All the News that Matters

• Rocky Linux: RLSA-2026:26323 tomcat security update Security Advisories Updates
  Important: tomcat security update

• Rocky Linux: RLSA-2026:25925 valkey security update Security Advisories Updates
  Important: valkey security update

• Rocky Linux: RLSA-2026:26206 fence-agents security update Security Advisories Updates
  Important: fence-agents security update

• Rocky Linux: RLSA-2026:26447 podman security update Security Advisories Updates
  Important: podman security update

• Rocky Linux: RLSA-2026:26410 rsync security update Security Advisories Updates
  Important: rsync security update

• Rocky Linux: RLSA-2026:26455 389-ds-base security Security Advisories Updates
  Important: 389-ds-base security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:26534 dracut security update Security Advisories Updates
  Important: dracut security update

• Rocky Linux: RLSA-2026:26427 kernel security update Security Advisories Updates
  Important: kernel security update

• Rocky Linux: RLSA-2026:26459 389-ds Security Advisories Updates
  Important: 389-ds:1.4 security update

• Rocky Linux: RLSA-2026:26709 xorg-x11-server security Security Advisories Updates
  Important: xorg-x11-server security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:26562 xorg-x11-server-Xwayland security Security Advisories Updates
  Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:26610 xorg-x11-server security Security Advisories Updates
  Important: xorg-x11-server security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:26590 xorg-x11-server-Xwayland security Security Advisories Updates
  Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:26533 dracut security update Security Advisories Updates
  Important: dracut security update

• Rocky Linux: RLSA-2026:25930 postfix security update Security Advisories Updates
  Important: postfix security update

• Rocky Linux: RLSA-2026:26332 rsync security Security Advisories Updates
  Important: rsync security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:26456 389-ds-base security Security Advisories Updates
  Important: 389-ds-base security, bug fix, and enhancement update

• Rocky Linux: RLSA-2026:25999 yggdrasil-worker-package-manager security update Security Advisories Updates
  Moderate: yggdrasil-worker-package-manager security update

• Rocky Linux: RLSA-2026:26228 hplip security update Security Advisories Updates
  Important: hplip security update

• Rocky Linux: RLSA-2026:26532 dracut security update Security Advisories Updates
  Important: dracut security update

• SUSE: 2026:2464-1: important: Security update for python313
  An update that solves five vulnerabilities and has two security fixes can now be installed.

• SUSE: 2026:2465-1: important: Security update for glibc
  An update that solves one vulnerability can now be installed.

• SUSE: 2026:2466-1: important: Security update for azure-storage-azcopy
  An update that solves five vulnerabilities and has one security fix can now be installed.

• SUSE: 2026:2467-1: important: Security update for amazon-ssm-agent
  An update that solves 21 vulnerabilities and contains one feature can now be installed.

• SUSE: 2026:2468-1: important: Security update for amazon-ssm-agent
  An update that solves 21 vulnerabilities and contains one feature can now be installed.

• SUSE: 2026:2461-1: important: Security update for ldns
  An update that solves one vulnerability can now be installed.

• SUSE: 2026:2462-1: important: Security update for ldns
  An update that solves one vulnerability can now be installed.

• SUSE: 2026:2459-1: important: Security update for strongswan
  An update that solves eight vulnerabilities can now be installed.

• SUSE: 2026:2460-1: important: Security update for kubernetes-old
  An update that solves two vulnerabilities can now be installed.

• Debian: DSA-6354-1: libconfig-inifiles-perl
  A flaw was discovered in libconfig-inifiles-perl, a Perl module to read .ini-style configuration files, which may result in the execution of arbitrary shell commands or file overwrite when processing specially crafted file names. For the stable distribution (trixie), this problem has been fixed in

• Debian: DSA-6353-1: gst-libav1.0
  It was discovered that incorrect memory management in the ffmpeg plugin for GStreamer could result in heap memory corruption. For the stable distribution (trixie), this problem has been fixed in version 1.26.2-1+deb13u1. We recommend that you upgrade your gst-libav1.0 packages.

• Debian LTS DLA-4637-1 libconfig-inifiles-perl Critical Arbitrary Exec
  A flaw was discovered in libconfig-inifiles-perl, a Perl module to read .ini-style configuration files, which may result in the execution of arbitrary shell commands or file overwrite when processing specially crafted file names. For Debian 11 bullseye, this problem has been fixed in version

• openSUSE: 2026:2466-1 : azure-storage-azcopy
  An update that solves five vulnerabilities and has one security fix can now be installed.

• openSUSE: 2026:11052-1 : MozillaFirefox-152.0-1.1
  An update that solves 40 vulnerabilities can now be installed.

• openSUSE: 2026:11056-1 : inspektor-gadget-0.53.2-1.1
  An update that solves one vulnerability can now be installed.

• openSUSE: 2026:11060-1 : tinyproxy-1.11.3-3.1
  An update that solves 3 vulnerabilities can now be installed.

• openSUSE: 2026:11057-1 : kubevirt-1.8-container-disk-1.8.3-1.1
  An update that solves 9 vulnerabilities can now be installed.

• openSUSE Tumbleweed Moderate Containerized Data Importer CVE-2024-3727
  An update that solves one vulnerability can now be installed.

• openSUSE Lemon Moderate CVE-2026-11822 CVE-2026-11824 Updates 2026-11059-1
  An update that solves 2 vulnerabilities can now be installed.

• openSUSE Alloy Moderate Security Issue Advisory 2026-11053-1
  An update that solves 14 vulnerabilities can now be installed.

• openSUSE ldns Important DoS Issue Advisory SUSE-2026-2462-1
  An update that solves one vulnerability can now be installed.

• openSUSE StrongSwan Important Security Update DoS Exploits 2026-2459-1
  An update that solves eight vulnerabilities can now be installed.

• openSUSE 2026-2460-1 Kubernetes-Old Important Denial of Service Issues
  An update that solves two vulnerabilities can now be installed.

• Debian libconfig-inifiles-perl Important Arbitrary Command Exec DSA-6354-1
  A flaw was discovered in libconfig-inifiles-perl, a Perl module to read .ini-style configuration files, which may result in the execution of arbitrary shell commands or file overwrite when processing specially crafted file names. For the stable distribution (trixie), this problem has been fixed in

• Debian gst-libav1.0 Moderate Heap Corruption Vulnerability DSA-6353-1
  It was discovered that incorrect memory management in the ffmpeg plugin for GStreamer could result in heap memory corruption. For the stable distribution (trixie), this problem has been fixed in version 1.26.2-1+deb13u1. We recommend that you upgrade your gst-libav1.0 packages.

• SUSE OpenvSwitch Important Heap Over-Read Threat Vulnern 2026-2463-1
  An update that solves two vulnerabilities can now be installed.

• SUSE python313 Important Info Disclosure and Code Exec Fixes 2026-2464-1
  An update that solves five vulnerabilities and has two security fixes can now be installed.

• SUSE 11 SP4 glibc Important Buffer Overflow Vulnern 2026-2465-1
  An update that solves one vulnerability can now be installed.

• SUSE Azure-Storage-AzCopy Important Denial of Service Vuln 2026-2466-1
  An update that solves five vulnerabilities and has one security fix can now be installed.

• SUSE amazon-ssm-agent Major DoS Credential Leak Vulnerability 2026-2467-1
  An update that solves 21 vulnerabilities and contains one feature can now be installed.

• How NVIDIA Vera CPU Performance Compares To The Ampere Altra Max
  Last month on Phoronix was an exclusive first look at the NVIDIA Vera CPU performance compared to prior-generation NVIDIA Grace as well as the current AMD EPYC and Intel Xeon competition. Following that was looking at how the ARM Linux server performance has evolved over the past eight years of AArch64 Linux servers. A Phoronix Premium supporter recently requested wanting to see how Vera compares to Ampere Altra. While Ampere Altra has been in the marketplace now for more than five years, they are some of the most readily available ARM Linux server options for DIY/enthusiast builds given the scarcity of AmpereOne and lack of other readily available socketed ARM CPU options. This article shows how the performance compares between Ampere Altra Max and NVIDIA Vera.

• The Growth of Vulnerability Management: The Rise of Agentic AI Pentesting
  Cybersecurity shifts fast. Manual penetration tests remain valuable, especially for nuanced attack paths and business-logic issues, but they are expensive, point-in-time, and difficult to run continuously. By the time a report is delivered, the environment may have already changed. Automated scanners improved coverage and frequency, but most still rely on known signatures, templated checks, and shallow validation. They can find obvious issues, but they rarely match the adaptive reasoning, chaining, and persistence of a skilled attacker.Platforms like XBOW help security teams move toward continuous validation by running AI-driven tests that mimic large-scale human attackers. This shift moves the focus from periodic assessment and reactive patching toward ongoing exposure management and earlier prevention.

• Godot 4.7 Released With HDR Output Support
  Godot 4.7 is out today as the newest feature release for this leading open-source, cross-platform game engine...

• Claude AI Assists In Fixing Years Old AMD Radeon Linux Display Bug Affecting Numerous Laptops
  A bug in the AMDGPU Linux kernel graphics driver leading to some laptop displays freezing after periods of use may finally be close to being resolved. Given the length and quantity of bug reports and one of the problematic commits being tracked back to 2017, it's a heavy hitting issue for some Linux users. With the help of Claude Code, it looks like a fix is on the way to the Linux kernel...

• Godot 4.7 Open-Source Game Engine Released with Linux Wayland HDR Support
  Godot 4.7 adds HDR output on Linux Wayland, a new Asset Store, AreaLight3D, Android export improvements, shader previews, and more.

• Debian-Based SparkyLinux 2026.06 Rolling Brings Linux Kernel 7.1 Support
  The SparkyLinux team announced today the release and general availability of SparkyLinux 2026.06 as the June 2026 ISO snapshot of the SparkyLinux Rolling edition based on the Debian Testing repositories.

• SonicDE Launches as a KDE-Based Desktop for X11 Holdouts
  SonicDE is a new community project focused on preserving KDE’s X11 desktop components as upstream Plasma moves fully to Wayland.

• Ubuntu Flavors Now Mandated To Participate In Beta Releases For Official Status
  Canonical and the Ubuntu Release Team have implemented an important policy change for Ubuntu flavors moving forward. If they are to have an official release, they must now successfully submit a beta release...

• Tails 7.9 Anonymous OS Rolls Out with Tor Browser and Firmware Updates
  The privacy-focused Tails 7.9 is now available with Tor Browser 15.0.16, updated firmware for newer hardware, and a Secure Boot notification fix.

• SteamOS 3.8.10 Stable Released With Updated Arch, Steam Machine Support & Wayland Desktop Default
  Overnight Valve released SteamOS 3.8.10 into the stable channel. for succeeding SteamOS 3.7. There's a lot happening across the board to their in-house Linux platform for the likes of the Steam Deck and upcoming Steam Machine hardware...

• Native system rollback and snapshot management feature for Fedora 45
  This will enable users on Fedora to finally be able to use a full Btrfs disk configuration without custom work outside of the installer. It will also help with improving the safety of software updates for those using Btrfs by having the system configured to automatically generate full system snapshots and boot entries for those snapshots for rescue/recovery purposes. In addition, this will enable future work on interesting custom alternative approaches for producing appliances (such as appliances built so that they receive updates via btrfs send/receive atomically and re-root) without unusual tooling.Targeted release: Fedora 45

• After Recent AUR Security Scare, Yay 13.0 Adds New Review and Automation Features
  Yay 13.0 adds Lua hooks, PKGBUILD age visibility, and new automation tools following recent concerns over AUR package security.

• AMD's Lemonade AI Server Now Much More Useful With MCP Server Integration
  The open-source Lemonade AI server for "100% free and private" AI usage across Windows and Linux in leveraging AMD Ryzen AI NPUs, Radeon GPUs, and x86_64 CPUs, is now much more powerful with today's v10.8 release...

• Firefox 153 Enters Beta Testing as the Next Extended Support Release Series
  With the release of Firefox 152 rolling out to all supported platforms, Mozilla promoted the next major release, Firefox 153, to the beta channel for public testing, so it’s time to take a look at the new features and improvements.

• Experimental, Reverse-Engineered & AI Assisted Rust Driver Targets Modern DisplayLink Hardware
  The original DisplayLink USB display adapters were great for working with an upstream, open-source driver while sadly the newer DisplayLink tech has been limited to an out-of-tree driver and proprietary user-space daemon. But posted today is an experimental "Vino" driver that is a clean-room, reverse-engineered driver for newer DisplayLink hardware...

• Ubuntu 26.10 Steps into AI with Local Speech-to-Text
  Canonical’s Project Myna brings local speech-to-text dictation to Ubuntu Desktop, starting with the 26.10 (Stonking Stingray) release.

• NVIDIA 595.84 Linux Driver Improves Support for 007 First Light and Other Games
  NVIDIA released today the production-ready NVIDIA 595.84 graphics driver for GNU/Linux, FreeBSD, and Solaris systems to address various bugs and regressions for an improved gaming experience.

• AI/LLM Patch Craziness Having An Impact On ARM64 Linux Kernel Development
  The ongoing rise in AI/LLM-generated patches hitting the mailing lists and affecting development workflows continues to impact Linux kernel development. For the ARM64 architecture updates in Linux 7.2 is an interesting anecdote over over feeling like this activity has "slowed us down a little on the feature side" and having to deal with this AI/LLM patch activity resulted in some features now being postponed from making it for this current Linux kernel development cycle...

• FreeBSD Launches AI-Assisted Project to Find and Fix Vulnerabilities
  With fresh funding from the Linux Foundation’s Alpha Omega initiative, FreeBSD is turning to AI tools and paid security staff to hunt vulnerabilities across its codebase.

• Myna Announced As Speech-To-Text Solution For The Ubuntu Desktop
  Earlier this month plans were shared publicly of Ubuntu 26.10 aiming to build a context-aware desktop with local AI features and one of the first capabilities to be integrated speech-to-text support. Now we have more details on the speech-to-text plans with Canonical announcing the Myna project...

• Amazon Drops Sam Altman Movie After Announcing OpenAI Partnership
  Amazon MGM has dropped Luca Guadagnino's nearly completed Sam Altman biopic Artificial and is seeking another distributor for the film. The move comes months after Amazon expanded its multibillion-dollar partnership with OpenAI, fueling speculation about a potential conflict given the movie's reportedly unflattering portrayal of Altman. The Independent reports: Artificial would have marked the Oscar-nominated Call Me By Your Name director's third Amazon film, following the critically acclaimed Zendaya-led tennis romance Challengers (2024) and the academic scandal drama After the Hunt (2025), starring Julia Roberts. The new movie is said to chronicle the brief period when Altman was abruptly ousted as OpenAI's CEO in 2023 and subsequently rehired. Monica Barbaro and Ike Barinholtz star alongside Garfield as former OpenAI CTO Mira Murati and SpaceX founder Elon Musk, while Yura Borisov, Cooper Hoffman, Jason Schwartzman, Cooper Koch, Billie Lourd, Zosia Mamet, Angus Imrie, Chris O'Dowd, Mark Rylance and Margo's Got Money Troubles breakout Thaddea Graham round out the cast. It is unclear exactly why the film was dropped, but according to Variety, the news came after it had already undergone positive screen tests. An early viewer told the publication that the film's portrayals of Altman and newly minted trillionaire Musk are the two characters audiences would "like the least." It was also reported that Amazon had already seen every early iteration of the script before Guadagnino was hired to direct. Altman and Amazon founder Jeff Bezos have developed a high-profile friendship over the years. In fact, the former was in attendance at Bezos's wedding to Lauren Sanchez, which took place in Venice, Italy, in 2025. In recent months, the two have continued to deepen their professional partnership that began in 2015, when Amazon became one of OpenAI's first investors. Ten years later, the companies closed their first major deal in November 2025, allowing the ChatGPT maker to run its systems on Amazon's U.S. data centers.
  
  
  Read more of this story at Slashdot.
  

• Norway Imposes Near Ban On AI In Elementary School
  Norway will largely prohibit generative AI use for elementary kids ages 6 to 13 beginning with the new school year, while allowing limited, teacher-supervised use for older students. The government says the restrictions are intended to prevent children from skipping foundational reading, writing, and mathematics skills amid declining test scores. Reuters reports: Facing a broad decline in education test scores, the government in 2024 banned smartphones from schools and has given teachers back more powers to enforce discipline in the classroom. Using AI increases the risk that young children skip important steps in their education, Prime Minister Jonas Gahr Stoere told a press conference on Friday. "The most important thing in school is that our children learn to read, write and do mathematics," Stoere said, adding that the new standards will be imposed from the new school year beginning in late August. Pupils from first through seventh grade, aged 6 to 13, should as a general rule not be using AI, while those in lower secondary school, aged 14 to 16, can cautiously adopt tools under teachers' supervision, the government said. In upper secondary education, from ages 17 to 19, students should learn to use AI appropriately so that they are prepared for further education and work, it added. In a related statement, the Norwegian government also said it would propose legislation to fund the use of more books in classrooms, reversing the trend towards computer tablets.
  
  
  Read more of this story at Slashdot.
  

• Doom Composer Bobby Prince Has Died
  Video game composer and sound designer Bobby Prince has died at age 81 following an illness. Developer id software shared the news. Engadget reports: Prince was perhaps best known for his pioneering work on the Doom series. The Library of Congress inducted his soundtrack for the original game into the National Recording Registry just last month. "Despite the limitations of the 1993-era sound card drivers, Prince composed the perfect riff-shredding accompaniment for the game's demon-slaying journey to hell and back," the Library of Congress stated. "Taking advantage of his knowledge of MIDI, Prince even worked to ensure that the sound effects he created could cut through the music by assigning them to different MIDI frequencies." Prince also worked on games such as Wolfenstein 3D, Rise of the Triad and Duke Nukem 3D. In 2006, the Game Audio Network Guild honored Prince with a lifetime achievement award.
  
  
  Read more of this story at Slashdot.
  

• Hyundai Takes Full Control of Boston Dynamics As SoftBank Exits For $325 Million
  Hyundai Motor Group is acquiring SoftBank's remaining 9.65% stake in Boston Dynamics for $325 million, "closing out SoftBank's last piece of Boston Dynamics and turning the Waltham, Massachusetts robotics company into a wholly owned Hyundai business," reports Startup Fortune. From the report: The price is $325 million for the remaining stake, according to the deal terms, and it follows the put option SoftBank retained when Hyundai bought control of Boston Dynamics in 2021. You should read that as a signal, not a footnote. Hyundai paid about $880 million for an 80% stake in Boston Dynamics in the 2021 transaction, valuing the company at roughly $1.1 billion at the time. SoftBank had bought Boston Dynamics from Alphabet in 2017, after Google had acquired the robotics lab in 2013. It was a strange ownership path for a company whose robots became famous on YouTube long before they became obvious commercial products. That part is changing. At CES in Las Vegas on January 5, 2026, Hyundai and Boston Dynamics showed the electric Atlas humanoid robot in public, with the Associated Press reporting that the life-sized robot stood up, walked around the stage and was remotely piloted for the demonstration. The useful detail was not the stagecraft. It was the deployment plan. A production version of Atlas is expected to begin work at Hyundai's electric vehicle plant near Savannah, Georgia, by 2028. [...] If Hyundai can turn that into repeatable manufacturing value, the SoftBank exit will look less like a tidy cleanup and more like the moment Hyundai stopped borrowing a robotics future and decided to own it outright.
  
  
  Read more of this story at Slashdot.
  

• Canada Missed Chances To Inspect OceanGate's Titan Before Fatal Implosion
  An anonymous reader quotes a report from Wired: A report from Canada's Transportation Safety Board has highlighted regulatory failures that allowed OceanGate's unregistered, unflagged, and uncertified Titan submersible to operate out St. John's, Newfoundland, for years before it imploded on a tourist trip to the wreck of the Titanic in 2023. "When it came to the Titan, critical information existed across multiple federal government organizations, but no one was responsible for connecting the dots," says TBS chair Yoan Marier in a statement. "Without a complete picture of the operation, the Titan continued to operate in Canada without regulatory oversight." [...] As OceanGate continued to operate from St. John's in 2021 and 2022, the Titan made successful dives to the Titanic and several sites within Canadian waters. The company eventually interacted with a total of 10 Canadian federal agencies, including Parks Canada, the Department of National Defense, and the Royal Canadian Mounted Police. But the company's operations were never directly reported to the team responsible for marine safety. "In terms of the actual people that were responsible for marine oversight, their focus was on the Canadian support vessel," says TSB investigator Jason Melvin. While TSB investigators did not have access to the wreckage of the Titan itself, which remains with the US Coast Guard, they did analyze portions of the carbon fiber left over from its manufacture. They calculated that a hull made to OceanGate's exact specifications might have been able to make hundreds of millions of dives to Titanic depths before failing. However, the composite samples as built had porosity and waviness between layers and were ground down in a way that might have introduced defects. When the TSB tested the compressive strength of the carbon fiber, it indicated the material could fail in as few as 30 deep dives. [...] The TSB is recommending increased oversight of the riskiest vessels and improvements in information sharing between departments, and is requiring that all human-occupied submersibles be subject to international construction and safety standards.
  
  
  Read more of this story at Slashdot.
  

• New Unpatchable Exploit Targets Apple Devices With A12 and A13 Chips
  Researchers have disclosed a new unpatchable BootROM exploit affecting Apple devices with A12, A13, S4, and S5 chips. The attack requires physical USB access and DFU mode, but can let an attacker run code before iOS loads, bypass signature checks, and boot modified software. 9to5Mac reports the details: In a highly detailed technical post published today, the Paradigm Shift Team details usbliter8, a new exploit that "leverages both a hardware bug in the USB controller and a specific configuration flaw present in the device firmware" and cannot be patched. The PS Team explains that ahead of today's disclosure, it shared its findings and worked with Apple Product Security to coordinate the release. The researchers also thanked Apple's security team for its "prompt response, constructive engagement, and cooperation throughout" the process. In a nutshell, this bug affects the following Apple SoCs: A12, S4, S5, and A13. [...] They add that "technical support for A12X/Z is possible," but "it is not currently implemented." That could add the 2018 and 2020 iPad Pro lineups to the list. The way usbliter8 works is: it sends specially crafted data to a device over USB while it is in DFU mode, confusing the USB controller and causing it to write data to the wrong part of memory. That gives an attacker with physical access to the device control over its startup process. From there, they can run their own code before iOS loads, bypass signature checks, and boot modified system software. Importantly, the exploit does not affect or compromise the device's Secure Enclave, which in practice means that data such as passcodes and encrypted user data remain secure. That said, PS Team says that "although usbliter8 doesn't affect SEP itself, it opens up wider attack vectors to compromise the Secure Enclave," adding that "by releasing this exploit publicly, we hope to highlight the real-world impact of these hardware flaws and contribute to a broader understanding of modern SecureROM security." [...] Given that this is also an unpatchable exploit, the researchers note that "affected users should be aware that migrating to newer hardware remains the most effective mitigation."
  
  
  Read more of this story at Slashdot.
  

• EU To Soon Classify AWS and Azure As Gatekeepers Under DSA
  The European Commission is reportedly preparing to provisionally classify Amazon Web Services and Microsoft Azure as "gatekeepers" under the Digital Markets Act, bringing cloud infrastructure under the law's stricter competition rules for the first time. The designation could require greater interoperability and data portability, making it easier for customers to switch providers, with a final decision expected by the end of 2026. Heise reports: This investigation began in November 2025, when the EU targeted the cloud power of US tech giants. The trigger was outages in cloud services with sometimes significant impacts on other internet services. Shortly before, an approximately 15-hour outage of the AWS cloud in the US meant that not only Amazon's own streaming services but also Atlassian, Docker, Epic Games, and the Signal messenger were unavailable or severely restricted. Shortly thereafter, Microsoft Azure also struggled with an outage, preventing air passengers from checking in and interrupting votes in the Scottish Parliament. As a result, European antitrust authorities have also scrutinized cloud services under the Digital Markets Act for the first time. The major cloud providers, primarily from the US, have so far evaded the EU's Digital Markets Act because a large part of their business is handled through corporate contracts. This makes it difficult to determine the number of individual users. However, this is one of the EU's most important criteria for determining the market power of companies. [...] As gatekeepers, AWS and Azure would be obliged to ensure interoperability and data portability. This would, for example, simplify switching cloud providers and allow customers to link other services with AWS or Azure clouds, instead of being limited to AWS and Azure offerings. Significant fines could also be imposed if the cloud services are found to be in violation of existing regulations.
  
  
  Read more of this story at Slashdot.
  

• The Korean Telecom Giant At the Center of Anthropic's Mythos Controversy
  An anonymous reader quotes a report from Wired: The Trump administration's move to impose export controls on Anthropic's most powerful AI technology followed a spat over the company granting South Korean telecom giant SK Telecom access to its Claude Mythos model, according to people familiar with the matter. US officials were concerned about what they alleged were SK Telecom's ties to China, those people said. Those concerns appear to have compounded when Amazon later flagged vulnerabilities to the White House it identified in Fable 5, a highly safeguarded version of Mythos that Anthropic released to the public on June 9. The Amazon researchers claimed that it was possible to circumvent some of Fable 5's guardrails and access Mythos' formidable cybercapabilities, though Anthropic and outside cybersecurity experts have argued these risks are not unique to Claude. The confluence of events is what ultimately led the White House to determine that it could not trust Anthropic to safeguard its most advanced AI technology, according to a person close to the administration. On Friday, the Trump administration ordered Anthropic to revoke access to Mythos and Fable 5 for all foreign nationals, including immigrants inside the US. Rather than gate access to its technology based on nationality, a process that would be difficult to implement while also preserving privacy, Anthropic decided it was better to disable access to the models entirely. The White House and Anthropic still remain at odds after days of negotiations about bringing Claude Mythos and Fable 5 back online. SK Telecom was one of roughly 150 organizations granted early access to Anthropic's vulnerability-detection model Claude Mythos through Project Glasswing, notes Wired. The White House later asked Anthropic to revoke the company's access, reportedly amid concerns about alleged China ties, and Anthropic immediately complied. There was, however, no mention of the telecom in the government's formal demand to restrict Mythos and Fable 5 to U.S. nationals. SK Telecom told a Korean newspaper that the "anonymous insider's remarks in foreign media lack verified facts, and our company has no ties to China."
  
  
  Read more of this story at Slashdot.
  

• Meta Lobbies Congress For Protection From Child-Harm Lawsuits
  Longtime Slashdot reader schwit1 shares a report from Reuters: Meta has lobbied the U.S. Congress for legal immunity from child-harm claims tied to social media products such as Instagram, as it faces thousands of lawsuits from young users and their families, according to a source familiar with the matter and proposed legislative language reviewed by Reuters. If adopted by lawmakers and passed into law as part of the Kids Online Safety Act (KOSA) under consideration in the U.S. Senate, such a provision could undermine thousands of lawsuits against Meta and other online platforms over harms to children. Meta and Google's YouTube face a combined $6 million in damages after they lost the first case at trial early this year. While legislators have given no indication of adopting the language, the lobbying effort shows the kind of legal protections Meta is seeking amid the biggest attempt to regulate online platforms in the U.S. since the 1990s. Meta has reportedly proposed the language in exchange for dropping its opposition to KOSA. Under the law, platforms would be required to mitigate harms to minors tied to features such as infinite scrolling, notifications, and appearance-altering filters.
  
  
  Read more of this story at Slashdot.
  

• NASA Picks Eric Schmidt's Rocket Company For Mars Mission
  NASA has selected Relativity Space to build and launch Aeolus, a 2028 Mars orbiter that would provide daily global measurements of dust, winds, and atmospheric temperatures to support future robotic and human missions. TechCrunch reports: The structure of the contract is akin to the deals that NASA made with SpaceX to fly cargo to the International Space Station, or Firefly Aerospace to put a lander on the Moon. The government agency handles the science, while the private company provides low-cost infrastructure. Aeolus, as the mission is dubbed, will contain four instruments to measure and image Mars from orbit, providing what NASA expects to be the first daily, global view of dust, winds, and temperature in its atmosphere. The agency said that data will make it safer for landers and, someday, astronauts, to visit the surface of the Red Planet. By pairing NASA's world-class instruments with commercial innovation and investment, we can deliver more science, more often, and reduce the time it takes to get essential data into the hands of researchers preparing for future human missions to Mars," NASA administrator Jared Isaacman said in statement. The mission is set to launch in 2028 -- a rapid pace that will require Relativity to design and build the spacecraft to carry the Aeolus instruments, and finish building the rocket that will carry it to space, all on a tight timeline. NASA did not disclose how much it is paying Relativity for the mission, and Relativity did not respond to questions from TechCrunch. Relativity was founded in 2015 by two former SpaceX and Blue Origin engineers, with the idea of using 3D printing to its maximum potential as a path to building a cheaper rocket. The company's first design, Terran-1, launched in March 2023 and failed mid-flight. Relativity doubled down by moving on to a larger design, dubbed the Terran R. Before Relativity could get it to the launch pad, the company ran into fundraising challenges, and Schmidt took a majority stake in the company in it last year, installing himself as CEO. He's been tight-lipped about the investment but has expressed interest in orbital data centers, and is thought to be using Relativity to launch a space telescope, Lazuili, financed by his family philanthropy, Schmidt Sciences.
  
  
  Read more of this story at Slashdot.
  

• Rolls-Royce Secures Deal To Build Small Nuclear Reactors For Sweden
  Rolls-Royce SMR has secured a multibillion-pound agreement to build three small modular reactors on Sweden's west coast, "marking a major step in the British engineering group's ambition to become a leading supplier of the technology in Europe," reports Euronews. From the report: Following a rigorous selection process that started in 2022, UK engineering giant Rolls-Royce's nuclear division, Rolls-Royce SMR, won the contract to build nuclear reactors for Sweden. As part of the deal, the group, selected by Videberg Kraft as its partner, will deliver three Small Modular Reactors (SMRs) to Sweden's west coast, at the Varo Peninsula. "The Videberg Project will build Sweden's first new nuclear power plant in more than forty years, supporting industries and households in southern Sweden," a press statement from Rolls-Royce said. The partnership with utility Vattenfall and developer Karnfull Next is seen as one of the most advanced opportunities for deployment outside of the UK. [...] The European Commission considers small modular reactors (SMRs) to be a promising low-carbon technology that could help support the bloc's clean energy and energy security goals. In order to remove regulatory barriers, the EU's SMR strategy was adopted in March 2026 to accelerate the development and deployment of the technology across Europe. SMRs are smaller than conventional nuclear power plants, typically generating between 20 and 300 megawatts of electricity. At the upper end of that range, a reactor could produce around 7.2 million kilowatt-hours of electricity per day -- enough to power hundreds of thousands of homes. The International Energy Agency (IEA) estimates that more than 1,000 small modular reactors could be deployed worldwide by 2050 under a supportive policy scenario, requiring cumulative investment of around $670 billion.
  
  
  Read more of this story at Slashdot.
  

• Trump Admin Backs Off Plans To Kill Ocean Monitoring
  An anonymous reader quotes a report from The Guardian: In May, the federal government announced without warning that it would take apart a network of ocean monitoring systems that it had spent over $350 million to build. No reason was given for the decision to shut down the Ocean Observatories Initiative (OOI), but suspicion immediately focused on the network's role in tracking climate change. But the OOI also provides data that's useful for weather forecasting and fisheries management, leading to widespread opposition. Today, it appears that the opposition has won, as the government will announce that it's reversing the decision. The big remaining question is how much damage the OOI took during the intervening month. [...] The OOI is a federally supported resource that provides ocean data for use by academic researchers, government planners, and private companies. It consists of arrays of monitoring systems in several locations in both the Atlantic and Pacific Oceans that can track things like currents, salinity, chemical levels, temperatures, and tectonic activity. (There are over 100 individual entries on the page that display the data gathered by the system.) Obviously, there are many potential uses of that data. The fact that it has been gathered continuously for a decade means it can help track changes in how carbon dioxide and heat enter the oceans. This is probably what made it a target for the climate change denialists who helped set the Trump administration's policy. Those policymakers are perfectly happy to annoy people with environmental concerns, but they apparently neglected to consider how upset everyone else would be about losing access to the other data. The ensuing public backlash led the Senate on Wednesday to unanimously agree with a measure that would block the government from taking down the OOI. Today's decision may indicate that the administration recognized it had gotten itself into a fight it knew it was losing. The National Science Foundation formally announced the decision, stating: "effective immediately, [it] will not proceed with further removal or descoping of equipment from the remaining arrays and will continue operations including planned maintenance." The agency added that it "appreciates the concerns raised by the range of stakeholders that have informed us they rely on data" from the OOI. The NSF also said it would "issue a Dear Colleague Letter to collect input from stakeholders and convene an expert panel to assess observational needs, evaluate available data sources, consider responses ... and help the agency identify a sustainable path for NSF's ocean observing systems."
  
  
  Read more of this story at Slashdot.
  

• Adobe Adds Its AI Assistant To Premiere, Illustrator and InDesign
  Adobe is expanding its Firefly AI assistant into Premiere, Illustrator, InDesign, and Frame.io, where it can automate all sorts of tasks such as organizing clips, renaming assets, adding interview markers, rearranging layers, and finding missing fonts. It's available starting today as part of a public beta. TechCrunch reports: Adobe is slowly transforming Firefly to increasingly resemble Canva, at least when it comes to AI features, loading up the app with AI tools that can generate images, videos and storyboards. The company is now adding a new feature called Elements that can save AI-generated characters, objects and locations for later use. Firefly is also getting a Projects feature that can store existing assets in one place, and share context. This could be useful for teams creating a video series or brand campaigns. Both of these features are currently available in a private beta. The company said users can now describe a brand and its style, or upload existing collateral, in Firefly to have it generate a brand kit, complete with logos, brand identity and color palettes, or even generate product videos from photos. Users can also create storyboards to create videos.
  
  
  Read more of this story at Slashdot.
  

• California 'Billionaire Tax' Makes Ballot Despite Opposition From Tech Moguls
  California's proposed "billionaire tax" has gathered enough signatures to qualify for the November ballot, setting up a major fight between labor unions and some of Silicon Valley's richest figures. From the report: The California Billionaire Tax Act, colloquially known as the billionaire tax, would levy a one-time 5% tax on any California resident worth more than $1bn. The proposal is backed by the Service Employees International Union-United Healthcare Workers West as a means of funding California's strained healthcare and education programs. The proposal has become one of the state's biggest political flashpoints as it gained momentum throughout the year, with prominent billionaires, such as the Google co-founder Larry Page, making moves to cut ties with the state and Newsom vowing to block it from going to a vote. Although it has gained enough signatures for the ballot, the groups backing the measure have until June 25 to decide whether to move forward or potentially strike a deal with the state. While unions backing the group have framed the proposal as a way of getting the ultra-rich to pay their fair share, many of the state's tech elites have condemned the tax and spent millions attempting to crush it. The Google co-founder Sergey Brin has spent $82m alone on efforts to fight the tax, while joining other Silicon Valley billionaires in declaring he will leave California if it goes through. The Palantir co-founder Peter Thiel, crypto billionaire Chris Larsen and Ring founder James Siminoff are among the other tech moguls who have made huge political donations to groups opposing the tax. California has the most billionaires out of any state, many of whom have increased their wealth in recent years amid the AI boom.
  
  
  Read more of this story at Slashdot.
  

• Midjourney Pivots From AI Image Generation To Body Scanning Medical Spa
  Midjourney is expanding beyond AI image generation with plans for a medical-imaging business built around a water-based, full-body ultrasound scanner that uses hundreds of thousands of sensors and AI to reconstruct MRI-like images. "As you descend into the water, hundreds of thousands of tiny elements take turns, sending out waves, listening together, compressing and then streaming data to a massive cluster where thousands of computers split the task," Midjourney explained in the announcement. "By looking at how the shapes of all the waves change, we reconstruct a detailed map or 'image' which basically lets us figure out what's in there." The company hopes to open a San Francisco scanning "spa" in late 2027, with 50,000 or more deployed around the world by 2031. The Register reports: It's not clear how fast the process is with the prototype unit, but Midjourney said its goal is for the whole thing to take around a minute. "We think it's completely possible that with enough early imaging in the future, the world could avoid 30% of all deaths and 50% of all healthcare costs," the company added. According to a "technical" video included in the announcement, there's a ring of 40 scanners included in the prototype unit the company has built. That ring of 40 elements contains 358,000 ultrasonic elements made up of tiny transducers that create ultrasound waves in water while listening for how they change when they slap the body of whoever is in Midjourney's dunk tank up to a thousand times a second. [...] Midjourney said that it's planning to open its first ultrasound scanner spa at the end of 2027, but it has another hurdle to jump: FDA approval. Beyond improving its tech so that the second-generation scanner is ready for its 2027 spa date, "regulation is the next limit," the company said. "Normally, for every diagnostic medical capability you need FDA approval," Midjourney explained. "We're starting by just giving you detailed body composition maps -- and we'll be submitting regular test results to the FDA for increased capabilities." Midjourney also fails to mention how it will store and secure those scans, whether it will use said scans to train its body composition-detection algorithms, and how it's ensuring those algorithms get things right that it usually take a human a few years of education and training to learn.
  
  
  Read more of this story at Slashdot.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

Engadget"Engadget - Technology News & Expert Reviews"

• Do fitness trackers still work if you have tattoos?
  The short answer is: sometimes, but it's complicated.

• Norway imposes broad restrictions on AI for elementary school kids
  Norway will reportedly ban young kids from using AI in schools.

• Doom composer Bobby Prince has died
  Bobby Prince, composer for Doom and other classic shooters, has died.

• Why people might ditch their smartwatches for something simpler
  Not everyone wants a screen on their wrist.

• Toy Story 5 is a surprisingly thoughtful critique of technology
  Toy Story 5 introduces a tablet as a villain, but it9s also smart enough to realize tech isn9t always bad. Parents just need to step up.

• Amazon won't release Sam Altman biopic focused on OpenAI's 2023 leadership crisis
  Luca Guadagnino's Sam Altman biopic has to find a new studio after Amazon dropped it.

• Amazon is investigating three employees who spoke out against building more AI data centers
  The engineers who spoke negatively about AI data centers at Seattle city hearings accuse Amazon of threatening their jobs over their testimonies.

• At least one UK government department is reportedly done with X
  UK attorney general Richard Hermer told his staff his office was quitting X, according to The Guardian and The Observer.

• Are you prepared to wait until 2027 for a Steam Controller?
  In an update, Valve says it may not ship some Steam Controller orders until next year.

• 2028 Mercedes-Benz VLE first drive: Your 8K living room on wheels has arrived
  With 416 horsepower, a 31-inch 8K screen and Dolby Atmos, Benz's electric 4Grand Limousine4 might just make minivans cool.

• Google has discontinued the Nest Home Mini and Nest Audio
  On to the next one.

• Rivian faces a class action lawsuit over self-driving in its early vehicles
  Rivian is being sued over the self-driving capabilities of its early vehicles, or lack thereof.

• Instagram now lets you add a unique caption to each carousel slide
  Instagram carousels can now be up to 20 slides with 20 unique captions.

• How to pay with Google Wallet using your Samsung Galaxy Watch
  You don9t have to have a Pixel Watch to use Google Wallet. Here9s how to set it up on your Galaxy Watch.

• Apple opens up third-party app stores in Brazil
  Third-party iOS app stores are coming to Brazil.

• Apple TV will broadcast the Formula 1 Austrian Grand Prix for free
  Apple TV will show Formula 19s Australia Grand Prix for free, even to non-subscribers.

• Google Calendar lets you use any color you want for your events
  Your Google Calendar is about to get a lot more colorful.

• Akai refreshes the MPC One and Key 37 workstations
  Akai updates the MPC One and Key 37 with better processors, additional RAM and more storage.

• GTA 6 pre-orders open on June 25
  Pre-orders for Grand Theft Auto 6 open in just one week.

• Old iPods are making a comeback thanks to Gen Z
  Now bring back the Microsoft Zune, I double dare you.

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice