available for on-demand viewing at 6AM ET the following day. The service is only for regular-season games.
  
  If you9re an avid NBA fan that follows multiple teams then the League Pass almost certainly carries dozens of games you can watch even with the restrictions in the US. Subscribers can get a list of applicable blackouts by entering their ZIP code before signing up.
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/deals/get-nba-league-pass-for-up-to-55-percent-off-right-now-163421800.html?src=rss

• Elon Musk is looking for a $134 billion payout from OpenAI and Microsoft
  We now have some idea of what9s at stake in the longstanding feud between Elon Musk and OpenAI. As first reported by $500 billion, after contributing $38 million in "seed funding" during the AI company9s startup years. Along with providing "roughly 60 percent of the nonprofit9s seed funding," Musk offered recruiting of key employees, introductions with business contacts and startup advice, according to the filing. The monetary estimate comes from C. Paul Wazzan, a financial economist who9s serving as Musk9s expert in the case. According to Wazzan9s calculations, OpenAI earned between $65.5 billion and $109.43 billion in wrongful gains, while Microsoft saw between $13.3 billion and $25.06 billion.
  
  The lawsuit between Elon Musk and OpenAI dates back to March 2024, when the xAI CEO first filed a legal action claiming that OpenAI violated its non-profit status. Musk later added Microsoft as another defendant and even tried to get an injunction when OpenAI announced efforts to reorganize its corporate structure. Besides this suit, Musk has named OpenAI in another legal battle, accusing the company, along with Apple, of monopolistic practices that prevent xAI from getting a fair shot in the App Store.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/elon-musk-is-looking-for-a-134-billion-payout-from-openai-and-microsoft-171824945.html?src=rss

• Grab a four-pack of AirTags on sale for $65
  Most Apple products are pretty expensive, but some of the most affordable (and useful) ones are AirTags. The Bluetooth trackers are priced pretty reasonably even when not on sale, but they can be a steal if you can get them on a discount — like right now. A four pack of AirTags is on sale for $65 at Amazon, which is only a few dollars more than the record-low price we saw during Black Friday this year.
  
  
  
  AirTags can be useful for people who travel frequently, helping you to keep track of essentials like your passport as well as a way to keep tabs on luggage while you9re on the go. If you do purchase some AirTags, we have some recommendations for useful accessories to go along with them, such as different styles of cases to best attach the trackers to different types of items. These are worth looking over and adding to your shopping cart in order to make the most of the product. 
  
  AirTags have an IP67 rating for water and dust resistance and their replaceable batteries should last for about a year. They can also support Precision Finding, which gives more exact directions to a lost item, when paired with most models after the iPhone 11. Up to five people can share an AirTag9s location, which is helpful for families or large travel groups. 
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/deals/grab-a-four-pack-of-airtags-on-sale-for-65-202333514.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice