All the News that Matters

• openSUSE: 2026:0213-1 : mbedtls-2
  An update that fixes two vulnerabilities is now available.

• openSUSE: 2026:0215-1 : python-biopython
  An update that fixes one vulnerability is now available.

• Rocky Linux 10 Firefox Significant Sandbox Escape Flaws RLSA-2026-27733
  Important: firefox security update

• Rocky Linux 10 libpng Moderate DoS Code Execution Vuln RLSA-2026-28233
  Moderate: libpng security update

• Rocky Linux 10 RLSA-2026-27929 python3.14-urllib3 Major DoS and Info Leak
  Important: python3.14-urllib3 security update

• Rocky Linux 10 vim Moderate Command Injection Vuln RLSA-2026-28210
  Moderate: vim security update

• Rocky Linux 10 libxml2 Low Buffer Over-read Vulnerability RLSA-2026-28234
  Low: libxml2 security update

• A major security patch for xorg-x11-server-Xwayland on Rocky Linux issued
  Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update

• Rocky Linux 10 libsolv Moderate Buffer Overflow RLSA-2026-28236
  Moderate: libsolv security update

• Rocky Linux golang-github-openprinting-ipp-usb Moderate DoS RLSA-2026-27740
  Moderate: golang-github-openprinting-ipp-usb security update

• Podman 6.0 Lands with Breaking Changes, AMD GPUs Support
  Podman 6.0 drops CNI, cgroups v1, iptables, slirp4netns, Windows 10, and Intel Mac support while adding new machine and Quadlet features.

• Linux 7.2 Staging Still Working To Tame The Realtek RTL8723BS "Beast Of A Driver"
  Way back in 2017 for the Linux 4.12 kernel the Realtek rtl8723bs WiFi driver was added to the kernel's staging area. Nearly a decade later, it's still being cleaned-up to suit the more rigorous non-staging area of the kernel in the formal networking subsystem. For Linux 7.2, the staging pull request is once again dominated by clean-ups to this Realtek WiFi driver...

• Fooyin 0.11 Adds Internet Radio Browsing to the Qt Music Player
  Fooyin 0.11 music player adds remote stream playback, a new Radio Browser plugin, spectrum visualization, and playlist improvements.

• Latest Steam Client Update Improves PipeWire Session Logic on Linux
  Valve released a new stable Steam Client update today that further improves the PipeWire session logic on Linux, as well as Steam Input, Remote Play, In-Game Overlay, and Friends & Chat features.

• QuadRF uses Raspberry Pi 5 for 4×4 MIMO SDR, RF visualization, and scalable phased-array support
  Crowd Supply recently featured QuadRF, a 4×4 MIMO software-defined radio platform designed for spatial RF visualization, beamforming, and phased-array experimentation. The platform includes four coherent transmit/receive channels, swappable dual-polarization antennas, an integrated Raspberry Pi 5, and a browser-based interface for viewing nearby wireless activity. QuadRF uses four coherent antennas to measure differences in signal arrival […]

• QSOE v0.1 Released As A QNX-Inspired RISC-V OS
  QSOE 0.1 has made its debut as a QNX-inspired, dual kernel architecture open-source operating system just targeting RISC-V...

• KaOS Linux 2026.06 Launches Officially as First Release with Dinit
  The KaOS Linux team has officially released KaOS Linux 2026.06 today as the first ISO snapshot of this independent distribution using Dinit as the default init system instead of systemd.

• MGLRU Improvement Yielding Nice Gains On Linux 7.2: MongoDB 30~100% Higher Throughput
  The many memory management "MM" related improvements were recently merged to Git for the Linux 7.2 kernel. As typical most kernel cycles, some of the low-level improvements can yield nice efficiency wins and better performance in different areas...

• Fish Shell 4.8 Improves History Search, Scripting, and Completions
  Fish 4.8 command-line shell is out now with fixes for history search, completions, vi mode, and cd behavior.

• DietPi v10.5 Updates Raspberry Pi Display and Camera Options
  The June 2026 release of DietPi v10.5 updates the dietpi-config display options, with several Raspberry Pi-specific changes related to graphics drivers, camera support, and display configuration. The release also adds ARMv7 support for the RustDesk Client package and includes several bug fixes affecting NanoPi K2, RTC configuration, and ownCloud Infinite Scale installations. DietPi: DietPi is […]

• Google Starts Lowering Play Store Fees, Making Good On Epic Games Settlement
  An anonymous reader quotes a report from Ars Technica: Google spent the last few years locked in a legal grudge match with Epic Games, which claimed that Google's stewardship of the Play Store was anticompetitive. Now, the companies are thick as thieves, and Google is beginning to implement app store changes as agreed in its settlement with Epic. The lower developer fees and new payment options that Google promised are rolling out in select markets this month before expanding. [...] Starting on June 30, developers in Europe, the UK, and the US will have access to the new fee structure. This system will split the commission into two components: billing and service fees. The biggest win for small developers is the new flat 10 percent service fee for the first $1 million in earnings every year. Above that, the rate for various transaction types may reach 25 percent on existing installs. Apps installed after June 30 will top out at 20 percent. Developers will finally be allowed to send users outside the Play Store to complete a transaction, too. Google says they can design a choice screen "in accordance with our UX guidelines" to direct users to these external options. Devs pay the standard service fee on these purchases, but they'll avoid the billing fee. All transactions that run through Google's Play Store platform add a 5 percent billing fee -- even the base rate for publishers earning less than $1 million. Google notes that the billing fee is set at 5 percent in the initial markets, but it could be different in other regions. Google will expand the new fee structure globally through September 2027, while also offering reduced fees through updated developer programs. Although the changes may let developers retain more revenue, Google will continue controlling Android distribution and collecting a share of sales as it works toward allowing certified third-party app stores to operate more like the Play Store.
  
  
  Read more of this story at Slashdot.
  

• New Study Shows That Tall Vehicle Hoods Cause Hundreds More Deaths Per Year
  joshuark shares a report from Car and Driver: A new study conducted by the New York Times shows that the increase in vehicle hood height seen over the last two and a half decades, mainly due to the rise in popularity of large SUVs and trucks, has resulted in several thousand deaths that otherwise may not have happened. The study shows that while automakers and regulators have focused on occupant safety, they have turned a blind eye to pedestrian safety, which has fallen since around 2009. Researchers looked at four main datasets in their investigation: crash test data from the National Highway Traffic Safety Administration's (NHTSA) Crash Report Sampling System (CRSS) from 2016 to 2024; NHTSA's Fatality Analysis Reporting System (FARS); vehicle measurement data from Expert AutoStats; and vehicle registration data from S&P Global from 2002 to 2024. The researchers concluded that the increased danger to pedestrians is caused by two main culprits. First, large SUVs and trucks have taller hoods, raising the point of impact above most people's center of gravity and pushing them to the ground, typically hard asphalt, rather than up and onto the hood, which is designed to absorb impacts. Second, with larger A-pillars designed to protect occupants in rollover crashes, modern cars tend to have larger blind spots than cars sold at the turn of the century (presuming the 21st century). The shift toward vehicles with taller hoods led to roughly 3000 deaths between 2016 and 2024. This number is conservative because it does not include crashes that take place in parking lots, driveways, or private roads, which aren't part of the federal database. The data also showed an estimated 2.8 percent increase in the odds of a pedestrian fatality for every one-inch increase in vehicle hood height. Between two different scenarios, one decreasing the hood height of every vehicle in the dataset by 3 inches, and the second using a random sampling of hood heights from 2002 across 10,000 simulated crashes, between 2624 (for scenario two) and 3077 (for scenario one) lives could have been saved from 2016 to 2024.
  
  
  Read more of this story at Slashdot.
  

• NASA Rover Detects Potential Signatures of Ancient Microbial Life On Mars
  NASA's Perseverance rover has detected complex organic carbon in ancient Martian mudstones. The measurements were taken by the rover's Sherloc instrument and the organic carbon that was identified was from the Bright Angel outcrop, "a dried-up river that carried water into the planet's Jezero crater billions of years ago," notes The Guardian. From the report: The form of carbon detected, known as macromolecular carbon or MMC, can originate from living organisms. Geological processes can also produce the material, meaning its detection does not amount to proof of past Martian life. Dr Ashley Murphy at the Planetary Science Institute in Arizona said MMC can be found in different settings and types of rocks. "It may originate from biological sources such as fossilized organic matter found in microbial mats and coal," she said, but could also form in reactions between rocks and water or arrive on impacting meteorites. The mudstone rocks from the Bright Angel outcrop caused a stir in 2024 when the Perseverance rover discovered intriguing surface spots and nodules that resemble features produced by fossilized microbes on Earth. When the scientific details were published last year, Sean Duffy, the former acting head of Nasa, said: "This very well could be the clearest sign of life that we've ever found on Mars." [...] The discovery means Nasa rovers have now found organic-bearing mudstones more than 2,000 miles apart on Mars. The others were reported by the Curiosity rover which is exploring the planet's Gale crater. It "indicates that the habitability of Mars, and the availability of organics, may have been widespread across the planet billions of years ago," the authors write in Science Advances.
  
  
  Read more of this story at Slashdot.
  

• Stripe, Anthropic, and OpenAI Are Backing Effort To Stop Respiratory Infections
  An anonymous reader quotes a report from MIT Technology Review: [T]he payment company Stripe, founded by brothers Patrick and John Collison, says it will fund a new $500 million nonprofit whose goal is preventing both the common cold and the flu. Its eventual aim is to get rid of respiratory viruses altogether. The new organization, called Intercept, will use grants and investments to back prevention approaches, including vaccines, as well as large-scale air-cleaning systems for schools, offices, and other public spaces. In addition to Stripe, other funders include Anthropic, Flu Lab, and the OpenAI Foundation, as well as Bill Gates and several traders at the quantitative investing fund Jane Street Capital, according to an Intercept spokesperson. "I think we treat respiratory infections as a minor nuisance, but have really underweighted the burden that they impose on society," says Nan Ransohoff, the Stripe executive leading the initiative along with Charlie Petty, a venture capitalist who joined Stripe this year. On average, people spend 5% of their lifetime fighting a cold or the flu, according to Ransohoff. Despite that, drug companies put relatively little effort into preventing colds. Part of the problem is that the sniffles are caused by more than 200 different viruses, according to the American Lung Association, with rhinoviruses being the most common culprits. There are so many that it typically doesn't pay to try to stop any one of them with a vaccine. "When pharma companies look at it, it's not as attractive as other things they could work on," says Ransohoff. "So it hasn't attracted the resources." [...] The project takes inspiration from efforts to fight the covid-19 virus, where Veesler's group was among those involved in the speedy development of vaccines, antiviral drugs, and antibodies. According to Ransohoff, Intercept's advisors will include Peter Marks, a former top FDA official, as well as Moncef Slaoui, the pharmaceutical executive who led the US coronavirus vaccine effort, Operation Warp Speed. A key challenge for Intercept will be coming up with ways to counter many viruses at one time. That accounts for the interest in air-cleaning technology, such as using strong ultraviolet light to inactivate viruses. The idea, the group says, is to remove them from the air in the same way municipalities remove impurities from the water supply before it's piped to people's homes.
  
  
  Read more of this story at Slashdot.
  

• Slate Auto's Radically Simple Electric Truck Starts At $24,950
  Slate Auto says its stripped-down electric pickup will start at $24,950 before fees, with the base model's estimated range increased from 150 to about 205 miles. The company has started taking preorders on Wednesday. "The aggressive pricing -- half the average cost of a new car in the United States -- puts Slate in position to capture a share of the lowest end of the new car market, which has few gas and fewer electric options these days," reports TechCrunch. From the report: The price reveal comes more than a year after Slate Auto emerged from stealth. Since then, the company has been steadily detailing the extremely basic, transforming EV, which starts as a two-seater pickup truck, but can be modified into a five-seater SUV. The SUV version will start at $29,950, Slate said Wednesday. Slate has said the conversion can be done by professionals or by owners themselves. On Wednesday, it finally showed off some of the first of its "Slate University" how-to videos, which guide people through the steps for doing everything from the SUV conversion to adding headlight covers. Everything else about the truck is bare, though it's customizable. It has hand-crank windows, lacks an infotainment system, and all orders start with the same gray composite material, with no paint options, as Slate plans to let buyers order customizable wraps for the vehicle. That likely helps cut out a major cost center, as factory paint shops can run in the hundreds of millions of dollars. The company did not offer more details about the buying process. Slate has said it "won't have traditional dealerships," and plans to sell directly to customers, similar to other EV companies like Tesla, Rivian, and Lucid Motors.
  
  
  Read more of this story at Slashdot.
  

• Meta Pauses Employee-Tracking Program Following Internal Data Leak
  Meta has paused its Model Compatibility Initiative that tracked employee mouse movements, clicks, keystrokes, and screen content to train AI agents, after some of its collected data became accessible to more employees than intended. Meta says it has no evidence the information was improperly accessed and will not restart the program until it is confident in its safeguards. Wired reports: Meta rolled out the Model Compatibility Initiative (MCI) tool in April to US employees. The tool "collects computer inputs such as mouse movements, click locations and keystrokes, as well as screen content," according to workers who have been petitioning against it over privacy, security, and personal liberty concerns. When MCI launched, employees couldn't opt out, but that changed to a limited degree after workers protested. Meta executives have repeatedly defended the data-gathering project, saying it was necessary to train AI systems to operate computer software the way humans do and that employees were the best examples for the artificial intelligence to learn from. On Monday, a Meta engineer issued an internal security notice stating that databases filled with information gathered by MCI had been exposed to anyone inside the company. A former employee actively involved in pushing back against MCI describes the lapse as "a mess" -- and one that employees had expected would occur. "When workers raised concerns, leadership doubled down and failed to acknowledge the risks workers raised about the safety and privacy of worker and customer data," the person says. "Leadership has clearly created an authoritarian environment where workers are no longer respected or heard." But after critical comments poured into internal forums on Monday expressing frustration about the security issue, Meta shocked some of its staff by pausing MCI altogether, telling WIRED about the development several hours before announcing it to employees. A few workers told WIRED they were confused in the meantime because the tool was continuing to run on their laptops. Late on Monday, Stephane Kasriel, a Meta vice president overseeing AI research, announced the pause and told staff that the security issue had been discovered on June 18 and addressed within four hours. But the initial fix didn't stick and access to the data had to be further locked down. The issue made "some MCI-derived data" accessible to more people than intended, he wrote, without elaborating.
  
  
  Read more of this story at Slashdot.
  

• GTA VI Is a Worrying Sign For the Future of Physical Games
  Rockstar Games has revealed the price of Grand Theft Auto VI to be $79.99, and confirmed that the physical versions of the game won't include a disc. Instead, they'll contain a one-time download code when it launches November 19. "Not only is that a disappointing decision for people who like to own physical games, but given the scale of the next GTA, it also sets a bad precedent for the rest of the industry," reports The Verge. From the report: There are a lot of advantages to buying digital. You can start a download from your couch. You can store multiple games on one hard drive so you don't have to get up to play something else. Storefronts like Steam or the PlayStation Store don't run out of inventory of the newest game you're interested in, and you can often get games at a cheaper price thanks to frequent sales. But it's becoming increasingly clear that digital ownership has significant disadvantages, too. If a game you don't own digitally is removed from a storefront, whether that's for things like licensing, artificially limited availability, or even the store eventually closing down, your only option is to hope you can find a physical version. If your account on a platform is banned, even if that ban isn't warranted, you might be locked out of your digital library with no way to play those games unless you buy them again or hope your account gets restored. You can't sell or trade digital games you've purchased, and while there are ways to share digital games, they require some work and are usually intended just for families. It's also much harder to preserve digital games because they only "exist" on the hard drive of a console, PC, or device they were downloaded to. This is an issue across many industries, not just console games; there are multiple examples of things like mobile games and streaming shows becoming lost for good when they don't have a physical version. Without physical versions, you also can't find a used version of a game at a garage sale or a local game shop. It's unclear whether Rockstar will ever release a physical version of the game. As for why, The Verge suspects the decision was made in part to prevent leaks; "by only being available digitally, Rockstar can ensure that GTA VI unlocks at the same exact time for everyone." "The digital-only choice might also indicate that the game has a massive file size that's too big for PlayStation and Xbox game discs."
  
  
  Read more of this story at Slashdot.
  

• OpenAI Unveils First Chip As Part of Broadcom Deal
  OpenAI and Broadcom have unveiled Jalapeno, OpenAI's first custom AI chip, designed primarily to handle inference for ChatGPT and other services. It's a major step in OpenAI's plan to "build the full stack behind its models and products," says OpenAI. "By designing more of the stack ourselves, we can serve more intelligence with greater efficiency and keep pushing advanced AI toward broader access." CNBC reports: The chip with Broadcom is an ASIC, which industry experts say is less flexible than Nvidia's GPU, but is also less expensive and can be designed for specific AI tasks. OpenAI said that it designed the chip in nine months, and that it also crafted large parts of the computer system where it will be used. The companies are calling the chip an "Intelligence Processor" and describe it as the first "AI accelerator" in a platform they're building "to make advanced AI faster, more reliable, and more accessible to more people." [...] A physical sample of the new chip will be delivered to OpenAI on Wednesday. The companies said they're aiming for initial deployment of the Jalapeno chips by the end of 2026, "expanding in the years ahead."
  
  
  Read more of this story at Slashdot.
  

• Walmart's First Nuclear Deal Shows Demand Beyond AI Data Centers
  An anonymous reader quotes a report from Barron's: Walmart is signing a long-term contract to buy nuclear power for the first time ever, a promising sign that the industry's future is supported by more than just the AI data center boom. The retail giant agreed on Tuesday to buy power from a nuclear plant in Illinois owned by Constellation Energy for its operations in the area, including its stores and a high-tech warehouse in Illinois that stores and sorts perishable food. Walmart will buy 176 megawatts of power from the plant over a 15-year period, or enough power to serve around 150,000 homes. The Walmart deal will allow Constellation to expand the capacity of the Illinois plant by 30 megawatts, a process known as an uprate, which can involve replacing older equipment and improving efficiency. Walmart, which has pledged to eliminate net carbon emissions from its U.S. operations by 2040, will also receive the environmental attributes associated with the nuclear energy, which generates electricity without carbon emissions. Further reading: Trump Admin Announces $17.5 Billion In Loans For 10 New Large Nuclear Reactors
  
  
  Read more of this story at Slashdot.
  

• Bob Iger's Disney Wanted Apple, Twitter, and 007
  In an exit interview with The Financial Times (paywalled), former Disney CEO Bob Iger says the company seriously considered buying Twitter, explored a potential merger with Apple, and pursued the James Bond franchise during his tenure. The Verge reports: According to Iger, Disney came close to buying Twitter from co-founder Jack Dorsey "at a very attractive price," sometime prior to Elon Musk buying the social media platform in 2022 and changing its name to X. Iger had plans to turn Twitter into a global distribution platform for Disney, but walked away on the morning of the deal over concerns that it would be "a horrible distraction." Disney was also at one point involved in early conversations regarding a potential merger with Apple, something Iger thinks would have been "truly transformational." In the end, Iger says these conversations "never went anywhere," and that "Apple didn't show that much interest." The two companies have a mixed history -- Iger was an Apple board member from 2011 to 2019, and notably a driving force behind Disney acquiring Pixar in 2006, which was led by Apple co-founder Steve Jobs at the time. According to Iger, his first call with Jobs resulted in an almost immediate deal to put Disney content on the first video iPod. "All of a sudden, I'm now someone Steve likes and respects," Iger told The Financial Times. "The old Disney that he knew was lumbering in terms of bureaucracy. And so he thought, this is a new day." The Pixar acquisition spurred Iger to find more companies to bring under Disney's wing, though not every attempt was successful. "We felt unstoppable. We put together a list of acquisition targets," said Iger. "Marvel was one, Star Wars was another, James Bond was one. We had a list and I figured let's just tick them off and buy them all." Iger provides no details about Disney's attempt to buy the James Bond franchise, but we know it obviously failed -- Amazon bought the 007 distribution rights when it acquired MGM in 2022, and later paid more than $1 billion to take full creative control of the franchise in February 2025.
  
  
  Read more of this story at Slashdot.
  

• % Prime Day Savings Are Live! Save up to 75% on training, certifications, bundles, and THRIVE-ONE Annual. Ends June 26.
  The biggest learning deals of the season have arrived. Save up to 75% on training, certifications, bundles, and more through June 26, and take the next step toward your professional goals. SAVE NOW
  
  The post % Prime Day Savings Are Live! Save up to 75% on training, certifications, bundles, and THRIVE-ONE Annual. Ends June 26. appeared first on Linux.com.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

Engadget"Engadget - Technology News & Expert Reviews"

• Sony A7R VI review: A huge speed boost makes this a nearly perfect high-resolution camera
  Sony's A7R VI finally serves up speed and resolution together thanks to the new 67MP stacked sensor.

• IBM says it has created the world's first sub-1 nanometer chip
  IBM says it has created the world9s first sub-1 nanometer chip

• Apple hikes prices for most of its hardware
  Macs, MacBooks, iPads and other Apple products just got more expensive.

• Can your smartwatch detect sleep apnea?
  No smartwatch can actually diagnose sleep apnea, but some can track certain signs that might indicate you have the condition.

• Google will open the Play Store to outside billing on June 30
  Google will allow developers to offer alternative billing in the US, the UK and Europe starting on June 30.

• Nothing teases the Phone 4b, launching on July 7
  Nothing will launch the entry-level Phone 4b on July 7.

• C'mon, you don't need an AI to check your spelling
  A Florida Republican denies claims her team used AI to work on draft legislation, saying Claude was only used as spelling and grammar checker.

• Xbox is testing support for longer gamertags
  Xbox is testing new features, including support for 15-character gamertags.

• Amazon Zoox's latest robotaxi looks (marginally) less like a toy car
  Amazon-owned Zoox has introduced its new autonomous vehicle meant for for large-scale production.

• OpenAI's free GPT-5.5 model makes ChatGPT better at understanding context
  OpenAI has rolled out an upgrade for the free model you interact with the most on ChatGPT.

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice