All the News that Matters

• Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829
  It was discovered that missing input sanitising in the DIGEST-MD5 parser of the GNU SASL library could result in denial of service. For Debian 11 bullseye, this problem has been fixed in version 1.10.0-4+deb11u2. We recommend that you upgrade your gsasl packages.

• SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1
  An update that solves 23 vulnerabilities can now be installed.

• SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1
  An update that solves one vulnerability can now be installed.

• SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1
  An update that solves four vulnerabilities can now be installed.

• SUSE Google-Guest-Agent Important Security Update 2026-21989-1
  An update that solves six vulnerabilities and has five fixes can now be installed.

• SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1
  An update that solves three vulnerabilities and has 12 fixes can now be installed.

• SUSE Linux Micro Critical Ignition Patch CVE-2026-33814
  An update that solves one vulnerability can now be installed.

• SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1
  An update that solves four vulnerabilities can now be installed.

• SUSE Linux Micro version 6.1 introduces a crucial fix for Salt DoS issue
  An update that solves one vulnerability and has five fixes can now be installed.

• Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1
  Multiple vulnerabilities were discovered in dovecot, a POP3/IMAP server, which could lead to Denial of Service or information leak. CVE-2026-33603 An attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding and later

• Contributing to Fedora Infrastructure and the Power of Flock!
  Flock to Fedora is more than a conference – it’s where the Fedora community comes alive. As part of the In the Commit History campaign, we sat down with confirmed Flock 2026 speakers to hear their stories: what brought them to Fedora, what Flock means to them personally, and what they’re hoping for in Prague […]

• KDE Turns 30 and Wants You to Put Some Icing on Its Cake
  Thirty years after KDE’s debut, the venerable desktop is celebrating with cake, candles, and a call for community support.

• Linux 7.2 Will Be Able To Boot On Apple M3 Macs - But Far From Useful For End-Users
  The upcoming Linux 7.2 mainline kernel is expected to be able to boot on Apple M3 devices including the M3-powered iMac and MacBook products. But before getting too excited it's still a long ways to go before it will actually be useful for any Apple M3 daily usage under Linux with the overall support at this stage still being very limited for these 2~3 year old Apple Macs...

• Microsoft Opens the Door to Azure Linux 4.0 Testing
  Azure Linux 4.0 is now in public preview, giving users an early look at Microsoft’s Fedora-based Linux system for Azure.

• GNOME Files Supercharges Search with Faster Results, Smarter Filters, and Better File Discovery
  The GNOME project continues refining one of its most frequently used applications: GNOME Files (formerly known as Nautilus). Recent development efforts have focused heavily on improving the file manager’s search capabilities, making it easier to locate documents, media files, and folders across increasingly large storage volumes.

• Linux 7.1 + Mesa 26.1 Performance With The Radeon RX 9070 GRE, RX 9070 XT
  With this week's launch day review of the AMD Radeon RX 9070 GRE, Ubuntu 26.04 with its Linux 7.0 and Mesa 26.0 default driver stack was used for testing. That choice was made since the Ubuntu 26.04 release is still fresh, the RDNA4-based RX 9070 GRE was working without issue there, and from other RDNA4 testing knowing there isn't much uplift from the in-development Linux 7.1 kernel or the current stable Mesa 26.1 OpenGL RadeonSI / Vulkan RADV drivers. But for those interested, here are those tests...

• KDE Gear 26.04.2 Apps Collection Rolls Out, Here’s What’s New
  KDE Gear 26.04.2 arrives as a maintenance update with fixes for Dolphin, Kate, Kdenlive, KDE Connect, NeoChat, Tokodon, and more.

• Benchmarking The BORE Scheduler Performance With CachyOS Linux
  Earlier this week I ran benchmarks of different CachyOS Linux kernel flavors that proved interesting from the performance overhead of their hardened kernel build to various other interesting performancr takeaways. One kernel flavor I hadn't tested though was their build with the BORE scheduler. Given the interest and feedback from Phoronix readers, here is an article focused on looking at the performance of the BORE scheduler for the Linux kernel on CachyOS.

• New HTTP/2 Bomb DoS Attack Hits Nginx, Apache, IIS, Envoy, and Pingora
  A new HTTP/2 Bomb DoS attack can exhaust memory on major web servers, causing denial-of-service in seconds.

• Qualcomm Gets The Lenovo Yoga Slim 7x Gen11 Snapdragon X2 Laptop Working On Linux
  For those interested in the prospects of running Snapdragon X2 laptops on Linux rather than Windows 11 on ARM, the Lenovo Yoga Slim 7x Gen11 has emerged as one of the initial X2 laptops with tentative Device Tree handling to allow Linux to boot on this latest-generation Qualcomm-powered laptop,..

• The US Military Quietly Turned GPS Into a Global 'Numbers Station,' Evidence Suggests
  A security researcher says evidence suggests the U.S. military has been using an obscure GPS message field for nearly 20 years to broadcast encrypted key-distribution data, effectively turning GPS satellites into a global "numbers station." The hidden-looking 176-bit messages appear tied to the Pentagon's Over-the-Air Distribution system for remotely updating cryptographic keys, meaning ordinary GPS receivers may have been receiving the traffic all along without anyone outside the military noticing. The findings have been detailed by Steven Murdoch, an information security expert, in a new article in Inside GNSS. 404 Media reports: [...] From the beginning, he suspected that the subframe field contained encrypted transmissions because the data was so random. "Random data is actually very unusual to get in nature," Murdoch said. "If you see it, either it's been carefully designed to be random -- but then, why is someone sending out random data? -- or it's encrypted data. I thought encrypted data is by far the most likely explanation." He returned to the subframe on and off over the years, and solicited guesses about its content on Stack Exchange in 2023. Ahmed Kamruddin, a master's student at UCL, developed the project further in 2025. Then, this year, Murdoch put the last pieces of the puzzle together over several weeks by analyzing open archive Global Navigation Satellite System (GNSS) recordings collected since 2007 and kept by GFZ Helmholtz Centre for Geosciences. This dataset included more than 12 million observations of Subframe 4, Page 17, yielding 3,994 unique 176-bit messages. Within this corpus, Murdoch pinpointed key-repeating "sentinels" including a pattern that appeared in February 2010 and was broadcast on and off across dozens of satellites for more than a decade. Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system. He confirmed that this timeline coincided with the rollout of the military's Over-the-Air Distribution (OTAD) and the Over-the-Air Rekeying (OTAR) by cross-referencing declassified documents, including a 2015 presentation about the dates of the operation. "There was a perfect match between the timeline and that presentation and the change points that were automatically identified from the data," Murdoch said. "That was the smoking gun that made me think: This is what it's for." These automated systems replaced the cumbersome manual distribution of cryptographic keying material, allowing military GPS receivers around the world to be rekeyed remotely through satellite broadcasts rather than through onsite procedures. For the next 11 years, this expansive rekeying operation was overlooked in public GPS data. In 2022, the system entered a new phase, according to Murdoch's analysis. The shift was characterized by a slowing in the message rotation rate. Later, in December 2023, broadcasts carrying a distinctive "TEXT" prefix emerged then gradually spread across the constellation. Murdoch isn't sure what explains the recent transition, though it could be a possible modernization of the infrastructure or the introduction of a new protocol. But to him, the bigger takeaway is that the signals were always available for anyone willing to take a closer look, a discovery that suggests that there could be more revelations hidden for the cryptographically curious among us. "Every receiver in the world decodes Subframe 4, Page 17," Murdoch said in his new article. "Almost none of them have ever looked at it. The lesson generalizes: There is more to learn from the bytes already arriving at our antennas than from the bytes we wish were specified differently. The data are publicly available. The signal is overhead, twice a day, every day."
  
  
  Read more of this story at Slashdot.
  

• Google Will Pay SpaceX $920 Million Per Month For Compute
  Ahead of its upcoming IPO, SpaceX announced that Google will pay the company $920 million per month for access to roughly 110,000 Nvidia GPUs and related compute infrastructure. Google says the agreement is short-term "bridge capacity" to meet stronger-than-expected demand for Gemini Enterprise, while SpaceX is using deals like this and its Anthropic contract to bolster its pitch for a historic public offering. TechCrunch reports: The deal is similar in length and scope to the one SpaceX announced with Anthropic in late May. As part of that deal, Anthropic agreed to pay SpaceX $1.25 billion per month through 2029 to rent all the available compute from its Colossus 1 data center near Memphis, Tennessee that xAI -- now part of SpaceX -- originally built for its own artificial intelligence efforts. Google's deal appears to be paying for roughly half the amount of compute that Anthropic has access to at Colossus 1. SpaceX didn't say which specific data center Google would be using. CEO Elon Musk has previously suggested his company would reserve the Colossus 2 data center for xAI. Anthropic was significantly limited in its compute capacity prior to its deal with SpaceX, raising usage limits on the same day the deal was announced. Google is in a very different position, with some estimates naming it as the world's largest single owner of AI compute. [...] Also like the Anthropic deal, the agreement with Google includes a cancellation clause. Both SpaceX and Google have the option to terminate the agreement with 90 days notice after December 31, 2026. Google's access to the data center will ramp up "through September at a reduced fee," according to the filing. "If we fail to deliver access to the committed amount of GPUs by September 30, 2026, then following a one-month grace period, Google may immediately terminate the agreement or accept the number of GPUs provided" with a reduction in the monthly fees, it reads.
  
  
  Read more of this story at Slashdot.
  

• Bitcoin Falls To $60,000 As Zcash Bug Rocks Crypto
  Bitcoin briefly fell below $60,000 on Friday, "extending its weekly loss to nearly 20% and threatening to fall below $59,000," reports CoinDesk. Crypto was also hit by a 40%-plus plunge in Zcash after Shielded Labs disclosed a years-old bug that could have allowed undetected counterfeit ZEC creation. From the report: Now, with stocks in plunge mode -- the Nasdaq down nearly 4% on Friday -- bitcoin finds itself perfectly correlated. "Short term, Bitcoin feels like swallowing broken glass," wrote Jeff Swanson Friday. "The chart goes up. It goes down. It makes grown men cry into their Robinhood accounts and CNBC anchors smugly declare the funeral, for the eleventh time." "Here's what uncomfortable people don't understand: the discomfort is the yield. Every paper-handed panic seller is handing their future to someone with a longer time horizon and a colder storage device." [...] Earlier, Shielded Labs, a nonprofit developer on the privacy token system, disclosed a critical vulnerability in Zcash's (ZEC) Orchard privacy pool that could have threatened the integrity of the token's supply. The vulnerability, if exploited, could have allowed an attacker to create an unlimited number of counterfeit ZEC tokens, completely undetected. "Think of it as someone secretly gaining access to the Federal Reserve's dollar printing press, except in this case, even the Fed wouldn't be able to tell these extra dollars were printed," wrote Omkar Godbole. Importantly, the vulnerability was discovered with help from Anthropic's recently released Opus 4.8 AI model, raising difficult questions for the entire crypto industry. More to come on that. ZEC is now down 42% over the past 24 hours. On Wednesday, the Zcash Foundation said: "The vulnerability was caught before any known exploitation occurred. There is no evidence of unauthorized value creation. Zcash's turnstile mechanism (which tracks the total ZEC balance across all value pools) confirmed that the total supply remained intact throughout. User privacy was not affected. Sapling and transparent transactions continued operating normally throughout the incident."
  
  
  Read more of this story at Slashdot.
  

• 340 Local News Outlets Now Blocking the Internet Archive
  An anonymous reader quotes a report from Techdirt: Earlier this year Nieman Lab broke the story that major news publishers, including The New York Times, The Guardian, and USA Today Co., had started blocking the Internet Archive for fear that AI companies might scrape the nonprofit's repositories for training data. As one of the last bastions of archival history, that is, in case you're not aware, not very good for the public interest. Four months later and Nieman Lab now notes that the number of news outlets blocking the archive has soared to around 340 organizations: "Our new analysis shows that more than 340 local news sites across the United States are now limiting the Internet Archive's ability to access and preserve their stories. Many sites in our sample are owned by five of the seven largest local news publishers in the country: USA Today Co., McClatchy, Advance Local, MediaNews Group, and Tribune Publishing. The latter two are both subsidiaries of the "vulture hedge fund" Alden Global Capital." [...] Regardless of motivation, hiding whatever local news remains behind paywalls, then blocking it from the Internet Archive, in turn makes it harder for everyone else to do real journalism that relies on the historical record, local journalists tell Nieman Lab: "I cover news within a larger news desert in New York's Rockland, Sullivan, and Rockland counties. This means I need to heavily rely on archival data of old news articles from now deceased, or zombie-fied, media outlets," wrote B.J. Mendelson, the editor of The Monroe Gazette newsletter, in one recent petition signed by over 200 journalists. "Without the Internet Archive, my [work] would be incredibly difficult to do." The Internet Archive says it is listening to the concerns raised by local news outlets, while also partnering with journalism groups to train hundreds of newsrooms on archival preservation: "In December, the Internet Archive partnered with the Poynter Institute and Investigative Reporters and Editors to train a cohort of 33 local and national news outlets on how to develop and implement an archiving strategy. The initiative, funded through a Press Forward grant, aims to train 300 newsrooms in digital preservation and in using the Internet Archive's services by the end of 2027."
  
  
  Read more of this story at Slashdot.
  

• GOV.UK Goes Dutch On Payments As It Dumps Stripe
  The UK's Government Digital Service is replacing Stripe with Dutch payments provider Adyen for many GOV.UK Pay transactions, including local authorities, police forces, and armed forces units. The three-year deal covers about 1,000 services and is meant to make payments more flexible while keeping the user experience largely unchanged. The Register reports: According to the tender notice published in February 2025, the contract covers around 17 percent of payments made through GOV.UK Pay but more than 70 percent of its organizations and includes the only option allowing users to start taking payments within one working day. At that point the contract had an estimated maximum value of £49 million, although with no guarantees over volume. In a blogpost about the contract award on 2 June, GDS said it will migrate around 1,000 services to the new supplier. "We will make migration as straightforward as possible while complying with Know Your Customer legislation that protects everyone from fraud," wrote Alan Maddrell, senior content designer for the service. "Most importantly, there will be no discernible difference for paying users and no loss in functionality." He added that the change of supplier will help introduce new options including pay by bank, which transfers money directly between bank accounts using open banking services and avoids the need to type in card details. GDS will continue to use WorldPay to process payments for central government, linked organizations and NHS bodies.
  
  
  Read more of this story at Slashdot.
  

• BSA Lashes Out At Mandatory Open-Source Licensing
  Longtime Slashdot reader Elektroschock writes: The American Business Software Alliance (BSA) does not consider mandatory open-source licensing to be an appropriate indicator of sovereignty. This is among the "pointed messages" they sent to the French government consultation (closed) today. "What protects Europe is the ability to govern, audit, and mitigate risk, not where a company files its corporate papers," said Thomas Boue of BSA. "Criteria of this kind raise costs, reduce access to best-in-class security solutions, and risk conflicting with the EU's international trade commitments."
  
  
  Read more of this story at Slashdot.
  

• Google Says It Will Replenish More Water Than It Uses At Data Centers
  An anonymous reader quotes a report from 9to5Google: There's been a lot of pushback in recent months around the impact of AI data centers on local communities, with the use of water being a key issue for many. Google, in an expansion of its "water stewardship" programs, is making commitments that include replenishing more water than it uses at its data center sites. AI data centers go through a lot of water use in cooling the hardware used to power models, and Google is no exception. While Google stands by saying that the impact of AI data centers on U.S. water consumption is "small," it also says it is focusing on "protecting local water resources in all aspects of our data center operations." In a post, Google explains five new commitments regarding water use at its data centers in the U.S. These include replenishing more water than is consumed at data centers, helping local utilities to modernize water infrastructure, using air-cooled solutions in areas where watersheds are at risk, "transparently" reporting water use at data centers, and focusing on "alternative and reclaimed" water solutions. [...] In a linked paper (PDF), Google says it will replenish 120% of the water it uses at data center sites by 2030. Google is also committing $17 million to new water stewardship projects in Georgia, Iowa, Michigan, Minnesota, Missouri, Nebraska, and Texas in addition to 165 other projects already in place throughout the U.S.
  
  
  Read more of this story at Slashdot.
  

• Valve Says Steam Machine 'Shipping This Summer'
  Valve says its long-awaited Steam Machine and Steam Frame are both "shipping this summer." The company is also expanding its Verified program beyond Steam Deck to cover the new hardware. "Steam Verified is a developer-focused program where game makers ensure that their titles are capable of running on the Deck (meaning they'll run fine under Linux), that the UI elements and text are readable at standard resolutions, and that sensible default graphics settings are used," notes Tom's Hardware. From the report: The news should ease the worries of many an expecting gamer, given today's constant worries about AI servers slurping every RAM and NAND chip on the face of the earth, as well as Valve's own statements about component scarcity delaying the release. Plus, the company always works on its own schedule, so much so that Valve Time is a term. The release of the Machine has been taking flak, given that while Valve was initially hoping for an estimated $600 to $800 price -- in the ballpark of the higher-end consoles -- the rumored pricing is climbing around or over $1000. This fact is somewhat corroborated by a February statement from a Valve executive who, like most anyone in the world, stated the price revision was due to the AI-driven component shortage.
  
  
  Read more of this story at Slashdot.
  

• ISS Astronauts Told To Prepare For Possible Evacuation Over Air Leak
  NASA ordered astronauts on the International Space Station to shelter in their spacecraft and prepare for possible evacuation after a worsening air leak in the Russian Zvezda service module's transfer tunnel. The Guardian reports: The four astronauts of NASA's Crew-12 mission on the station -- two US astronauts, a French astronaut and a Russian cosmonaut -- received orders from NASA mission control at 9.04am ET (2pm BST) on Friday to enter their Crew Dragon spacecraft docked to the station and don their spacesuits in case the air leak warranted an emergency evacuation, a NASA official said. NASA and Russia's space agency Roscosmos, the station's two primary operators, have debated for months over the cause and potential fixes of small air leaks onboard Russia's Zvezda service module, a key structure of the football-pitch-sized laboratory. The air leaks have been relatively minor in recent months. But on Monday the problem escalated from a pound of air per day to two pounds (0.9kg) a senior Nasa official told Reuters on condition of anonymity. UPDATE: "Roscosmos has paused Friday's structural repair efforts inside the Zvezda service module transfer tunnel, known as PrK, as more measurements and data is assessed," Bethany Stevens, a spokesperson for NASA, posted on X. "Given this development, NASA has instructed the crew members inside the Dragon spacecraft to end the safe haven procedures and return to planned operations aboard the International Space Station. We look forward to working with Roscosmos on a collaborative approach to address the leaks." Developing...
  
  
  Read more of this story at Slashdot.
  

• Used Waymo Robotaxi Batteries Become Backup Storage For Power Grids
  Waymo and B2U Storage Solutions have struck a "strategic supply agreement" to repurpose used batteries from Waymo's electric robotaxi fleet into stationary storage for California and Texas power grids. The arrangement could give robotaxi batteries a second life storing renewable energy after they're no longer suitable for vehicle use. It will also "support B2U projects in regions where Waymo's autonomous robotaxis operate -- meaning the used Waymo batteries could bolster the local power grids that Waymo vehicles rely upon for charging," reports Ars Technica. From the report: Waymo's "proactive maintenance" for its autonomous vehicles includes identifying opportunities to "refresh the battery to improve efficiency overall for our fleet," Adam Lenz, head of sustainability and environment at Waymo, told Ars. "That's when we look to these second-life applications, because there's still a lot of life left in the battery," he said. Waymo did not specify the average mileage at which it swaps out batteries or retires vehicles from service. But Waymo robotaxis drive around much more each day than the typical EV, which means the Waymo fleet is likely to experience faster usage-related degradation of battery capacity over time. The company confirmed to Ars that "some of these vehicles have now been serving riders for years and have mileage beyond what a normal consumer drives." [...] "Put a little haircut on that in terms of degradation and the effective capacity that would be left in those batteries when they're suitable for repurposing, and we're still talking about pretty significant capacity per battery," Hall said. The growing Waymo robotaxi fleet could lead to "pretty large numbers in terms of megawatt hours of capacity that can be deployed pretty quickly" for stationary energy storage supporting power grids, he suggested. The agreement gives Waymo discretion over when and how many used batteries will be turned over to B2U. But the companies confirmed that B2U has "already started receiving smaller initial quantities of batteries" from the Waymo fleet. Over time, the agreement could give B2U "hundreds of megawatt-hours" of additional storage capacity from Waymo's thousands of electric vehicles, Lenz said.
  
  
  Read more of this story at Slashdot.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

Engadget"Engadget - Technology News & Expert Reviews"

• '5D' platformer Screenbound arrives on September 10
  Screenbound lets you control a 2D handheld game and a character in a 3D world at the same time.

• Ithaca is a mysterious road-trip RPG from Bury Me, My Love studio Pixel Hunt
  Ithaca asks how far will players go to save the planet.

• In co-op shooter Lazy River, peeing in the pool turns guests into zombies
  Peeing in the pool is extra dangerous in co-op shooter Lazy River.

• N PLUS INFINITY TIMES TWO threatens to revitalize 2D platforming in 2027
  Metanet is bringing minimalism and precise mechanics to consoles and PC next year.

• Tenebris Somnia adds live-action horror to a retro survival game on October 16
  Airdorf and Andrés Borghi are making one nightmare with two styles of terror.

• Final Fantasy 7 Revelation will launch across all platforms in Spring 2027
  The final chapter will drop simultaneously on PS5, Switch 2, Xbox and PC.

• If Vampire Survivors and Spelunky had a baby, it'd be Messhof's Blood Dungeon
  Blood Dungeon is the latest project from the studio behind Nidhogg.

• You can watch the Among Us animated series right now
  You can watch all ten episodes of the Among Us cartoon on Paramount+.

• Saw: Genesis is a 3-on-1 survival game starring the Jigsaw Killer's predecessor
  Bloober Team is publishing (and also kinda helping develop) a new Saw game.

• Virtua Fighter Crossroads is coming in 2027
  More details on the sixth Virtua Fighter game are coming in a dedicated showcase stream.

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice