All the News that Matters

• Debian 11 containerd Critical Permissions DoS Vuln DLA-4467-1
  Multiple vulnerabilities were discovered in containerd, an open-source container runtime, used by e.g. Docker or Kubernetes. CVE-2024-25621 Overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri`

• Mageia 9 libformula 2026-0010 Fixes LibreOffice Formatting Issue
  MGAA-2026-0010 - Updated libformula & ant-contrib packages fix bug

• Fedora 43 gnupg2 Critical Buffer Overflow Fix CVE-2026-24882
  Fix CVE-2026-24882: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution

• Fedora 43 yarnpkg Advisory 2026-a75abb3f2b CVE-2025-13465 Medium Threat
  Regenerate vendor tarball. Fixes CVE-2025-13465.

• Fedora 43 pgAdmin4 Moderate Prototype Pollution Fix CVE-2025-13465
  Regenerate vendor tarball. Fixes CVE-2025-13465.

• Fedora 43 phpunit12 Important Arbitrary Code Exec Risk 2026-470a48f838
  Version 12.5.8 - 2026-01-27 Changed To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs

• Microsoft's New Open-Source Project: LiteBox As A Rust-Based Sandboxing Library OS
  Microsoft engineers and other stakeholders have been developing LiteBox as a security-focused library OS written in the Rust programming language and leveraging Linux Virtualization Based Security "LVBS". The design is for LiteBox to operate as a secure kernel protecting the normal guest kernel via virtualization hardware...

• CentOS is coming to RISC-V soon if you have the kit
  The RHELatives are more versatile than you might realizeFOSDEM 2026 CentOS Connect 2026 took place in Brussels last week, over the two days preceding the sprawling FOSDEM festival of FOSS – the nerd world's Glastonbury, complete with the queues and the questionable hygiene.…

• Linux 7.0 Should Fix Nouveau For The Large Pages Support For Better NVK Performance
  The Linux 6.19 merge window had introduced support for larger pages and compression with the Nouveau kernel driver, which ultimately should help provide a performance win to this open-source NVIDIA driver. The Mesa NVK driver was ready to make use of that new kernel driver functionality but then it ended up being disabled due to bugs. Fortunately, for the Linux 6.20~7.0 kernel those issues should be resolved so then the Mesa NVK usage of the larger pages / compression support could be restored...

• KDE Gear 25.12.2 Brings Improvements to Dolphin, NeoChat, Kate, and Other Apps
  Today, the KDE Project released KDE Gear 25.12.2 as the second maintenance update to the latest KDE Gear 25.12 series of this collection of open-source applications for the KDE ecosystem and other platforms.

• System76 Lays Out Major COSMIC Desktop Changes Planned for Epoch 2 and 3
  System76 has published a detailed roadmap outlining planned features and priorities for COSMIC Epoch 2 and 3, covering performance, UI, and workflow changes.

• GIMP Post-3.2 Will Be Looking At Hardware Acceleration, Full CMYK & More
  With GIMP 3.2 releasing soon, GIMP developer Ond?ej Míchal presented at FOSDEM 2026 this past weekend on some of the feature work being eyed for post-3.2 developments...

• System76's COSMIC Desktop Planning Vulkan Renderer, Improved Gaming Experience
  Following December's release of COSMIC Epoch 1 along with the Pop!_OS 24.04 release by System76, today they shared more of their feature plans for the next two major COSMIC desktop updates...

• Ubuntu 24.04 LTS Users Get Linux 6.17 and Mesa 25.2 Ahead of Ubuntu 24.04.4 LTS
  Canonical has pushed today new updates to Ubuntu 24.04 LTS (Noble Numbat) users, including the Linux 6.17 kernel and Mesa 25.2 graphics stacks from Ubuntu 25.10 (Questing Quokka).

• Debian's Challenge When Its Developers Quietly Drift Away
  You may recall the news last month around no one was left on Debian's data protection team and other volunteer staffing challenges with different Debian efforts in the past. Debian Project Leader Andreas Tille has been looking at the issue of the challenges that arise when Debian's all-volunteer developers quietly drift away either due to time commitments, other interests, or other reasons but don't properly communicate it to the Debian project...

• The Easiest Way to Make Linux Boot Faster: Disable Unnecessary Services
  Your Linux system may be bloated with lots of services that run in the background. Here's how to make Linux boot faster by disabling unnecessary services.

• Anthropic Launches Claude Opus 4.6 as Its AI Tools Rattle Software Markets
  Anthropic on Thursday released Claude Opus 4.6, its most capable model yet, at a moment when the company's AI tools have already spooked markets over fears that they are disrupting traditional software development and other sectors. The new model improves on Opus 4.5's coding abilities, the company said -- it plans more carefully, sustains longer agentic tasks, handles larger codebases more reliably, and catches its own mistakes through better debugging. It is also the first Opus-class model to feature a 1M token context window, currently in beta. On GDPval-AA, an independent benchmark measuring performance on knowledge-work tasks in finance, legal and other domains, Opus 4.6 outperformed OpenAI's GPT-5.2 by roughly 144 Elo points. Anthropic also introduced agent teams in Claude Code, allowing multiple agents to work in parallel on tasks like codebase reviews. Pricing remains at $5/$25 per million input/output tokens.
  
  
  Read more of this story at Slashdot.
  

• Western Digital Plots a Path To 140 TB Hard Drives Using Vertical Lasers and 14-Platter Designs
  Western Digital this week laid out a roadmap that stretches its 3.5-inch hard drive platform to 14 platters and pairs it with a new vertical-emitting laser for heat-assisted magnetic recording, a combination the company says will push individual drive capacities beyond 140 TB in the 2030s. The vertical laser, developed over six years and already working in WD's labs, emits light straight down onto the disk rather than from the edge, delivering more thermal energy while occupying less vertical space -- enabling areal densities up to 10 TB per platter, up from today's 4 TB, and room for additional platters in the same enclosure. WD's first commercial HAMR drives arrive in late 2026 at 40-44 TB on an 11-platter design, ramping into volume production in 2027. A 12-platter platform follows in 2028 at 60 TB, and WD expects to hit 100 TB by around 2030.
  
  
  Read more of this story at Slashdot.
  

• Amazon Plans To Use AI To Speed Up TV and Film Production
  Amazon plans to use AI to speed up the process for making movies and TV shows even as Hollywood fears that AI will cut jobs and permanently reshape the industry. From a report: At the Amazon MGM Studio, veteran entertainment executive Albert Cheng is leading a team charged with developing new AI tools that he said will cut costs and streamline the creative process. Amazon plans to launch a closed beta program in March, inviting industry partners to test its AI tools. The company expects to have results to share by May. [...] Amazon is leaning on its cloud computing division, Amazon Web Services, for help and plans to work with multiple large language model providers to give creators a wider array of options for pre- and post-production filmmaking.
  
  
  Read more of this story at Slashdot.
  

• Spotify Plans To Sell Physical Books
  Spotify is planning to let premium subscribers in the U.S. and U.K. buy hardcovers and paperbacks directly through its app starting this spring, partnering with Bookshop.org to handle pricing, inventory and fulfillment. The Swedish streaming company, which entered the audiobook market in 2022, will also introduce a feature called Page Match that lets users scan a page from a physical book or e-reader and jump to the exact spot in the audiobook edition. Spotify will earn an undisclosed affiliate fee on each purchase.
  
  
  Read more of this story at Slashdot.
  

• FBI Couldn't Get Into Reporter's iPhone Because It Had Lockdown Mode Enabled
  The FBI has been unable to access a Washington Post reporter's seized iPhone because it was in Lockdown Mode, a sometimes overlooked feature that makes iPhones broadly more secure, according to recently filed court records. 404Media: The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as part of an investigation into leaks of classified information. It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device. "Because the iPhone was in Lockdown mode, CART could not extract that device," the court record reads, referring to the FBI's Computer Analysis Response Team, a unit focused on performing forensic analyses of seized devices. The document is written by the government, and is opposing the return of Natanson's devices. The FBI raided Natanson's home as part of its investigation into government contractor Aurelio Perez-Lugones, who is charged with, among other things, retention of national defense information. The government believes Perez-Lugones was a source of Natanson's, and provided her with various pieces of classified information. While executing a search warrant for his mobile phone, investigators reviewed Signal messages between Pere-Lugones and the reporter, the Department of Justice previously said.
  
  
  Read more of this story at Slashdot.
  

• Kalshi Claims 'Extortion,' Then Recants in Feud Over User Losses
  Kalshi, the largest U.S. prediction market, accused a small data startup called Juice Reel of "extortion" after a stock analyst used the company's transaction-level data to argue that prediction market users lose money faster than gamblers on traditional betting apps -- then walked the allegation back hours later. The equity research analyst Jordan Bender at Citizens found that the bottom quarter of prediction market users lost about 28 cents of every dollar wagered in their first three months, compared to roughly 11 cents per dollar on sites like FanDuel and DraftKings. Kalshi's head of communications told Bloomberg the report was "flat-out wrong" and called the data an extortion attempt. Juice Reel CEO Ricky Gold said Kalshi had actually pressured him to tell Bloomberg the data was inaccurate. Kalshi later issued an updated statement saying it continued to dispute the findings but "after further review, we don't believe the intention was extortion." The company did not provide any data to counter the analysis.
  
  
  Read more of this story at Slashdot.
  

• China Has Seized Sony's Television Halo
  Sony announced last month that it plans to pass control of its home entertainment division -- including the two-decade-old Bravia television brand -- to Chinese electronics group TCL through a joint venture in which TCL would hold a 51% stake. The Japanese company was long ago overtaken in sales by South Korea's Samsung and LG and now holds just 2% of the global television market. Sony stopped making its own LCD screens in 2011. Chinese companies supplied 71% of television panels made in Asia last year, according to TCL, and less than 10% are now produced in Japan and Korea. TCL is close to overtaking Samsung as the world's largest television maker. Sony retains valuable intellectual property in image rendering, and the Bravia brand still carries consumer recognition, but its OLED screens are already supplied by Samsung and LG. The company has been shifting toward premium cameras, professional audio, and its entertainment businesses in film, music, and games -- areas where intellectual property is less exposed to Chinese manufacturing scale.
  
  
  Read more of this story at Slashdot.
  

• Munich Makes Digital Sovereignty Measurable With Its Own Score
  alternative_right writes: The city of Munich has developed its own measurement instrument to assess the digital sovereignty of its IT infrastructure. The so-called Digital Sovereignty Score (SDS) visually resembles the Nutri-Score and identifies IT systems based on their independence from individual providers and 'foreign' legal spheres. The Technical University of Munich was involved in the development. In September and October 2025, the IT Department already conducted a first comprehensive test. Out of a total of 2780 municipal application services, 194 particularly critical ones were selected and evaluated based on five categories. The analysis already showed a high degree of digital sovereignty: 66% of the 194 evaluated services reached the highest levels (SDS 1 and 2), only 5% reached the critical level 4, and 21% reached the most critical level 5. The SDS evaluates not only technical dependencies but also legal and organizational risks.
  
  
  Read more of this story at Slashdot.
  

• Valve's Steam Machine Has Been Delayed, and the RAM Crisis Will Impact Pricing
  Valve has pushed back the launch of its Steam Machine, Steam Frame and Steam Controller hardware from its original Q1 2026 window to a vaguer "first half of the year" target, blaming the ongoing memory and storage shortage that has been squeezing the tech industry. The company said in a post today that rising component prices and limited availability forced it to revisit both its shipping schedule and pricing plans. Valve had previously indicated the Steam Machine would be priced at the entry level of the PC space.
  
  
  Read more of this story at Slashdot.
  

• BMW Commits To Subscriptions Even After Heated Seat Debacle
  BMW may have retreated from its controversial plan to charge monthly fees for heated seats, but the German automaker is pressing ahead with subscription-based vehicle features through its ConnectedDrive platform. A company spokesperson told The Drive that BMW "remains fully committed" to ConnectedDrive as part of its global aftersales strategy. Features requiring data connectivity will likely carry recurring fees.
  
  
  Read more of this story at Slashdot.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

• Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation.
  Exciting news! The Tazama project is officially a Digital Public Good having met the criteria to be accepted to the Digital Public Goods Alliance ! Tazama is a groundbreaking open source software solution for real-time fraud prevention, and offers the first-ever open source platform dedicated to enhancing fraud management in digital payments. Historically, the financial [0]
  
  The post Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation. appeared first on Linux.com.
  

• Xen 4.19 is released
  Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
  
  The post Xen 4.19 is released appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• How to stream the 2026 Super Bowl for free: Patriots vs. Seahawks time, where to watch and more
  
  The 2026 Super Bowl between the New England Patriots and the Seattle Seahawks will air on NBC this Sunday, Feb. 8. The game will also stream on Peacock. If you don9t have NBC over the air and don9t subscribe to Peacock, there are still ways to watch Super Bowl LX — and Bad Bunny9s history-making halftime show — for free. Here9s how to tune in. 
  How to watch Super Bowl LX free:
  
  
  
  
  Date: Sunday, Feb. 8
  
  Time: 6:30 p.m. ET
  
  Location: Levi9s Stadium in Santa Clara, Calif.
  
  TV channel: NBC, Telemundo
  
  Streaming: Peacock, DirecTV, NFL+ and more
  2026 Super Bowl game channel
  Super Bowl LX will air on NBC. A Spanish-language broadcast is available on Telemundo. 
  How to watch the 2026 Super Bowl for free
  You can stream NBC and Telemundo on platforms like DirecTV and Hulu + Live TV; both offer free trials and are among Engadget9s choices for best streaming services for live TV. (Note that Fubo and NBC are currently in the midst of a contract dispute and NBC channels are not available on the platform.)  
  
  
  
  
  
  
  
  
  
  
  What time is the 2026 Super Bowl?
  The 2026 Super Bowl kicks off at 6:30 p.m. ET/3:30 p.m. PT on Sunday, Feb. 8. Green Day will be performing a pre-game special starting at 6 p.m. ET.
  Who is playing in the Super Bowl?
  The AFC champions, the New England Patriots, will play the NFC champions, the Seattle Seahawks.
  Where is the 2026 Super Bowl being played?
  The 2026 Super Bowl will be held at Levi9s Stadium in Santa Clara, Calif., home of the San Francisco 49ers.
  Who is performing at the 2026 Super Bowl halftime show?
  Bad Bunny is headlining the 2026 Super Bowl halftime performance. You can expect that show to begin after the second quarter, likely between 8-8:30 p.m. ET. Green Day will perform a pre-game show starting at 6 p.m. ET. If you9re tuning in before the game, singer Charlie Puth will perform the National Anthem, Brandi Carlile is scheduled to sing "America the Beautiful," and Grammy winner Coco Jones will perform "Lift Every Voice and Sing." 
  More ways to watch Super Bowl LX
  
  
  
  
  
  
  
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/how-to-stream-the-2026-super-bowl-for-free-patriots-vs-seahawks-time-where-to-watch-and-more-124512202.html?src=rss

• The Switch 2-exclusive co-op adventure Orbitals launches this summer
  Nintendo capped off today’s partner-focused Nintendo Direct with a flurry of Bethesda-related announcements, but arguably the most interesting game of the showcase appeared right at the start.
  
  First announced at the beginning of the year, Orbitals is a two-player puzzle adventure game in which you and your co-op partner play as the intergalactic explorers Maki and Omura, on a mission to save their home in the stars from an incoming cosmic storm. Gameplay-wise, Orbitals looks like it’s at least partly inspired by the likes of Switch 2 exclusive, which you can either play locally or online, and thanks to the console9s GameShare feature, only one person needs to own the game for the latter.   
  
  Orbitals arrives at some point during summer 2026.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/nintendo/the-switch-2-exclusive-co-op-adventure-orbitals-launches-this-summer-180657892.html?src=rss

• Get two years of access to Proton VPN for 70 percent off right now
  Proton VPN is offering a steep discount on its Proton VPN Plus subscription, with the two-year plan currently priced at $2.99 per month. You’ll pay $72 upfront for 24 months of service, which amounts to 70 percent off the usual monthly rate and brings the long-term cost well below what many premium VPNs typically charge.
  
  We’ve consistently been impressed by Proton VPN’s focus on privacy, its nonprofit ownership structure and the way it balances security features with strong real-world speeds. It’s a top pick in our best VPN guide, and this promotion also appears in our running list of the best VPN deals. If you’re planning to commit to a VPN for the long haul, this pricing makes Proton VPN Plus one of the more compelling options available right now.
  
  
  
  In our Proton VPN review, the service impressed us with consistently fast performance and strong privacy protections. We measured average download speeds at 88 percent of our unprotected connection and upload speeds at 98 percent, which is more than enough for 4K streaming, gaming and torrenting. It also unblocked Netflix in every region we tested, and while its Mac and iOS apps aren’t quite as polished as the Windows and Android versions, the service is still easy to install and largely set-it-and-forget-it across platforms. We gave Proton VPN a score of 90 out of 100.
  
  Proton VPN Plus is the company’s premium tier and includes access to its full server network, which now spans more than 15,000 servers across 120-plus countries. A single subscription covers up to 10 devices at once and unlocks features like NetShield ad and malware blocking, Secure Core “double hop” connections, split tunneling, custom DNS controls and priority customer support. Proton VPN Plus also supports fast P2P traffic on nearly all paid servers and includes VPN Accelerator, which helps maintain high speeds over long-distance connections.
  
  Right now, Proton VPN Plus is discounted to $2.99 per month when you commit to two years, billed as $72 upfront for the first 24 months. After that, the plan renews annually at $83.88. That’s a 70 percent discount compared to the standard monthly rate. As with Proton’s other paid plans, the subscription comes with a 30-day money-back guarantee, so you can try it risk-free if you’re not ready to lock in long term.
  
  
  This article originally appeared on Engadget at https://www.engadget.com/deals/get-two-years-of-access-to-proton-vpn-for-70-percent-off-right-now-123000460.html?src=rss

• JLab's comically oversized headphones are not an April Fool's Prank
  JLab just released a gigantic pair of headphones that doubles as a Bluetooth speaker. The Blue XL headphones are ridiculously oversized, making them headphones in name only. I don9t even think Andre the Giant could9ve comfortably worn these suckers.
  
  Unless you have a mythically large head, these are basically "headphone speakers." The idea is to drape them around your neck and stream tunes for all to hear. Though you could also pop them on a table or something. I prefer my Bluetooth speakers to be speaker-shaped, but maybe that9s just me.
  JLab
  As for the internals, they feature 30W of power and two 2.5-inch drivers, along with two 2.5-inch radiators. This is obviously more power than what9s demanded by headphones because, again, these are actually speakers. JLab says they9ll get around 20 hours of use per charge, which is a decent metric.
  
  There9s another use case here. They could make a mighty fine accessory in a "person wearing comically oversized headphones" Halloween costume. The price is actually right for a gag gift. The Blue XL headphones cost $99. These were first announced at a recent college football game, but everyone assumed it was a joke because they were gold and the company said they cost $120,000. 
  This article originally appeared on Engadget at https://www.engadget.com/audio/jlabs-comically-oversized-headphones-are-not-an-april-fools-prank-174338833.html?src=rss

• NVIDIA reportedly won't release new graphics cards this year
  With gaming becoming an ever-smaller part of NVIDIA9s lucrative business, the company reportedly won9t bother releasing new graphics cards this year. The Information reported on Thursday that NVIDIA has pushed back its plan to release an update to the RTX 50 line in 2026. This would be the first time in three decades that the company hasn9t launched new gaming chips. The culprit? Why, AI, of course.
  
  AI demand has driven the current memory chip shortage, throwing the consumer electronics industry out of kilter. Many product prices are expected to rise (as if tariffs hadn9t already done enough damage there). And the scarcity of memory chips has made components that rely on them, including GPUs, nearly impossible to find. Even the auto industry isn9t spared.
  
  Facing those constraints, NVIDIA, which made its bones on graphics chips for PCs and gaming consoles, is essentially brushing off that demographic. The Information notes that in the first nine months of 2022, NVIDIA9s gaming GPUs made up 35 percent of its total revenue. During that same period in 2025, only around 8 percent came from gaming components. In addition, NVIDIA9s AI chips have much higher profit margins: 65 percent vs. 40 percent for graphics cards.
  
  That means gamers, already hard-pressed to find last year9s RTX 50 series, likely won9t get the expected "Super" version in 2026. On top of that, The Information says the delay will also push back NVIDIA9s next-gen graphics card (likely "RTX 60"). That component was initially expected to begin mass production at the end of 2027.
  
  But hey, at least you can shop (and view ads!) in ChatGPT, have a talk with your Gmail inbox and record everything the people around you say. Who needs games anyway, right?
  This article originally appeared on Engadget at https://www.engadget.com/gaming/pc/nvidia-reportedly-wont-release-new-graphics-cards-this-year-173002651.html?src=rss

• The best tech gifts and cool gadgets for 2026
  It can be tough to find a good gift for tech obsessives. Since they keep up with the latest releases, they probably already have the new high-profile gadgets out there. Luckily, Engadget staffers keep their eyes peeled all year long for the truly unique stuff. We travel to CES, attend product launches, cover major and minor tech events — we also can’t help but buy ourselves any zany, clever, addictive or productive tech we happen to stumble across. In short, we’ve got some ideas about good gifts for tech nerds (which we are).
  Best tech gifts and gadgets
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  Check out the rest of our gift ideas here.
  This article originally appeared on Engadget at https://www.engadget.com/computing/the-best-tech-gifts-and-cool-gadgets-for-2026-140052977.html?src=rss

• Are VPNs legal?
  VPNs have a mixed reputation, primarily because you can use the technology to hide your location and identity on the internet. Even the best VPNs can be used to conceal crimes and make the perpetrators harder to track. Fortunately, most of the world9s governments (at least for now) recognize that VPNs are just technology that can be used for good or ill.
  
  That means VPNs are legal in almost every country in the world. The countries that do restrict VPNs tend to be those where internet freedoms are already curtailed, like Russia, China, Iran and North Korea. There are distinct gradations between those nations, though. And the days of worry-free VPN access elsewhere in the world is starting to show cracks: Currently free jurisdictions — including the UK, France and even several US states — are now considering bans.
  Is it legal to use a VPN?
  The answer is almost always yes. In every country except the ones listed in the next section, there are no legal penalties for visiting a VPN website, downloading a VPN or connecting to a VPN server.
  
  In the last few years, however, some countries that were once beacons of online liberty have started considering bans. This is part of a chain reaction that started with age verification laws for websites deemed harmful to children, most prominently the UK9s Online Safety Act. Once everyone realized that anyone could circumvent the OSA by using a VPN server in another country, UK politicians began trying to ban VPNs as well. The same thing is currently happening in France. In the US, Wisconsin and Michigan are both proposing age verification laws and VPN bans.
  
  For now, though, none of these VPN bans have passed into law. Some have been defeated by the coordinated efforts of activists, including one Swiss proposal that would have forced Proton VPN to relocate.
  
  In countries that do ban or restrict VPN usage, the laws can take several forms. Some countries have made all VPNs unlawful to use. Others only allow VPNs approved by the government — approval which usually comes from agreeing to share information with law enforcement. In some other countries, it9s legal to use a VPN, but you9ll face extra penalties if you use one to commit a crime. I9ll go through all these categories in the next section.
  Where are VPNs illegal?
  This section is a complete list of countries where using a VPN is a legal risk. If a country isn9t on this list, you can assume it9s safe to use a VPN. Even nations with bad internet freedom scores, like Saudi Arabia and Indonesia, often don9t have anti-VPN laws to avoid scaring off international business.
  
  One more important note is that anti-VPN laws are much more likely to be enforced against locals than foreigners. I9m not saying you should tempt fate, just noting that there are very few cases of a traveler being prosecuted in another country solely for using a VPN.
  Countries where VPNs are totally banned
  VPNs are completely outlawed in four countries. Three of them — Belarus, Turkmenistan and North Korea — are isolated authoritarian regimes that restrict internet freedoms as part of nationwide crackdowns on all civil and political liberties. Iraq, while slightly more liberal overall, banned VPNs in 2014 in an attempt to kick the Islamic State off the internet. Twelve years later, the ban remains in place.
  
  Uganda is a special case. In 2018, the African nation enacted the world9s first social media tax, which the government called necessary to raise funds but which was criticized as a backhanded assault on free speech. VPNs can get around the tax, so Ugandan internet service providers (ISPs) are required to block VPN traffic. However, there9s no law on the books against using a VPN, so as long as you bring a service with obfuscation (like NordVPN) you9re good to go.
  Countries where only approved VPNs are allowed
  More common than banning VPNs altogether is restricting VPN usage to those approved by the government. This lets the powers that be grant limited VPN access to businesses for economic reasons, while also being able to yank it away as a method of control. It also means VPNs with a license to operate are likely to report data or install surveillance backdoors.
  
  The nations that handle VPNs this way are China, Russia, Iran, Venezuela, Bahrain, Myanmar, Pakistan, India, Turkey and Oman. These countries don9t ban all VPNs, but target popular providers with intermittent crackdowns and threats.
  
  China in particular uses the so-called Great Firewall, the world9s most sophisticated suite of censorship technologies, to prevent its citizens from even visiting the homepages of VPN companies. If you plan to travel in China and want to maintain access to the outside world, download a VPN before you go — and remember that using it while there will technically put you in violation of the law.
  
  Russia is a textbook case of a selective VPN ban, with businesses allowed to use approved VPNs and everyone else left to scramble against periodic mass blocks. Turkey9s autocratic government has also tried to crack down on VPN usage by blocking VPN sites, but clumsy implementation has left a lot of holes, allowing Instagram and other social media to remain a free speech lifeline for Turks.
  Countries with extra penalties for using VPNs to view blocked websites
  In a few countries, it9s legal to use any VPN, but against the law to use them for illegal activities. You might say, "Duh, I9m aware that breaking the law is illegal," but there is a meaningful difference — some crimes are crimier than others. Just like you9ll get a much harsher sentence if you rob someone with a weapon, you9ll face steeper penalties for using a VPN to view content the government is trying to block. Countries that operate like this include Vietnam, Egypt and the UAE. 
  Potential future VPN bans
  Today, a number of countries once considered free and tolerant are proposing wide-ranging age verification laws, usually for reasons that boil down to "think of the children!" If enacted — as the UK’s Online Safety Act has shown — they effectively offer a choice between two equally unacceptable alternatives: Live with a censored version of the internet, or get broader access only once you sacrifice your online anonymity.
  
  VPNs are the easiest and most direct workaround to this rising tide of censorship, which is why those same governments have them in their legislative crosshairs. The threat of enforcement chills free activity in a connected world where enforcers can9t be everywhere at once.
  
  For now, laws against VPN usage are still largely vague, inconsistent and unevenly applied. As citizens, we can work to make our voices heard and fight against these initiatives before they become law. In the meantime, you may well want to get install your VPN of choice on as many devices as possible — and get your other cybersecurity ducks in a row while you’re at it.
  This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/are-vpns-legal-170000878.html?src=rss

• How to use your Apple Watch to precisely find your new AirTag
  Our review of the new AirTag went up yesterday, and that involved testing the new Precision Finding feature on Apple Watches. In the process, I found the setup to be confusing and counterintuitive, and was relieved to discover it wasn’t just me. If, like me, you’ve been trying to set up Precision Finding on your Apple Watch for the AirTag you’ve just unboxed and attached to a precious belonging, here are the exact steps to take. 
  
  First, make sure your Apple Watch is compatible with the feature. That means verifying you’re using the Series 9 or later (you would have bought it in or after 2023) or the Ultra 2 and newer. Then, go to the Watch app on your phone and do the following to make sure you’ve received the latest software update that adds the functionality.
  
  Tap General.
  
  Press Software update. 
  
  Make sure the page says you are running watchOS 26.2.1. If not, tap Install Now. 
  
  If you need to download the software, make sure your watch is on its charging cradle. Even though my Apple Watch Series 11 was fully charged, I was still told to make sure it’s connected to power and had at least 50 percent of juice left for the software to install. After a few minutes, my watch restarted and the app said it was updated to the newest version of watchOS. 
  
  Now that you have the right hardware and software, you can set up Precision Finding. I assume you’ve already connected the new AirTag to the iPhone that’s linked to your watch (and if you haven’t, make sure to do that). 
  
  This was the part of the process that confused me. Instead of opening the Find Items app on the watch, Precision Finding for the new AirTag actually exists as a shortcut in the Control Center. Here are the steps to add it there:
  
  Open the Control Center by pushing the button below the dial on the side of the watch. 
  
  Scroll all the way to the bottom and press “Edit.”
  
  Push the + button at the top left of the screen.
  
  Scroll down and tap Find Items.
  
  Press Find AirTag, then tap Choose. You should see the new AirTag you’ve linked to your account here.
  
  Select the AirTag you want to precisely find. 
  
  Drag the icon to whichever position you prefer within the Control Center. 
  
  Hit Done.
  
  Now, whenever you want to locate your item, you can pull up the Control Center, press this button and the Precision Finding interface will appear, showing how far away it is. You can also push the button on the bottom right of this screen to get the AirTag to ring, guiding you to where your item is.
  This article originally appeared on Engadget at https://www.engadget.com/computing/accessories/how-to-use-your-apple-watch-to-precisely-find-your-new-airtag-164922731.html?src=rss

• Valheim is coming to Switch 2 this year
  After celebrating its fifth anniversary earlier this month, the tough-as-nails survival Viking game Valheim is coming to Switch 2 this year. Initially launched as a Steam Early Access game in 2021, Valheim lets you team up with up to nine other players online as you explore a procedurally generated open world inspired by Norse mythology.
  
  Whether playing alone or with your Viking pals, survival depends on crafting the right gear, building shelters and prevailing in punishing combat encounters. The ultimate aim of the game is to kill various gods dotted around the game9s different biomes to be deemed worthy of entering Valhalla. But you can ignore the bosses if you’d rather focus on collecting recipes and cooking up banquets for your fellow bearded adventurers.
  
  If I’m being brutally honest, the Switch 2 version of Valheim doesn’t appear to be much of a looker in the announcement trailer, but it’s technically still an early access game at the time of writing, and you do get support for mouse controls and HD Rumble 2 on Nintendo9s console.
  
  After debuting on PC, Valheim later made the jump to Xbox and will also launch on PS5 later this year. There’s currently no release date for that or the newly announced Switch 2 port, but they could arrive at the same time to coincide with the game hitting 1.0.
  
  Valheim was announced during today9s third-party-focused Nintendo Direct, in which a bunch of Bethesda games were also confirmed for Switch 2 in 2026. 
  This article originally appeared on Engadget at https://www.engadget.com/gaming/valheim-is-coming-to-switch-2-this-year-164159284.html?src=rss

• Final Fantasy 7 Rebirth comes to Switch 2 on June 3
  Final Fantasy 7 Rebirth is heading to the Switch 2 on June 3. The news was dropped at this morning9s Nintendo Direct livestream. This is the second part of the FF7 remake-a-palooza. The first installment, Final Fantasy 7 Remake Intergrade, was released for Nintendo9s console on January 22. Only a six month wait between chapters? Sony fans had to wait four years.
  
  For the uninitiated, Final Fantasy 7 Rebirth remakes the middle portion of the PS1 classic Final Fantasy 7. The graphics are, obviously, quite different, but so is the gameplay. This isn9t exactly the JRPG you remember, with a real time action system instead of turn-based mechanics.
  
  This is a full port of the PS5 game, further proving that the Switch 2 is a capable little machine. It9s certainly pretty to look at, as proven by the trailer. As an aside, the port is also coming to Xbox Series X/S on the very same day.
  
  Now that all of the major consoles will soon be home to both current FF7 remakes, we can join in solidarity as we wait for the third and final installment. Yeah, that9s right. A JRPG from 1997 requires three gigantic remakes. We don9t even know when the third one is coming out, but rumors suggest 2027.
  
  Today9s Nintendo Direct also revealed that a bunch of Bethesda games are heading to the Switch 2, including Fallout 4: Anniversary Edition on February 24, Indiana Jones and the Great Circle on May 12 and The Elder Scrolls IV: Oblivion Remastered sometime later in the year.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/nintendo/final-fantasy-7-rebirth-comes-to-switch-2-on-june-3-163009481.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice