All the News that Matters

• Rocky Linux glibc Update RLSB-2026-4780 Vulnerability Fix
  Moderate: glibc security update

• Ubuntu 20.04 LTS Advisory USN-8119-2 Systemd Critical DoS and Code Exec
  Several security issues were fixed in systemd.

• Ubuntu 25.10 systemd Important DoS Risk USN-8119-1 CVE-2026-29111
  Several security issues were fixed in systemd.

• Fedora 42 python-diskcache Important Arbitrary Code Exec CVE-2025-69872
  Incorporate patch from Sam Doran to fix CVE-2025-69872

• Debian 11 DLA-4507-1 VLC Important Out-of-Bounds Read DoS CVE-2025-51602
  An out-of-bounds read vulnerability was discovered in VLC media player, a multimedia player and streamer. The MMS protocol handler in mmstu.c did not properly validate boundaries when processing a crafted 0x01 response from an MMS server. A remote attacker controlling a malicious MMS server could exploit this to cause an out-of-bounds read, resulting

• Fedora 43 cmake Update Critical Advisory 2026-46d93351cd
  Update to v3.31.11.

• Avalonia bolts Linux and WebAssembly onto .NET MAUI
  Broader platform coverage lands, if developers can tolerate the rough edgesAvaloniaUI has previewed MAUI support for Linux and WebAssembly browser applications — platforms Microsoft's own cross-platform .NET framework lacks — but low adoption and persistent bugs are likely to constrain uptake.…

• GTK3 Toolkit Winding Down To One Release Per Year
  The GTK 4.0 toolkit released in December 2020 while the GTK3 toolkit has continued to be maintained given a lot of software still relying on that older version. GTK 3.24.52 was released yesterday and with this version it's now shifting its release cadence to just one new update per year...

• GrapheneOS Mobile Operating System Opposes OS-Level Age Checks
  GrapheneOS, an open-source Android-based mobile OS, will not implement OS-level age verification, despite regulatory pressure.

• openSUSE Releases Agama 19 Installer with Many New Features and Improvements
  The openSUSE project released the Agama 19 web-based installer for openSUSE Tumbleweed, Slowroll, and MicroOS operating systems, a major release that introduces several new features, small improvements, and bug fixes.

• XMMS Codebase Brought Back To Life By AI With GTK4 + GStreamer/PipeWire Port
  Longtime Linux desktop users will likely remember the glorious days of the XMMS music player inspired by Winamp. It's been about two decades since the last official release but thanks to AI there is now a modern port of the codebase to GTK4 and GStreamer/PipeWire...

• Advanced (Blivet-gui) on Fedora 44 Server vs Calamares
  Blivet GUI is an advanced graphical storage and partition management tool for Fedora, providing a user-friendly interface for the backend storage library used in the Anaconda installer. It acts as a more powerful alternative to GParted, allowing users to create, modify, delete, and encrypt storage devices (LVM, Btrfs, RAID) with a staged, "apply-on-demand" approach.

• OpenShot 3.5 Open-Source Video Editor Released with New Default Timeline
  OpenShot 3.5 open-source video editor is now available for download with new default timeline, experimental ComfyUI integration, and more. Here’s what’s new!

• Intel FRED Can Yield Greater Performance - FRED Benchmarks On Panther Lake
  With Intel's new Core Ultra Series 3 "Panther Lake" laptop SoCs, the Xe3-based Arc B390 graphics and much improved CPU performance capture much of the spotlight. One new capability with Panther Lake that isn't featured as much though is the new FRED capability with Flexible Return and Event Delivery. Today's Intel Panther Lake testing is looking at the very interesting performance impact of FRED on Linux.

• Garuda Linux Says No to Age Verification Outside Legal Requirement
  Arch-based Garuda Linux clarifies its position on age verification and addresses concerns regarding systemd userdb and data management.

• OpenSSF Welcomes New Members as SLSA, Gemara, and AI Security Efforts Mature
  At Amsterdam’s SecurityCon Europe, the Linux Foundation’s OpenSSF adds new members and showcases progress on SLSA, Gemara, and AI security.

• Canonical Joins Rust Foundation
  BrianFagioli writes: Canonical has joined the Rust Foundation as a Gold Member, signaling a deeper investment in the Rust programming language and its role in modern infrastructure. The company already maintains an up-to-date Rust toolchain for Ubuntu and has begun integrating Rust into parts of its stack, citing memory safety and reliability as key drivers. By joining at a higher tier, Canonical is not just adopting Rust but also stepping closer to its governance and long-term direction. The move also highlights ongoing tensions in Rust's ecosystem. While Rust can reduce entire classes of bugs, it often depends heavily on external crates, which can introduce complexity and auditing challenges, especially in enterprise environments. Canonical appears aware of that tradeoff and is positioning itself to influence how the ecosystem evolves, as Rust continues to gain traction across Linux and beyond. "As the publisher of Ubuntu, we understand the critical role systems software plays in modern infrastructure, and we see Rust as one of the most important tools for building it securely and reliably. Joining the Rust Foundation at the Gold level allows us to engage more directly in language and ecosystem governance, while continuing to improve the developer experience for Rust on Ubuntu," said Jon Seager, VP Engineering at Canonical. "Of particular interest to Canonical is the security story behind the Rust package registry, crates.io, and minimizing the number of potentially unknown dependencies required to implement core concerns such as async support, HTTP handling, and cryptography -- especially in regulated environments."
  
  
  Read more of this story at Slashdot.
  

• Cyberattack on a Car Breathalyzer Firm Leaves Drivers Stuck
  Last week, hackers launched a cyberattack on an Iowa company called Intoxalock that left some drivers unable to start their court-mandated breathalyzer-equipped cars. Wired reports: Intoxalock, an automotive breathalyzer maker that says it's used daily by 150,000 drivers across the U.S., last week reported that it had been the target of a cyberattack, resulting in its "systems currently experiencing downtime," according to an announcement posted to its website. Meanwhile, drivers that use the breathalyzers have reported being stranded due to the devices' inability to connect to the company's services. "Our vehicles are giant paperweights right now through no fault of ours," one wrote on Reddit. "I'm being held accountable at work and feel completely helpless." The lockouts appear to be the result of Intoxalock's breathalyzers needing periodic calibrations that require a connection to the company's servers. Drivers who are due for a calibration and can't perform one due to the company's downtime have been stuck, though the company now states on its website that it's offering 10-day extensions on those calibrations due to its cybersecurity disruption, as well as towing services in some cases. In the meantime, Intoxalock hasn't explained what sort of cyberattack it's facing or whether hackers have obtained any of the company's user data.
  
  
  Read more of this story at Slashdot.
  

• Trump Administration To Pay French Company $1 Billion To Stop Offshore Wind Farms
  An anonymous reader quotes a report from NPR: The Trump administration will pay $1 billion to a French company to walk away from two U.S. offshore wind leases as the administration ramps up its campaign against offshore wind and other renewable energy. TotalEnergies has agreed to what's essentially a refund of its leases for projects off the coasts of North Carolina and New York, and will invest the money in fossil fuel projects instead, the Department of Interior announced Monday. The Trump administration has tried to halt offshore wind construction, but federal judges overturned those orders. Environmental groups denounced the TotalEnergies deal as an alternate way to block wind projects. President Donald Trump has gone all in on fossil fuels, which he says is the way to lower costs for families, increase reliability and help the U.S. maintain global leadership in artificial intelligence. TotalEnergies pledged to not develop any new offshore wind projects in the United States. TotalEnergies CEO Patrick Pouyanne said in a statement that the company renounced offshore wind development in the United States in exchange for the reimbursement of the lease fees, "considering that the development of offshore wind projects is not in the country's interest." Pouyanne said the refunded lease fees will finance the construction of a liquefied natural gas plant in Texas and the development of its oil and gas activities, calling it a "more efficient use of capital" in the U.S. After it makes those investments, TotalEnergies will be reimbursed, up to the amount paid in lease purchases for offshore wind, according to the DOI.
  
  
  Read more of this story at Slashdot.
  

• Nvidia CEO Says He's 'Empathetic' To DLSS 5 Concerns
  Nvidia CEO Jensen Huang says he understands the concerns about "AI slop" with DLSS 5 but insists the feature preserves a game's underlying geometry and artistic intent. "I think their perspective makes sense, " said Huang during a recent appearance on the Lex Fridman podcast. "And I could see where they're coming from because I don't love AI slop myself. You know, all of the AI-generated content increasingly looks similar, and they're all beautiful... so I'm empathic toward what they're thinking. That's just not what DLSS 5 is trying to do." Tom's Hardware reports: Although Huang is striking a more conciliatory tone, much of his response is similar to what we heard at GTC [where Huang said gamers were "completely wrong."] The artist determines the geometry, we are completely truthful to the geometry... so every single frame, it enhances, but it doesn't change anything." There was some confusion about how DLSS 5 worked when it was first announced, and although the inner workings of it still aren't clear on a technical level, Huang has said that it isn't a general-purpose generative AI model. He describes it as "content-controlled generative AI." On the other end of the spectrum, Huang also said that it isn't a post-processing filter. The technical details of DLSS 5 live somewhere between that space, and we likely won't know them until later this year when the feature is set to release. "The question about enhancing, DLSS 5... in the future, you could even prompt it. You know, I want it to be a toon shader. I want it to look like this, kind of. You could even give it an example and it would generate in the style of that, all consistent with the artistry, the style, the intent of the artist," Huang continued. "All of that is done for the artist so they can create something that is more beautiful but still in the style that they want." Although the talking points about DLSS 5 remain unchanged, it seems that Huang has at least heard the criticism. "I think that they got the impression that the games are going to come out the way the games are... and then we're going to post-process it. That's not what DLSS is intended to do." Huang also made assertions that DLSS is "integrated" with the artist, and suggested that it would put the power of generative AI in the hands of artists working in game development [...]. Although DLSS 5 looks like it's doing a lot, Huang said that it's just another tool, not an essential feature. "The gamers might also appreciate that, in the last couple of years, we introduced skin shaders to game developers, and many of those games have skin shaders that include sub-surface scattering that makes skin look more skin-like... [DLSS 5] is just one more tool. They can decide what to use," Huang ended the conversation about DLSS 5. Immediately after, without missing a beat, he said 1993's Doom was the most influential video game ever made.
  
  
  Read more of this story at Slashdot.
  

• Bipartisan Bill Seeks To Ban Sports Betting On Prediction Market Platforms
  An anonymous reader quotes a report from TechCrunch: Senators Adam Schiff (D-CA) and John Curtis (R-UT) introduced (PDF) a bill on Monday that could prevent prediction market platforms Kalshi and Polymarket from allowing users to wager money on sports events or play casino-style games. This bipartisan bill would not apply to FanDuel and DraftKings, which are subject to state-by-state gambling laws, rather than federal ones. "Sports prediction contracts are sports bets -- just with a different name. And yet, these contracts are currently offered in all fifty states in clear violation of state and federal law," Schiff said in a statement. Prediction markets like Kalshi and Polymarket are regulated under the Commodity Futures Trading Commission (CFTC), which is why Schiff and Curtis are able to address them under federal jurisdiction, rather than leaving them to state-regulated sportsbooks. But these senators argue that there isn't much of a difference in practice between betting on sports via federally or state-regulated apps. Kalshi's Super Bowl trading volume, for instance, reached over $1 billion this year -- a 2700% increase year-over-year. "Too many young people in Utah are getting exposed to addictive sports betting and casino-style gaming contracts that belong under state control, not under federal regulators," Curtis said in a statement. The report notes that Kalshi is temporarily banned in Nevada and is facing criminal charges in Arizona. "Kalshi may brand itself as a 'prediction market,' but what it's actually doing is running an illegal gambling operation and taking bets on Arizona elections, both of which violate Arizona law," Arizona Attorney General Kris Mayes said in a statement last week.
  
  
  Read more of this story at Slashdot.
  

• Wing Expands Its Drone Delivery Service To the Bay Area
  Wing is expanding its drone delivery service to the San Francisco Bay Area. "The drone delivery startup has been rapidly expanding to metro areas across the US, but is now targeting the tech-friendly Silicon Valley region," reports Engadget. From the report: Going back to its inaugural deliveries, Wing ferried office supplies across Google's Mountain View campus in the Bay Area with its automated drones. It was still a startup out of Google's X, The Moonshot Factory incubator at the time, but early users were already asking for home delivery services, according to Wing. Now, Wing's latest delivery drones can deliver groceries, food, or whatever else fits in a small package weighing up to five pounds in 30 minutes or less to Bay Area residents. Earlier this year, Wing expanded its service to an additional 150 Walmart stores across the U.S. Service began recently in Atlanta and Charlotte, and it's coming soon to Los Angeles, Houston, Cincinnati, St. Louis, Miami and other major U.S. cities to be announced later. "By 2027, Walmart and Wing say they'll have a network of more than 270 drone delivery locations nationwide."
  
  
  Read more of this story at Slashdot.
  

• Apple Prepares To Add Search Ads To Apple Maps
  Apple is reportedly preparing to add search ads to Apple Maps, "and it could start to roll out to users by the summer," reports AppleInsider, citing sources from Bloomberg (paywalled). From the report: Apple will make an announcement as soon as March. This will bring ads to search queries within the navigation app, which will operate similar to Google's advertising system. Retailers and brands will be able to bid for ad spots located against search queries for specific terms, such as types of food or services. The winning bid will be able to show an ad at the top of the results, pointing to a related location for that business. Apple also announced in January that it would add more ads within the App Store, starting March in the UK and Japan.
  
  
  Read more of this story at Slashdot.
  

• US Car Buyers Envy What They Cannot Have: Affordable Chinese EVs
  Many U.S. consumers are increasingly interested in lower-cost Chinese electric vehicles but steep tariffs and political resistance are keeping them out of the market. A recent survey from Cox Automotive found that 40% of respondents support allowing Chinese auto brands into the U.S. market. Reuters reports: While Chinese autos hit the highways of Europe, Latin America and even Canada, the U.S. government has effectively banned the cars with tariffs exceeding 100%, out of concerns over data security and protecting American jobs.In places like Europe, a number of Chinese EVs sell at prices under $30,000. Some of those cars include amenities like advanced driving assistance software, a built-in mini fridge, and the option to sing karaoke with your fellow passengers. "The technology they offer for those lower price tags was astounding," said Clint Simone, senior features editor for car-shopping website Edmunds, who drove several Chinese vehicles while at the CES trade show earlier this year. [...] Consumers have some concerns over allowing Chinese car imports, though, including over data security and protecting U.S. businesses, survey results from The Harris Poll as well as Cox show. Rhett Ricart, an Ohio car dealer who sells several brands, including Ford, Chevrolet and Hyundai, said he has no doubt customers would snap up Chinese models if they became available. He and other dealers don't want that to happen yet, according to a recent Cox Automotive survey, which found that just 15% of dealers supported the entry of Chinese auto brands into the U.S., and just 26% trust that they would comply with U.S. safety standards. Not meeting U.S. safety standards is one reason Chinese EVs cannot yet be owned permanently in the U.S. But those obstacles haven't quieted the buzz. The Cox survey polled 802 U.S. consumers who expect to buy a car in the next two years. Nearly half -- 49% -- rated Chinese cars as having very good or excellent value, and 40% say they support the idea of Chinese auto brands in the U.S. market. Rich Benoit, a car enthusiast whose YouTube videos reviewing Chinese models garner millions of views, said the most compelling feature is the price. "That's what a lot of people are looking for: efficient, quiet and low cost," he said. "They want to 'get to work-- not everyone is a car enthusiast." He's considering buying a BYD model in Mexico and driving it across the border. "That's the only way to get one," Benoit said. "They've been selling in Mexico for years... "I want to own a Chinese EV in America."
  
  
  Read more of this story at Slashdot.
  

• Mark Zuckerberg Is Building an AI Agent To Help Him Be CEO
  An anonymous reader quotes a report from the Wall Street Journal: Mark Zuckerberg wants everyone inside and outside his company to eventually have his or her own personal artificial-intelligence agent. He is starting with himself. Zuckerberg, the chief executive of Meta Platforms, is building a CEO agent to help him do his job (source paywalled; alternative source), according to a person familiar with the project. The agent, which is still in development, is currently helping Zuckerberg get information faster -- for instance, by retrieving answers for him that he would typically have to go through layers of people to get, the person familiar with the project said. [...] Use of AI tools has spread quickly through the ranks at Meta -- in part because it is now a factor in employees' performance reviews. Meta's internal message board is filled with posts from employees sharing new AI use cases they have found and new tools they have built using AI, according to people familiar with the matter. [...] Employees have started using personal agent tools such as My Claw that have access to their chat logs and work files and can go talk to colleagues -- or their colleagues' own personal agents -- on their behalf, the people said. Another AI tool called Second Brain that is somewhere between a chatbot and an agent is also gaining momentum internally, according to people familiar with the matter. Second Brain was built by a Meta employee on top of Claude and can index and query documents for projects, among other uses. On the internal post announcing it to staff, the employee said it is "meant to be like an AI chief of staff." There is even a group on the internal messaging board where employees' personal agents talk to each other, some of the people said. (Separately, Meta acquired Moltbook, the social-media site for AI agents, and hired its founders in a deal earlier this month.) Meta also recently acquired Manus, a Singapore-based startup that makes personal agents that can execute tasks for its users, and is using the tool internally, some of the people said. Meta recently established a new applied AI engineering organization that is tasked with using AI to help speed up development of the company's large language models. Those teams will have an ultraflat structure of as many as 50 individual contributors reporting to one manager, The Wall Street Journal previously reported. [...] Employees across the company said they have been encouraged to attend AI tutorial meetings several times a week and frequent AI hackathons, and to create their own AI tools to speed up their work.
  
  
  Read more of this story at Slashdot.
  

• Walmart: ChatGPT Checkout Converted 3x Worse Than Website
  Walmart found that purchases made directly inside ChatGPT converted at only one-third the rate of traditional website checkouts, leading it to abandon OpenAI's Instant Checkout in favor of routing users through its own platform. Search Engine Land reports: Starting in November, Walmart offered about 200,000 products through OpenAI's Instant Checkout. Users could complete purchases inside ChatGPT without visiting Walmart's site. Daniel Danker, Walmart's EVP of product and design, said those in-chat purchases converted at one-third the rate of click-out transactions. He called the experience "unsatisfying" and confirmed Walmart is moving away from it. Instant Checkout was designed to let users complete purchases directly inside ChatGPT without visiting a retailer's website. However, earlier this month, OpenAI confirmed it was phasing out Instant Checkout in favor of app-based checkout handled by merchants. Walmart will embed its own chatbot, Sparky, inside ChatGPT. Users will log into Walmart, sync carts across platforms, and complete purchases within Walmart's system. A similar integration is coming to Google Gemini next month. In other Walmart-related news, the retailer announced plans to roll out "digital price tags" to all U.S. stores by the end of the year.
  
  
  Read more of this story at Slashdot.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• The Morning After: WWDC 2026 is happening June 8th
  It’s coming. Apple’s Worldwide Developers Conference (WWDC) will take place from June 8-12. Going on past timings, CEO Tim Cook will take the stage for the keynote on June 8, most likely at 1 PM ET.
  
  WWDC is a software-focused affair, so expect to see the upcoming "27" operating systems, now that the new naming convention has settled. Apple will likely cover iOS 27, iPadOS 27, macOS 27, visionOS 27, watchOS 27 and macOS 27. However, Bloomberg9s Mark Gurman is suggesting that WWDC will be "a fairly muted affair," – but in all fairness, WWDC has never been that explosive.
  
  Still, there are things I want to hear about: Rumors suggest that iOS 27 will deliver big upgrades to Apple Intelligence and — possibly — that overdue Siri overhaul. Reports also suggest the presence of split-pane multitasking, if you’re aching to juggle spreadsheets, web browsing and more on your mobile device.
  
  – Mat Smith
  The other big stories (and deals) this morning
  Engadget review recap: Lots of Apple, Galaxy S26, Dell XPS 16 and more
  
  Wing expands its drone delivery service to the Bay Area
  
  Billionaire OnlyFans owner Leonid Radvinsky has died from cancer at 43
  
  Apple will reportedly start stuffing ads into the Maps app
  
  Twitter turns 20And now what?
  Senior reporter Karissa Bell marks two decades on Twitter. Twitter/X as changed a lot, especially in the last five years, as AI slop, clickbait, and ragebait keep the algorithm ticking over. More recently, X’s AI assistant was able to ‘undress’ anyone you ask it to. Great.
  
  The social network has moved far away from its exciting heyday of live tweeting, memes and more — or even a place to make new friends and contacts. In fact, I got my job here at Engadget through Twitter DMs to former Engadget editor Richard Lai. As Karissa puts it, "Twitter stopped being that place a long time ago.”
  
  Nothing Phone 4a Pro reviewA new midrange champ?Engadget
  The Phone 4a Pro punches well above its $499 price tag. Nothing has successfully refined its hardware into a more premium, all-metal unibody, losing the jarring camera bump of its predecessor in favor of a sleek design that houses a genuinely impressive camera. There are still a few signs that it’s not quite a flagship (mediocre video recording performance and a lack of wireless charging), but at this price, these seem like minor complaints. Nothing’s next flagship phone needs to offer something, right?
  
  Continue reading.
  
  
  Samsung’s new S26 series can AirDrop like an iPhoneA new update has added support.
  Android AirDrop sharing is expanding to more devices. Samsung announced earlier this week that its Galaxy S26 Series is getting AirDrop support via the Quick Share feature.
  
  Google first introduced the Quick Share feature on its Pixel 10 phones last year. The setting allows Android users to send and receive photos and files from an Apple device. Y’know, like AirDrop.
  
  Continue reading.
  This article originally appeared on Engadget at https://www.engadget.com/general/the-morning-after-engadget-newsletter-121555441.html?src=rss

• Snapchat users sent 'nearly' 2 trillion snaps in 2025
  Snapchat users are sending a staggering number of snaps to each other, according to newly released data from Snap. In 2025, Snapchat users created close to 2 trillion snaps, the company said in an update. 
  
  That works out to about 5.5 billion distinct snaps per day and about 63,000 each second, according to the company. When you consider that Snapchat has about 474 million daily users, that averages to more than 11 snaps per user each day. In a blog post, the company called it "a reflection of how often people are capturing a moment in a bid to connect with one another." 
  
  The numbers offer a window into engagement on the nearly 15-year-old platform where much of users9 activity happens out of public view. The stat is the first time the company has shared the total number of snaps sent in a year, though Snap said last year its users shared more than 1 trillion selfie snaps in 2024. 
  
  Snap, which at times has struggled with user growth, has been inching closer to 1 billion users for the last year. It reported 946 million monthly users in its most recent earnings report. CEO Evan Spiegel described reaching a billion people as a "long term goal."
  
  
  Jim Lanzone, the CEO of Engadget’s parent company Yahoo, joined the board of directors at Snap on September 12, 2024. No one outside of Engadget’s editorial team has any say in our coverage of the company.
  
  
  This article originally appeared on Engadget at https://www.engadget.com/social-media/snapchat-users-sent-nearly-2-trillion-snaps-in-2025-121500274.html?src=rss

• Denon expands its multi-room speaker lineup with the Home 200, Home 400 and Home 600
  If the Sonos app saga still has you down, Denon has three new multi-room speakers that give you some fresh alternatives. The company’s Home 200, Home 400 and Home 600 offer audio flexibility with other HEOS-enabled products. These new devices were also designed so that they blend in with home decor better than most speakers, coming in stone and charcoal color options for that purpose. As you progress up in number, the speakers not only get physically larger, but their sonic output is also more robust.
  
  The Denon Home 200 houses three drivers and three amplifiers for “natural, room-filling sound” in a compact speaker. More specifically, you get two 0.98-inch tweeters and a single 4-inch woofer. The Home 200 looks a kind of like the Sonos Move 2, although Denon’s new compact unit isn’t portable. However, you can use a pair of them for a stereo setup, or connect two 200s to Denon’s Home Sound Bar 550 and Home Subwoofer for a 5.1 home theater system.
  
  Next up is the Home 400, which carries two 0.75-inch tweeters, two 4.5-inch woofers and six amplifiers, in addition to two 1-inch up-firing drivers. Here, Denon says you can expect “a wide, airy soundstage” that provides room-filling audio coverage. What’s more, those upward-facing drivers project sound overhead, so there’s a greater sense of dimensionality and immersion here.
  Denon Home 600 speakerDenon
  The Home 600 is the largest speaker in the new trio, with dual 6.5-inch woofers alongside two tweeters, two midrange units and two up-firing drivers. Denon explains that this configuration offers “deep, authoritative bass” that provides more depth in your tunes than other two models.
  
  All three of the new Home speakers have Wi-Fi, Bluetooth USB-C and aux connectivity with the wireless streaming powered by Denon’s HEOS tech. As such, you can connect these Home speakers with up to 64 other HEOS devices — including A/V receivers and Denon’s new DP-500BT turntable — and arrange your audio gear in up to 32 different zones. You’ll have access to tunes from Tidal, Amazon Music HD and Qobuz in the HEOS app, and all three new Home speakers support Dolby Atmos Music where available.
  
  The Home 200, Home 400 and Home 600 speakers are available today for $399, $599 and $799 respectively. They’re available from Denon directly or other authorized retailers.
  This article originally appeared on Engadget at https://www.engadget.com/audio/speakers/denon-expands-its-multi-room-speaker-lineup-with-the-home-200-home-400-and-home-600-080000916.html?src=rss

• The US bans all new foreign-made network routers
  The Federal Communications Commission has released a notice today designating any consumer routers manufactured outside the US as a security risk. The rule states that new foreign-made product models for network routers will land on the Covered List, a set of communications equipment seen as having an unacceptable risk to national security. Previously purchased routers can still be used and retailers can still sell models that were approved by the prior FCC policies. In an exception to the usual rule, routers included on the Covered List can continue to receive updates at least through March 1, 2027, although the date could potentially be extended.
  
  The move stems from a goal in the White House9s 2025 national security strategy that reads: "the United States must never be dependent on any outside power for core components—from raw materials to parts to finished products—necessary to the nation’s defense or economy." The notice from the FCC states that companies can apply for conditional approval for new products from the Department of War or the Department of Homeland Security. However, that requires the businesses to provide a plan for shifting at least some of their manufacturing to the US in order to receive that conditional approval. 
  
  Few, if any, brands known for consumer-grade routers currently build products stateside. It seems likely this sweeping provision could face legal challenges from and cause confusion for the many companies that have production facilities overseas. In addition to Chinese tech giants like TP-Link, US companies will also be affected. NetGear, Eero and Google Nest are all headquartered domestically but have manufacturing in Asia. At least some of that manufacturing activity happens in regions like Taiwan that have historically been on good terms with the US. Until the sector sorts out this new restriction, don9t expect to see any new router models on store shelves.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/the-us-bans-all-new-foreign-made-network-routers-223622966.html?src=rss

• Claude Code and Cowork can now use your computer
  Anthropic announced today that its Claude Code and Claude Cowork tools are being updated to accomplish tasks using your computer. The latest update will see these AI resources become capable of opening files, using the browser and running dev tools. 
  
  When enabled, the Claude AI chatbot will first prioritize connectors to supported services such as the Google workplace suite or Slack, but if a connector isn9t available, it will be able to still execute an assigned task. Claude should ask for permission before taking these actions, but Anthropic still recommended not using this feature to handle sensitive information as a precaution.
  
  Claude computer use will initially be available to Claude Pro and Claude Max subscribers on macOS. This feature is still in a research preview, so will continue to be adjusted based on Anthropic9s user feedback. It will also support use with Anthropic9s Dispatch feature, which allows a person to message the chatbot in a single continuous conversation across phone and desktop. 
  
  Claude Cowork was introduced in January. It9s an iteration of the Claude Code AI agent for programmers that is designed for more casual users.
  This article originally appeared on Engadget at https://www.engadget.com/ai/claude-code-and-cowork-can-now-use-your-computer-210000126.html?src=rss

• EA is nuking Battlefield Hardline on consoles
  EA has put another game on the chopping block, or at least the console versions of it. The company says it will delist the PS4 and Xbox One versions of announcement on X, EA didn9t explain exactly why it9s ceasing support for the game on PS4 and Xbox One. It pointed readers to a FAQ on its website that lays out some of the typical reasons why it ends online support for its games. These include factors like declining player bases. 
  
  Battlefield Hardline, which was released in 2015, will still be available on Steam as well as EA9s own PC app. The Steam version has a peak concurrent player count of 41 so far this year.  
  
  It9s hardly uncommon for a publisher to end online services for games with declining player bases, but it9s an issue that9s come into greater focus over the last few years thanks in part to the Stop Killing Games movement. EA alone has sunsetted dozens of games. Its website has a full accounting of these, spread across three webpages. 
  This article originally appeared on Engadget at https://www.engadget.com/gaming/ea-is-nuking-battlefield-hardline-on-consoles-193321551.html?src=rss

• Apple will reportedly start stuffing ads into the Maps app
  Apple is reportedly planning on inserting ads into the Maps app, according to Bloomberg9s Mark Gurman. An announcement could come as soon as this month, with the ads themselves appearing on iPhones this summer.
  
  This will likely work similarly to ads in Google Maps and Yelp, which lets retailers and brands bid for coverage with particular search queries. I9ve personally never found the ads in Google Maps to be that annoying, so let9s hope Apple9s implementation is similar. 
  
  This potential ad revenue could seriously bolster Apple9s services business, which currently generates $100 billion a year for the company. This division accounts for around 25 percent of annual revenue but faces challenges in both the short-term and long-term, as regulators around the world push for changes to App Store policies.
  
  Apple has yet to comment on the matter. This idea has been floating around since last year, with rumors going all the way back to 2022. The company already displays ads on the App Store and on the News app, so the jump to Maps isn9t coming out of left field.
  This article originally appeared on Engadget at https://www.engadget.com/apps/apple-will-reportedly-start-stuffing-ads-into-the-maps-app-182311634.html?src=rss

• Wing expands its drone delivery service to the Bay Area
  Wing's drone deliveries are coming full circle after adding Bay Area to its service locations. The drone delivery startup has been rapidly expanding to metro areas across the US, but is now targeting the tech-friendly Silicon Valley region.
  
  Going back to its inaugural deliveries, Wing ferried office supplies across Google's Mountain View campus in the Bay Area with its automated drones. It was still a startup out of Google's X, The Moonshot Factory incubator at the time, but early users were already asking for home delivery services, according to Wing. Now, Wing's latest delivery drones can deliver groceries, food, or whatever else fits in a small package weighing up to five pounds in 30 minutes or less to Bay Area residents.
  
  It may not be that common to spot a Wing drone yet, but the company expanded its service to 150 more Walmart locations across the US, including Los Angeles, St. Louis, Cincinnati and Miami, earlier this year. The drone delivery company also extended its hours of operation to 9 AM to 9 PM in its Charlotte and Dallas-Fort Worth metros, with approval from the Federal Aviation Administration. Beyond the recent Bay Area expansion, Wing has previously mentioned Orlando and Tampa as potential markets to enter.
  This article originally appeared on Engadget at https://www.engadget.com/transportation/wing-expands-its-drone-delivery-service-to-the-bay-area-175748410.html?src=rss

• Apple's WWDC 2026 is set for June 8-12
  Apple announced that this year's Worldwide Developers Conference (WWDC) will take place from June 8-12. The company tends to be consistent with event timing, so it's no surprise that CEO Tim Cook will take the stage for the keynote on June 8, most likely at 1PM ET. 
  
  Much of WWDC will take place online and will be free to attend, though there will be an in-person component for select developers, students and media at Apple Park in Cupertino, California. You'll be able to take in WWDC via the Apple Developer app, website and YouTube channel. It will also be available in China on the Apple Developer Bilibili channel.
  
  What should we expect this time around? This is a software-focused event and all indications point toward a reveal of the upcoming "27" operating systems. This would include iOS 27, iPadOS 27, macOS 27, visionOS 27, watchOS 27 and macOS 27.
  
  We don't know for certain what new features these operating system updates will bring to the table, with Bloomberg's Mark Gurman suggesting that WWDC will be "a fairly muted affair this year." Rumors have indicated that iOS 27 will deliver much-needed improvements to Apple Intelligence along with the delayed Siri overhaul. Reports also suggest the presence of split-pane multitasking, a redesigned Health app and a new battery management system for iPhones. 
  
  In any event, we don't have that long to wait. Engadget will be on hand to report on all of the announcements and reveals.
  This article originally appeared on Engadget at https://www.engadget.com/apps/apples-wwdc-2026-is-set-for-june-8-12-171359493.html?src=rss

• Polymarket is cracking down on insider trading with updated rules
  Polymarket announced that it's taking insider trading more seriously. Seen in its latest press release, the prediction market updated its market integrity rules, specifically those concerning insider trading and market manipulation. While Polymarket is taking the initiative to update its rules, it's likely a response to the rise in suspicious bets, whether it's about the US capture of Nicolás Maduro or the release of a new product from OpenAI.
  
  As first reported on by video editor suspended for two years from the platform and fined five times the amount of his initial trade size after Kalshi concluded its investigation.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/polymarket-is-cracking-down-on-insider-trading-with-updated-rules-163928655.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice