All the News that Matters

• SUSE Linux Enterprise 15 SP6 Kernel Important Threat CVE-2026-23268
  An update that solves one vulnerability can now be installed.

• openSUSE Leap 15.6 Important Kernel Policy Management Vuln 2026-1531-1
  An update that solves one vulnerability can now be installed.

• SUSE Linux Kernel Important Bluetooth Privilege Issues 2026-1532-1
  An update that solves two vulnerabilities can now be installed.

• SUSE Linux 12 SP5 Kernel Important Privileges Fix SUSE-SU-2026-1535-1
  An update that solves two vulnerabilities can now be installed.

• Debian DSA-6222-1 ngtcp2 Important Buffer Overflow CVE-2026-40170
  Zou Dikai discovered a buffer overflow in ngtcp2, a QUIC protocol library. For the oldstable distribution (bookworm), this problem has been fixed in version 0.12.1+dfsg-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 1.11.0-1+deb13u1.

• Ubuntu 22.04 chromium-browser Significant Upgrade SSA-2026-221-08
  New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

• Framework Computer Announces The Framework Laptop 13 Pro
  At Framework Computer's next-gen hardware launch event today they announced the Framework Laptop 13 Pro as a ground-up redesign of their 13-inch modular laptop...

• Mozilla Thunderbird 150 Released With Custom Accent Colors
  Mozilla Thunderbird 150 email client adds custom accent colors, encrypted message search, PDF page reordering, and more.

• Linux May Drop Old Network Drivers Now That AI-Driven Bug Reports Are Causing A Burden
  Old network maintenance drivers are becoming a maintenance burden in the era of fuzzing and predominantly AI-driven bug detection causing an uptick in possible bug/security reports to upstream Linux kernel developers but with these drivers potentially having no actual users...

• COSMIC Desktop 1.0.11 Released with File Manager and Workspace Improvements
  COSMIC Desktop 1.0.11 brings fixes for Files, Settings, Terminal, and the Compositor, along with translation and dependency updates.

• Mozilla Thunderbird 150 Brings Support for Generating Unobtrusive Signatures
  Following the release of Firefox 150, Mozilla Thunderbird 150 has been released today as the latest stable version of this popular open-source, free, and cross-platform email, news, chat, addressbook, and calendar client.

• VirtualBox 7.2.8 Released With Linux Kernel 7.0 Support and Wayland Fixes
  VirtualBox 7.2.8 is out with Linux 6.19 and 7.0 host support, Wayland fixes, Windows 11 improvements, and updated Guest Additions.

• How to Hide "PackageKit" Message in openSUSE
  Discover how to get rid of the persistent PackageKit message on your openSUSE system and enjoy hassle-free package management without interruptions.

• Linux 7.1 KVM Adds "Very Experimental" Support For pKVM Protected Guests
  The Kernel-based Virtual Machine changes were recently merged for the Linux 7.1 merge window for further enhancing KVM as this important piece of the open-source virtualization stack...

• Arch Linux Now Ships a Reproducible Docker Image
  Arch Linux has released a reproducible Docker image, providing users with a bit-for-bit identical container build, though some limitations remain.

• AMD Ryzen 9 9950X3D2 Benchmarks: The Best Desktop Performance For Linux Developers, Creators
  Today we can finally share performance benchmarks of the long-rumored AMD Ryzen 9 9950X3D2 Dual Edition processor. This new halo product for the Ryzen 9000 series desktop line-up offers captivating performance for developers frequently compiling code, creators, technical computing workloads for students or hobbyists or those not able to afford a Threadripper / EPYC type workstation, or similar heavy computing use. With the 16 cores / 32 threads and both CCDs having 3D V-Cache, the AMD Ryzen 9 9950X3D2 offers leading performance among current generation desktop processors.

• FBI Looks Into Dead or Missing Scientists Tied To Sensitive US Research
  Federal authorities are now reviewing a string of deaths and disappearances involving scientists tied to sensitive U.S. aerospace and nuclear work, though officials have not established any confirmed link between the cases. The FBI says it "is spearheading the effort to look for connections into the missing and deceased scientists," adding that it "is working with the Department of Energy, Department of War, and with our state ... and local law enforcement partners to find answers." The Republican-led House Oversight Committee also announced an investigation into the reports. CNN reports: A nuclear physicist and MIT professor fatally shot outside his Massachusetts residence. A retired Air Force general missing from his New Mexico home. An aerospace engineer who disappeared during a hike in Los Angeles. These are among at least 10 individuals connected to sensitive US nuclear and aerospace research who have died or disappeared in recent years, prompting concerns whether they are connected and fueling speculation online about the possibility of nefarious activity. [...] The Defense Department said only that it would respond to the committee directly, and the Department of Energy referred questions to the White House. In a post on X, NASA said it is "coordinating and cooperating with the relevant agencies" in relation to the scientists. "At this time, nothing related to NASA indicates a national security threat," NASA spokesperson Bethany Stevens said. The cases vary widely in circumstance. Some involve unsolved homicides, while others are missing persons cases with no signs of foul play. In at least two instances, families have pointed to preexisting medical conditions or personal struggles as explanations. Authorities have not established any links between the cases. The White House said last week it is also working with federal agencies to probe any potential links between the deaths and disappearances, with President Donald Trump referring to the matter as "pretty serious stuff." "The United States has thousands of nuclear scientists and nuclear experts," said Rep. James Walkinshaw, a Democrat who also serves on the Oversight Committee. "It's not the kind of nuclear program that potentially a foreign adversary could significantly impact by targeting 10 individuals."
  
  
  Read more of this story at Slashdot.
  

• SpaceX Strikes Deal With Coding Startup Cursor For $60 Billion
  An anonymous reader quotes a report from the New York Times: SpaceX, Elon Musk's rocket and satellite company, said on Tuesday that it had struck a deal with the artificial intelligence start-up Cursor that could result in its acquiring the young company for $60 billion. SpaceX is making the deal just as it prepares to go public in what is likely to be one of the largest initial public offerings ever. In a social media post, SpaceX said the combination with Cursor, which makes code-writing software, would "allow us to build the world's most useful" A.I. models. SpaceX added that the agreement gave it the option "to acquire Cursor later this year for $60 billion or pay $10 billion for our work together." It is unclear if the companies plan to consummate the deal before or after SpaceX's I.P.O., which could happen as early as June. [...] Cursor, which has raised more than $3 billion in funding, was founded in 2022 and made waves as a fast-growing A.I. start-up. It was under pressure in recent months after OpenAI and Anthropic announced competing code-writing products that were embraced by tech companies. Cursor had been in talks to raise funding in recent weeks.
  
  
  Read more of this story at Slashdot.
  

• Florida Launches Criminal Investigation Into ChatGPT Over School Shooting
  Florida's attorney general has launched a criminal investigation into OpenAI over allegations that the accused gunman in a shooting at Florida State University last year used ChatGPT to help plan the attack. OpenAI says the chatbot is "not responsible for this terrible crime" and only provided factual information available from public sources. NPR reports: The Republican attorney general, James Uthmeier, said at a press conference in Tampa on Tuesday that accused gunman Phoenix Ikner consulted ChatGPT for advice before the shooting, including what type of gun to use, what ammunition went with it, and what time to go to campus to encounter more people, according to an initial review of Ikner's chat logs. "My prosecutors have looked at this and they've told me, if it was a person on the other end of that screen, we would be charging them with murder," Uthmeier said. "We cannot have AI bots that are advising people on how to kill others." Uthmeier's office is issuing subpoenas to OpenAI seeking information about its policies and internal training materials related to user threats of harm and how it cooperates with and reports crimes to law enforcement, dating back to March 2024. At the press conference, Uthmeier acknowledged the investigation is entering into uncharted territory and is uncertain about whether OpenAI has criminal liability. "We are going to look at who knew what, designed what, or should have done what," he said. "And if it is clear that individuals knew that this type of dangerous behavior might take place, that these types of unfortunate, tragic events might take place, and nevertheless still turned to profit, still allowed this business to operate, then people need to be held accountable." [...] Ikner, 21, is facing multiple charges of murder and attempted murder for the April 2025 shooting near the student union on FSU's Tallahassee campus, where he was a student at the time. His trial is set to begin on Oct. 19. According to court filings, more than 200 AI messages have been entered into evidence in the case.
  
  
  Read more of this story at Slashdot.
  

• Mozilla Uses Anthropic's Mythos To Fix 271 Bugs In Firefox
  BrianFagioli writes: Mozilla says it used an early version of Anthropic's Claude Mythos Preview to comb through Firefox's code, and the results were hard to ignore. In Firefox 150, the team fixed 271 vulnerabilities identified during this effort, a number that would have been unthinkable not long ago. Instead of relying only on fuzzing tools or human review, the AI was able to reason through code and surface issues that typically require highly specialized expertise. The bigger implication is less about one release and more about where this is heading. Security has long favored attackers, since they only need to find a single flaw while defenders have to protect everything. If AI can scale vulnerability discovery for defenders, that dynamic could start to shift. It does not mean zero days disappear overnight, but it suggests a future where bugs are found and fixed faster than attackers can weaponize them. "Computers were completely incapable of doing this a few months ago, and now they excel at it," says Mozilla in a blog post. "We have many years of experience picking apart the work of the world's best security researchers, and Mythos Preview is every bit as capable. So far we've found no category or complexity of vulnerability that humans can find that this model can't." The company concluded: "The defects are finite, and we are entering a world where we can finally find them all."
  
  
  Read more of this story at Slashdot.
  

• Framework Laptop 13 Pro Is a Major Overhaul For the Modular, Upgradeable Laptop
  An anonymous reader quotes a report from Ars Technica: Framework has been selling and shipping its modular, repairable, upgradable Laptop 13 for five years now, and in that time, it has released six distinct versions of its system board, each using fresh versions of Intel and AMD processors (seven versions, if you count this RISC-V one). The laptop around those components has gradually gotten better, too. Over the years, Framework has added higher-resolution screens in both matte and glossy finishes, a slightly larger battery, and other tweaked components that refine the original design. But so far, all of those parts have been totally interchangeable, and the fundamentals of the Laptop 13 design haven't changed much. That changes today with the Framework Laptop 13 Pro, which, despite its name, is less an offshoot of the original Laptop 13 and closer to a ground-up redesign. It includes new Core Ultra Series 3 chips (codenamed Panther Lake), Framework's first touchscreen, a new black aluminum color option, a larger battery, and other significant changes. And while it sacrifices some component compatibility with the original Laptop 13, displays and motherboards remain interchangeable, so Framework Laptop owners can buy the new Core Ultra board and owners of older Framework Laptop boards can pop one into a Pro to benefit from the new battery and screen. At 1.4kg (about 3 pounds), the Laptop 13 Pro is slightly heavier than the Laptop 13's 1.3kg, but it still stacks up well against the 14-inch M5 MacBook Pro (1.55kg, or 3.4 pounds). The Framework Laptop Pro will start at $1,199 for a DIY edition with a Core Ultra 5 325 processor, and no RAM, SSD, or operating system. A prebuilt version with Ubuntu Linux installed will start at $1,499, and Windows 11 will cost another $100 on top of that. A Core Ultra X7 358H version starts at $1,599 for a DIY edition, and a "limited batch" Core Ultra X9 388H version starts at $1,799. A bare motherboard with the Core Ultra 5 325 starts at $449, while a Core Ultra X7 358H board will cost $799. Pre-orders are available now, and begin shipping in June.
  
  
  Read more of this story at Slashdot.
  

• Job Cuts Driven By AI Are Rising On Wall Street
  Firms like Bank of America, Citi, Wells Fargo, and others are reporting strong profits while reducing head count and automating more work. "All of them credited A.I. to some degree ... in areas ranging from the so-called back office, where tens of thousands of employees fill out paperwork to comply with various laws and regulations, to the front office, where seven-figure salaried professionals put together complicated financial transactions for corporate clients," reports the New York Times. From the report: Less than four months ago, Bank of America's chief executive, Brian T. Moynihan, volunteered in a TV interview what he would say to his 210,000 employees about the chance of artificial intelligence replacing human work. "You don't have to worry," he said. "It's not a threat to their jobs." Last week, after Bank of America reported $8.6 billion in profit for the first quarter -- $1.6 billion more than the same period a year earlier -- Mr. Moynihan struck a different tone. The bank's bottom line, he said, was helped by shedding 1,000 jobs through attrition by "eliminating work and applying technology," which he repeatedly specified was artificial intelligence. He predicted more of that in the months and years to come. "A.I. gives us places to go we haven't gone," Mr. Moynihan said. The veneer of Wall Street's longstanding assertion -- that A.I. will enhance human work, not replace it -- is rapidly peeling away, as evidenced by the current quarterly earnings season. JPMorgan Chase, Citi, Bank of America, Goldman Sachs, Morgan Stanley and Wells Fargo racked up $47 billion in collective profits, up 18 percent, while shedding 15,000 employees. All of them credited A.I. to some degree with helping cut jobs and automate work in areas ranging from the so-called back office, where tens of thousands of employees fill out paperwork to comply with various laws and regulations, to the front office, where seven-figure salaried professionals put together complicated financial transactions for corporate clients. Unlike executives in Silicon Valley, few major financial figures are stating outright that A.I. is eliminating jobs. Citi, for example, has pledged to shrink its work force by 20,000 people through what one executive described to financial analysts last week as the company's "productivity and efficiency journey." The bank is paying for A.I. software from Anthropic, Google, Microsoft and OpenAI, to automatically read legal documents, approve account openings, send invoices for trades and organize sensitive customer data, among other tasks, according to public statements by bank executives and two people familiar with Citi's systems. Among the recent job cuts at Citi were scores of employees who were part of the bank's "A.I. Champions and Accelerators" program, according to the two people, who were not permitted by the bank to speak publicly. The program involves Citi employees who perform their day jobs while also working to persuade their colleagues to adopt A.I. technologies.
  
  
  Read more of this story at Slashdot.
  

• Meta To Start Capturing Employee Mouse Movements, Keystrokes For AI Training Data
  Reuters reports that Meta plans to start collecting U.S.-based employees' mouse movements, clicks, keystrokes, and occasional screen snapshots to train AI agents that can better learn how humans use computers. The tool, called Model Capability Initiative (MCI), will reportedly "not be used for performance assessments or any other purpose besides model training and that safeguards were in place to protect 'sensitive content.'" From the report: Meta CTO Andrew Bosworth told employees in a separate memo shared on Monday that the company would step up internal data collection as part of those "AI for Work" efforts, now re-branded as Agent Transformation Accelerator (ATA). "The vision we are building towards is one where our agents primarily do the work and our role is to direct, review and help them improve," Bosworth said. The aim, he added, was for agents to "automatically see where we felt the need to intervene so they can be better next time." Bosworth did not explicitly spell out how those agents would be trained, but said Meta would be "rigorous" about "building up data and evals for all the types of interactions we have as we go about our work." Meta spokesperson Andy Stone acknowledged that the MCI data would be among the inputs. [...] "If we're building agents to help people complete everyday tasks using computers, our models need real examples of how people "actually use them -- things like mouse movements, clicking buttons, and navigating dropdown menus," said Stone.
  
  
  Read more of this story at Slashdot.
  

• Google's Internal Politics Leave It Playing Catch-Up On AI Coding
  An anonymous reader quotes a report from Bloomberg: At Google, leaders are anxious about falling behind in the race to offer AI coding tools, especially as rivals like Anthropic PBC offer more effective and popular tools to businesses, according to people familiar with the matter. The search giant is now working to unite some of its coding initiatives under one banner to speed progress and take advantage of a surge in customer interest. In some corners of Alphabet's Google, particularly AI lab DeepMind, concerns about the company's position are mounting, according to current and former employees and executives, who declined to be named because they weren't authorized to speak publicly. Businesses are just starting to realize that AI coding tools can enable anyone to build products by prompting a chatbot. But Google doesn't have a clear solution for them. Its Gemini model's capabilities are sprinkled across half a dozen different coding products with different branding, indicating how the company's lack of focus and competing internal efforts have hampered success, the people said. Even internally, some Google engineers prefer to use Anthropic's Claude Code, they said. More concerning, the people said, are the engineers who are struggling to adopt AI coding at all. [...] Google's emphasis on its own technology has also complicated the push to catch up. Most employees are banned from using competing tools such as Claude Code or Codex due to security concerns, but Googlers can request exceptions if they can demonstrate they have a business case, one former employee said. Some teams at DeepMind, including those working on the Gemini model, internal applications, and open source models, use Claude Code, according to three former employees. "You want the best people to use the best tool, even inside Google," one of the former employees said. [...] In recent years, DeepMind has tried to tighten control over how its AI breakthroughs are woven into Google products. Last year, Google appointed Kavukcuoglu to a new position as chief AI architect, a role in which he is charged with folding generative AI into Google products. Yet confusion about who is leading the charge on AI coding persists. Along with DeepMind, Google Cloud, Google Core, Google Labs and Android are all pushing AI coding in different ways, one of the people said. [...] Within the Googleplex, there is a philosophical clash between AI researchers who want to move as quickly as possible and more traditional senior engineers who have exacting standards for code quality, former employees say. AI usage is factored into performance reviews, according to a former employee. But engineers who try to use internal AI coding tools often hit capacity constraints due to competition for computing power, the former employee said.
  
  
  Read more of this story at Slashdot.
  

• Xbox Game Pass Ultimate Gets a Price Cut
  Microsoft is cutting the monthly price of Xbox Game Pass Ultimate and PC Game Pass, but the tradeoff is that new Call of Duty releases will no longer arrive on the service at launch. Instead, they'll show up about a year later. The Verge reports: After Xbox CEO Asha Sharma admitted last week that "Game Pass has become too expensive for players," Microsoft is dropping the price of Xbox Game Pass Ultimate and PC Game Pass. Starting today, Xbox Game Pass Ultimate drops from $29.99 to $22.99 a month, and PC Game Pass moves to $13.99, down from $16.49 a month. The price drops are being fueled in part by future of Call of Duty titles no longer joining Game Pass Ultimate or PC Game Pass at launch. "New Call of Duty games will be added to Game Pass Ultimate and PC Game Pass during the following holiday season (about a year later), while existing Call of Duty titles already in the library will continue to be available," says Microsoft.
  
  
  Read more of this story at Slashdot.
  

• Global Growth In Solar 'the Largest Ever Observed For Any Source'
  The IEA says 2025 marked a turning point for global energy, with solar posting the largest growth ever seen for any energy source and helping carbon-free power outpace rising demand. The trend led the agency to declare that the world has entered the "Age of Electricity." Ars Technica reports: The IEA report covers energy use, including the electrical grid, transportation, home heating, and other forms of consumption. As such, it can track how some of those uses are shifting, as electric vehicles displace some gasoline use and heat pumps replace gas and oil heating. It also saw a more global trend: The demand for electricity grew at twice the rate of overall energy demand. All of these went into the conclusion that we're starting the Age of Electricity. In terms of specifics, the IEA saw electric vehicle demand rise by nearly 40 percent, with electric car sales being a quarter of the total of cars sold last year. While that's having a measurable effect on electricity demand, it remains relatively small at the moment. It's almost certain to be contributing to the size of the rise in oil use last year: 0.7 percent. In absolute terms, that's less than half the average rise of the previous decade. [...] When it comes to supplying electrons for those alternatives, the central story is solar power. "The absolute increase of solar PV generation in 2025 is the largest ever observed for any source," the IEA says, "excluding years marked by rebounds from global economic shocks such as COVID-19." In other words, with nothing in particular driving the energy markets in 2025, Solar's growth was unprecedented. On its own, its growth covered a quarter of the rising demand for all forms of energy. If you limit it to electricity, increased solar production covered over two-thirds of the increased demand. Overall, solar generated over 2,700 terawatt-hours last year, more than double its output from three years earlier. It now accounts for over 8 percent of the world's total electricity production. Thirty individual countries installed at least a gigawatt of solar last year, and it is now the single largest grid source by capacity (though other sources still outproduce it at the moment).
  
  
  Read more of this story at Slashdot.
  

• Open Source Powers the Planet — Get 35% Off Sitewide
  For a limited time, get 35% off sitewide with code EARTH26. Build in-demand skills, earn certifications, and grow your impact with training designed for real-world success. SAVE NOW
  
  The post Open Source Powers the Planet — Get 35% Off Sitewide appeared first on Linux.com.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• SpaceX and Cursor strike partnership that might end in a $60 billion acquisition
  SpaceX and AI company Cursor have struck a new partnership that could see the owner of X buy the AI company for $60 billion later this year. "SpaceXAI and  @cursor_ai  are now working closely together to create the world’s best coding and knowledge work AI," SpaceX wrote in a post on X. 
  SpaceXAI and @cursor_ai are now working closely together to create the world’s best coding and knowledge work AI.
  
  The combination of Cursor’s leading product and distribution to expert software engineers with SpaceX’s million H100 equivalent Colossus training supercomputer will…
  — SpaceX (@SpaceX) April 21, 2026
  According to SpaceX, the deal allows for it to either invest $10 billion into the company known for its AI coding tool, or acquire it entirely "later this year" for $60 billion. If an acquisition were to happen, it's not clear at what point Cursor could officially join the fold of Elon Musk's rapidly expanding and increasingly enmeshed web of companies. SpaceX bought xAI, the billionaire's AI company that also controls X, earlier this year. SpaceX is currently getting ready to go public this summer in what will likely be the biggest initial public offering (IPO) in history. 
  
  Cursor, which has reportedly been in talks to raise its own $2 billion round of funding, is known for its AI coding tool of the same name that's become the vibe coding platform of choice for many developers. It allows people to use either its own models or those from other leading AI companies, including OpenAI, Google, Anthropic and xAI.
  
  In a statement, Cursor said its partnership with SpaceX will "accelerate our model training efforts" while addressing infrastructure-related issues that have slowed it down in the past. "We've wanted to push our training efforts much further, but we've been bottlenecked by compute," the company said. "With this partnership, our team will leverage xAI's Colossus infrastructure to dramatically scale up the intelligence of our models for coding and beyond."
  This article originally appeared on Engadget at https://www.engadget.com/ai/spacex-and-cursor-strike-partnership-that-might-end-in-a-60-billion-acquisition-232131487.html?src=rss

• Mozilla says it patched 271 Firefox vulnerabilities thanks to Anthropic's Claude Mythos
  Anthropic9s buzzy announcement about using AI to improve cybersecurity earlier this month was met with plenty of skepticism. However, Mozilla shared some details that support use of the company9s special Claude Mythos Preview model as a way to protect critical services. Using Mythos helped Mozilla9s team find and patch 271 vulnerabilities in the latest release of the Firefox browser. "So far we’ve found no category or complexity of vulnerability that humans can find that this model can’t," the foundation said.
  
  The blog post from Mozilla feels like a positive sign for Anthropic9s Project Glasswing. Obviously the AI company would want to put itself in the best possible light while presenting its own initiative, but there9s something encouraging about hearing the benefits from a third party. Mozilla also noted that in its time with Claude Mythos, the AI wasn9t able to turn up any bugs that a human wouldn9t have been able to find, given enough time and resources, which indicates that AI isn9t presently able to do more to crack cybersecurity protections than a person can.
  
  An organizaion successfully using AI for good is certainly a refreshing change of pace in tech news. And for those Firefox users who aren9t personally interested in applying any generative AI in their browsing, Mozilla has given the option to turn it all off for the past several months.
  This article originally appeared on Engadget at https://www.engadget.com/ai/mozilla-says-it-patched-271-firefox-vulnerabilities-thanks-to-anthropics-claude-mythos-224330023.html?src=rss

• Cash App now supports accounts for kids 6-12
  Cash App, the banking and payments app run by Block, has added support for parent-managed kids accounts. The new accounts include key benefits from the service's normal account, with an eye towards teaching financial literacy to younger users ages 6 to 12. Cash App first allowed teenage users on its platform in 2021.
  
  As part of the "expanded Cash App Families experience," eligible legal guardians and parents can create managed accounts that offer "a dedicated place on the platform to send allowances, set aside savings, and track spending for their child, kickstarting their path to financial independence," Cash App says. Adults managing these accounts will be able to set up recurring transfers, see how their child is spending and do things like lock their child's account to prevent transactions. Kids will get a custom debit card and the ability to receive payments from up to five trusted accounts, though notably they won't be able to access Cash App itself.
  Today, we're launching Cash App accounts for kids age 6-12. Parents manage the accounts. Kids get to learn about safety, start saving for goals, and design and use their own debit card.
  
  Next generation banking never looked so good.
  
  Proud of the team for this one. pic.twitter.com/jIAcbvsfB9
  — Kristen Anderson (@FintechKristen) April 21, 2026
  Cash App says managed accounts are designed for kids 6 through 12. Once those kids turn 13, Cash App says parents will be able to choose to convert their account to a "sponsored account" to unlock more features, like the ability to send and receive payments, invest in stocks or trade crypto. Those sponsored accounts are technically still monitored and controlled by a parent or legal guardian, but they do give 13-year-olds more control over how they use their money.
  
  A parent-managed account for kids is not a new idea in the fintech space, though Cash App is trying to reach a younger audience than some of its competitors. Venmo rolled out access to its payment platform to teens between the ages of 13 to 17 in 2023. Separately, both Apple and Google also offer their own kids accounts in Google Wallet and Apple Cash Family.
  This article originally appeared on Engadget at https://www.engadget.com/apps/cash-app-now-supports-accounts-for-kids-6-12-210651025.html?src=rss

• YouTube is muting push notifications from channels you don't watch
  YouTube notifications can get messy fast, particularly if you’re subscribed to a lot of different channels. To address that, today the company will begin muting push notifications from creators that you haven’t engaged with in the last month.
  
  The change to YouTube notifications began as a small trial the company tested out earlier this year. The idea behind it is that if a viewer continually receives notifications about content they don9t engage with, this may eventually cause the user to disable YouTube notifications altogether. Now obviously, this is bad for YouTube. Turning off notifications means people will use the platform less, thereby resulting in lower revenue. However, it9s also bad for content creators, especially the ones you do like, who will have one fewer avenue to keep you updated about new and upcoming videos. 
  
  So starting today, for channels that you have subscribed to and have notifications set to "all," YouTube will no longer send out push notifications to mobile devices from creators that you haven9t interacted with for one month. That said, these notifications will continue to be available inside the YouTube app in your inbox (the little bell icon in the top right). 
  
  Notably, for those who are clicking on notifications and watching related videos, nothing will change. Additionally, based on info from the test earlier this year, YouTube said "channels that upload infrequently will not have their notifications affected." This is a good thing, especially for creators who post long-form content that takes extra time to make, as people probably don9t want notifications to go away in case they happen to miss a once-a-month upload. 
  
  The one thing that9s unclear is if you start watching a channel again that you have not interacted with in a while, is if YouTube will automatically restart related push notifications. However, as a way to prevent too many alerts from clogging up your phone, YouTube9s new protocol seems like a good way to cut down on the clutter.
  
  
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/youtube/youtube-is-muting-push-notifications-from-channels-you-dont-watch-205119228.html?src=rss

• AI company deletes the 3 million OKCupid photos it used for facial recognition training
  When online platforms violate their own privacy policies to sell your photos, have no fear: They just might have to pay an undisclosed settlement fee 12 years later. (Who says justice is dead?) According to Reuters, AI company Clarifai says it has deleted 3 million profile photos taken from dating site OkCupid in 2014. It follows a settlement reached last month between the FTC and Match Group, OkCupid's owner.
  
  The Delaware-based Clarifai reportedly certified the data deletion to the FTC on April 7. The company also confirmed to US Representative Lori Trahan (D-MA) that it deleted any models that trained on the data. Clarifai told the representative's office that it hadn't shared the data with third parties.
  
  The FTC opened the investigation in 2019, after The New York Times reported that Clarifai had built a training database using OkCupid dating profile photos. The behavior was a direct violation of OkCupid’s privacy policy. Court documents reviewed by Reuters reveal that Clarifai asked OkCupid executives for the data in 2014. Apparently, they obliged.
  
  Clarifai uses this creepy facial profiling example to sell its services.
  Clarifai
  "We're ⁠collecting data now and just realized that OkCupid must have a HUGE amount of awesome data for this," Clarifai founder Matthew Zeiler wrote in an email to OkCupid co-founder Maxwell Krohn. The AI startup used the dating site's images to build a facial recognition service that can identify a person's age, gender and race. (Another brilliant and totally ethical idea from Clarifai, tapping into unsecured city surveillance cameras without authorization, was reportedly shuttered.)
  
  Zeiller suggested to The New York Times in 2019 that people needed to, well, get over it. "There has to be some level of trust with tech companies like Clarifai to put powerful technology to good use, and get comfortable with that," the AI founder declared. Some of OkCupid's founders were reportedly investors in Clarifai.
  
  As part of the settlement, the FTC "permanently prohibited" OkCupid from misrepresenting its data collection and privacy controls. TechCrunch notes how strange it is to use that as a penalty, given that FTC rules already bar that behavior.
  This article originally appeared on Engadget at https://www.engadget.com/ai/ai-company-deletes-the-3-million-okcupid-photos-it-used-for-facial-recognition-training-195223996.html?src=rss

• Meta has misled users about scam ads on Facebook and Instagram, lawsuit says
  Meta is facing a new lawsuit over its advertising practices. The nonprofit group Consumer Federation of America (CFA) has filed a proposed class-action suit against Meta for "failing to protect users" from scam ads on Facebook and Instagram. 
  
  The lawsuit, which was first reported by Wired, alleges that Meta has run afoul of consumer protection laws in Washington D.C. for misleading Facebook and Instagram users about scams on its apps and that the company has "chased profits rather than protecting its users." The filing includes numerous examples of alleged scam ads that CFA says it found in Meta's ad library. These include ads promoting a "free government iPhone," as well as those claiming to offer $1,400 checks to people born in certain years. Many of the ads use AI videos, according to CFA.  
  Some of examples of alleged scam ads CFA includes in its lawsuit.CFA
  Meta's advertising practices have been in the spotlight since last year when Reuters reported on internal documents that indicated the company was making billions of dollars from ads promoting scams and banned goods. The report also highlighted how Meta's own processes have at times made it harder for its own employees to fight malicious advertisers.
  
  "Meta claims it is doing all it can to crack down on scam advertising on its platforms," CFA's lawsuit states. "But in reality, Meta has knowingly taken steps and adopted policies that pad its bottom line at the expense of its users’ safety and well-being. In fact, rather than prohibiting advertisers who the company itself has determined pose a higher risk to its users (as other tech companies like Google have), Meta just charges these advertisers more. The perverse result is that the riskier the advertiser, the more money Meta makes."
  
  CFA's allegations "misrepresent the reality of our work and we will fight them," a Meta spokesperson said in a statement. "We aggressively combat scams across our platforms to protect people and businesses — last year alone, we removed over 159 million scam ads, 92% of which we took down before anyone reported them, and took down 10.9 million accounts on Facebook and Instagram associated with criminal scam centers. We fight scams because they are bad for business — people don't want them, advertisers don't want them, and we don't want them either.”
  This article originally appeared on Engadget at https://www.engadget.com/social-media/meta-has-misled-users-about-scam-ads-on-facebook-and-instagram-lawsuit-says-193220235.html?src=rss

• New York Attorney General sues two prediction markets on illegal gambling allegations
  New York is the latest state to take a stand against prediction markets. Attorney General Letitia James has sued Coinbase Financial Markets and Gemini Titan on charges that both are illegally running unlicensed gambling operations. The suit also claims that these prediction markets violate state laws that prevent betting on games involving New York college sports teams. 
  
  "Gambling by another name is still gambling, and it is not exempt from regulation under our state laws and Constitution," James said. "Gemini and Coinbase’s so-called prediction markets are just illegal gambling operations, exposing young people to addictive platforms that lack the necessary guardrails."
  
  Multiple states have taken similar actions over the proliferation of prediction markets, but they may face a new roadblock at the federal level. Earlier this month, the US Commodity Futures Trading Commission sued three of the states that have charged prediction markets with running unlicensed gambling. The CFTC claimed that it should be the sole regulator for prediction markets and called the efforts by Arizona, Connecticut and Illinois an overreach of authority.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/new-york-attorney-general-sues-two-prediction-markets-on-illegal-gambling-allegations-192012225.html?src=rss

• Florida AG opens criminal investigation into OpenAI and ChatGPT
  Florida Attorney General James Ulthmeier has announced that the state's Office of Statewide Prosecution has opened a criminal investigation into OpenAI and ChatGPT. The investigation was opened because the suspect in a mass shooting at Florida State University in 2025 reportedly used ChatGPT in the lead up to the shooting.
  
  Per Uthmeier, "Florida law states that anyone who aids, abets, or counsels someone in the commission of a crime, and that crime is committed or attempted, may be considered a principal to the crime." That means that the responses provided by ChatGPT to the shooter could be interpreted as the AI assistant aiding and abetting his actions. Or at least that's what Florida seems interested in arguing.
  
  OpenAI provided the following statement when asked to comment on the Florida investigation:
  
  Last year's mass shooting at Florida State University was a tragedy, but ChatGPT is not responsible for this terrible crime. After learning of the incident, we identified a ChatGPT account believed to be associated with the suspect and proactively shared this information with law enforcement. We continue to cooperate with authorities. In this case, ChatGPT provided factual responses to questions with information that could be found broadly across public sources on the internet, and it did not encourage or promote illegal or harmful activity. ChatGPT is a general-purpose tool used by hundreds of millions of people every day for legitimate purposes. We work continuously to strengthen our safeguards to detect harmful intent, limit misuse, and respond appropriately when safety risks arise.
  
  As part of the investigation, Florida has subpoenaed OpenAI for information on "all policies and internal training materials" related to how the company handles things like users threatening to harm others, threatening to harm themselves and how OpenAI responds to law enforcement. The state is also asking OpenAI to share its organizational chart and any publicly released statements on the shooting.
  
  "Florida is leading the way in cracking down on AI's use in criminal behavior, and if ChatGPT were a person, it would be facing charges for murder," Attorney General James Uthmeier said. "This criminal investigation will determine whether OpenAI bears criminal responsibility for ChatGPT's actions in the shooting at Florida State University last year."
  
  Florida’s investigation isn’t the first time OpenAI has been connected to a mass shooting. Canadian regulators called for OpenAI to change how it approaches threats of harm following a agreed to new policies around how it works with Canadian law enforcement in March. Separately, OpenAI is still in the midst of a wrongful death lawsuit from 2025 for the role it may have played in the suicide of a teenage user.
  This article originally appeared on Engadget at https://www.engadget.com/ai/florida-ag-opens-criminal-investigation-into-openai-and-chatgpt-190200227.html?src=rss

• ChatGPT Images 2.0 is better at rendering non-Latin text
  A little more than a year after OpenAI gave ChatGPT users the option to create images and designs directly from its chatbot, it9s now releasing ChatGPT Images 2.0. OpenAI describes the new system as a “step change” for image generation models, particularly when it comes to the tool’s ability to follow instructions in detail, render dense text and place and relate objects in a scene. For the first time, OpenAI has also built an image model with reasoning capabilities, giving the system the ability to do things like search the web and verify its outputs. According to the company, those capabilities should translate to a tool that9s more reliable when accuracy, consistency and visual cohesion are essential. 
  An example of ChatGPT9s new non-Latin rendering abilities. OpenAI
  OpenAI says it has also put in a lot of work to make Images 2.0 better at understanding and rendering non-Latin text, with "significant gains" when it comes to the model9s ability to handle Japanese, Korean, Chinese, Hindi and Bengali. At the same time, the company claims the new model is better at faithfully recreating the specific characteristics of different visual languages. On this point, OpenAI says that makes Images 2.0 more useful for tasks like game prototyping and storyboarding. Outside of those features, the new model is more flexible when it comes to aspect ratios, allowing it to generate images that are as wide as 3:1 and as tall as 1:3. It can also produce designs at resolutions of up to 2K, and even generate up to eight outputs in one go. 
  A tortoiseshell cat in the style of Pokemon9s third generation of games. ChatGPT
  I got a chance to preview Images 2.0 ahead of its public release. For my first prompt, I asked ChatGPT to generate an image of a tortoiseshell cat in the pixel art style of Pokémon9s third generation. I thought this would be a good test because AI models typically struggle with pixel art, and the Game Boy Advance Pokémon games are iconic for their art style, so much so that if ChatGPT merely approximated that style, it wouldn9t do. The result is the image you see above, and I think ChatGPT did a commendable job there. I then tasked the new model with converting that image into a transparent PNG. For one last test, I asked ChatGPT to create a four-page manga about my cat enjoying a sunny day by an idyllic city stream. 
  Notice how the cat isn9t render exactly like the one above it. ChatGPT
  Of those three tests, ChatGPT spent the most time on the second one and the output there was slightly different from the first image it generated, which I felt deviated from my prompt. Still, it managed to generate a proper transparent image, which is something other image models can struggle to do properly. Once more people have a chance to put the model through its paces, we’ll have a better idea of how it compares to Google’s Nano Banana 2, and where OpenAI can make additional improvements.
  A manga generated by ChatGPT about a cat enjoying a sunny day. ChatGPT
  Images 2.0 is available starting today for all ChatGPT users, including those on the company9s Free and Go tiers. Plus and Pro subscribers get access to more advanced outputs. OpenAI is also making the model available through its API service and Codex coding app, which just last week it updated to offer built-in image generation. Notably, Images 2.0 arrives just days after Anthropic waded into the visual design market with its own design assistant.  
  This article originally appeared on Engadget at https://www.engadget.com/ai/chatgpt-images-20-is-better-at-rendering-non-latin-text-190000153.html?src=rss

• Netflix's Devil May Cry animated adaptation returns for a second season on May 12
  Netflix9s hit animated adaptation of the video game series Devil May Cry is returning for a second season on May 12. The streamer has released a full trailer alongside this announcement, after dropping a short teaser several months back.
  
  The new footage promises plenty of action and franchise fans will note that protagonist Dante now looks extremely similar to his counterpart from the games. This tracks with what series creator Adi Shankar said last year, when he promised that season two would show the character "embrace more of the iconic badassery fans of the game expect."
  
  The show, and the games, follow a half-demon demon hunter as he fights to prevent the gates of Hell from opening. The first season was a gigantic hit for the platform, racking up more than 5 million views in its first four days of release.
  
  Showrunner Shankar was heavily involved with the animated Castlevania adaptation, also for Netflix. Studio Mir is once again handling the animation, which is always great to see. This is the studio behind The Legend of Korra, X-Men 997, Kipo and the Age of Wonderbeasts and My Adventures with Superman, among others. The first season of Devil May Cry looked gorgeous, so season two should follow suit.
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/tv-movies/netflixs-devil-may-cry-animated-adaptation-returns-for-a-second-season-on-may-12-184003226.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice