NTLUG | Main / All the News that Matters browse

Show Descriptions... (Show All /All+Images) (Single Column)

Ubuntu 22.04 LTS curl Important Network Exposure Advisory USN-8227-1
curl could be made to expose sensitive information over the network.

Ubuntu 22.04 LTS Exim Critical Remote Code Exec Issues USN-8228-1
Several security issues were fixed in Exim.

Ubuntu 26.04 LTS Sed Critical Overwrite Risk USN-8229-1 CVE-2026-5958
sed could be made to overwrite files.

Debian 11 Thunderbird Important Exec Code Threat DLA-4562-1 CVE-2026-7320
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For Debian 11 bullseye, these problems have been fixed in version 1:140.10.1esr-1~deb11u1. We recommend that you upgrade your thunderbird packages.

Oracle7 ELSA-2026-50255 kernel Copy Fail Important
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Oracle8 ELSA-2026-50255 kernel Copy Fail Important
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Alpine Linux systems currently offline
The Alpine Linux account on fosstodon.org reportsthat all systems hosted at Linode, including its GitLab instance,"are suspended at the moment due to some billing issue". Theyare working to get it resolved, but in the meantime all of theirservices appear to be down.

Update: Alpine Linux's servers are back online.

[$] Bug-monitoring expectations and Fedora GNOME packages
For a number of years, users submitting bugs reports against GNOME packages in Fedora havereceived an auto-reply saying that the reports were not activelymonitored; users were encouraged to file bugs with GNOME upstream instead. However,that practice seems to be in conflict with the Fedora Engineering SteeringCommittee (FESCo) policythat package maintainers "deal with reported bugs in a timely manner". OnApril 28, FESCo discussed the disconnect between practice and policy; so far,it has only opted to tweak the wording of the automatic response.

NetHack 5.0.0 released
Version 5.0.0of the NetHackdungeon-exploration game, a distant relative of Rogue andHack, has been released. NetHack's code is now compliant with theC99 standard, and the release includes more than 3,100bug fixes and changes, detailed in doc/fixes5-0-0.txt(may contain game spoilers). Saved games from previous versions willnot work with NetHack 5.0.0.

Security updates for Monday
Security updates have been issued by AlmaLinux (kernel, libcap, libtiff, sudo, and thunderbird), Debian (dovecot, imagemagick, incus, kernel, libexif, linux-6.1, openjdk-25, pyasn1, python-aiohttp, and thunderbird), Fedora (chromium, firefox, GitPython, glibc, insight, krb5, nano, nss, openssh, openvpn, perl-CryptX, python3.14, rust-openssl, rust-openssl-sys, rust-sequoia-git, and xen), Oracle (dtrace, fence-agents, grafana-pcp, libcap, libtiff, sudo, and xorg-x11-server-Xwayland), Red Hat (buildah, fence-agents, firefox, java-11-openjdk with Extended Lifecycle Support, LibRaw, nodejs24, nodejs:24, openssh, python-pyasn1, resource-agents, thunderbird, tigervnc, xorg-x11-server, and xorg-x11-server-Xwayland), Slackware (mozilla), and SUSE (avahi, curl, freeipmi, freerdp, google-guest-agent, google-osconfig-agent, gvim, helm, himmelblau, java-1_8_0-openjdk, kernel, krb5-appl-clients, libsodium, libssh, libtiff-devel-32bit, ntfs-3g_ntfsprogs, openCryptoki, openexr, ovmf, PackageKit, python-jwcrypto, python-Mako, python-PyNaCl, python311, python311-pypdf, sed, trivy, and vim).

Kernel prepatch 7.1-rc2
The second 7.1 kernel prepatch is out fortesting. "It's not small, and while it's a bit early to say for sure, Ido suspect we're seeing the same continued pattern of more patches thanusual - probably due to AI tooling - that we saw in 7.0."

Eden: NHS goes to war against open source
Terence Eden reportsthat the UK's NationalHealth Service (NHS) is preparing to close almost all of its open-source repositories as aresponse to LLM tools, such as Anthropic's Mythos, becoming moresophisticated at finding security vulnerabilities. He does not, to putit mildly, agree with the decision:

The majority of code repospublished by the NHS are not meaningfully affected by any advancein security scanning. They're mostly data sets, internal tools,guidance, research tools, front-end design and the like. There isnothing in them which could realistically lead to a securityincident.

When I was working at NHSX during the pandemic, we were soconfident of the safety and necessity of open source, we made sure theCovid Contact Tracing app was open sourced the minute it was availableto the public. That was a nationally mandated app, installed onmillions of phones, subject to intense scrutiny from hostile powers -and yet, despite publishing the code, architecture and documentation,the open source code caused zero securityincidents.

Furthermore, this new guidance is in direct contradiction to theUK's TechCode of Practice point 3 "Be open and use open source" whichinsists on code being open.

[$] Version-controlled databases using Prolly trees
Modern database and filesystems make pervasive use ofB-trees, which are treestructures optimized for storing sorted lists of keys and values on blockdevices.Dolt is an Apache 2.0-licensed project that makes clever use of avariant of a B-tree to support efficient version control for an entire database.The data structure it uses could well be of interest to other projects.

Security updates for Friday
Security updates have been issued by AlmaLinux (fence-agents), Debian (chromium, dovecot, and kernel), Fedora (chromium, dotnet10.0, dotnet8.0, dotnet9.0, emacs, glow, jfrog-cli, openbao, pyp2spec, python3.6, rust-rustls-webpki, vhs, and xen), Oracle (grafana, grafana-pcp, PackageKit, sudo, vim, and xorg-x11-server), Red Hat (rhc), SUSE (avahi, bouncycastle, chromium, container-suseconnect, firewalld, gdk-pixbuf, grafana, java-25-openjdk, kernel, libixml11, libmozjs-140-0, libpng12-0, libsodium, libssh, mariadb, Mesa, ntfs-3g_ntfsprogs, openCryptoki, openexr, packagekit, prometheus-postgres_exporter, python-jwcrypto, python-mako, python-Pygments, python-pynacl, python311, python311-pyOpenSSL, python315, radare2, sed, and vim), and Ubuntu (kmod and zulucrypt).

[$] Restartable sequences, TCMalloc, and Hyrum's Law
Hyrum's Law states that anyobservable behavior of a system will eventually be depended upon bysomebody. The kernel community is currently contending with a cleardemonstration of that principle. The recent work to address some restartable-sequencesperformance problems in the 6.19 release maintained the documented APIin all respects, but that was not enough; Google's TCMalloclibrary, as it turns out, violates the documented API, prevents other codefrom using restartable features, and breaks with 6.19. But the kernel'sno-regressions rule is forcing developers to find a way to accommodateTCMalloc's behavior.

GCC 16.1 released
Version16.1 of the GNU Compiler Collection (GCC) has beenreleased.
The C++ frontend now defaults to the GNU C++20 dialect and the correspondingparts of the standard library are no longer experimental. SeveralC++26 features receive experimental support, including Reflection(-freflection), Contracts, expansion statements and std::simd.
Other changes include the introduction of an experimental compilerfrontend for the Algol68 language,ability to output GCC diagnostics in HTML form, and more.

Seven new stable kernels for Thursday
Greg Kroah-Hartman has released the 7.0.3, 6.18.26, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254 stable kernels. The 7.0.3 and6.18.26 kernels only contain fixes needed for Xen users; the others,though, have backported fixes for the recently disclosed AEAD socket vulnerability. Kroah-Hartman advisesthat all users of the other kernel series must upgrade.

Security updates for Thursday
Security updates have been issued by AlmaLinux (buildah, firefox, gdk-pixbuf2, giflib, grafana, java-1.8.0-openjdk, java-21-openjdk, LibRaw, OpenEXR, PackageKit, pcs, python3.11, python3.12, python3.9, sudo, tigervnc, vim, xorg-x11-server, xorg-x11-server-Xwayland, yggdrasil, and yggdrasil-worker-package-manager), Debian (calibre, firefox-esr, and openjdk-17), Fedora (asterisk, binaryen, buildah, dokuwiki, lemonldap-ng, libexif, libgcrypt, miniupnpd, openvpn, podman, python3.9, rust-rpm-sequoia, skopeo, and xdg-dbus-proxy), Red Hat (buildah, gdk-pixbuf2, and nodejs:20), SUSE (dnsdist, libheif, openCryptoki, polkit, sed, and xen), and Ubuntu (linux-bluefield, python-marshmallow, and roundcube).

[$] LWN.net Weekly Edition for April 30, 2026
Inside this week's LWN.net Weekly Edition:
Front: Famfs; Python packaging council; Zig concurrency; pages and folios; Strawberry music manager; 7.1 merge window. Briefs: GnuPG 2.5.19; Copy Fail; Plasma security; Fedora 44; Ubuntu 26.04; Niri 26.04; pip 26.1; RIP Seth Nickell; RIP Tomáš Kalibera; Quotes; ... Announcements: Newsletters, conferences, security updates, patches, and more.

A security bug in AEAD sockets
Security analysis firm Xint has disclosed a security bug in the Linux kernelthat allows for arbitrary 4-byte writes to the page cache, and which has beenpresent since 2017.The vulnerability hasbeen fixed in mainline kernels. A proof-of-concept script demonstrates how to use the flaw to corrupt a setuidbinary, which works onmultiple distributions, by requesting an AEAD-encrypted socket from user spaceand splicing a particular payload into it.A supplemental blogpost gives more details about the discovery and remediation.
A core primitive underlying this bug is splice(): it transfers data between filedescriptors and pipes without copying, passing page cache pages by reference.When a user splices a file into a pipe and then into an AF_ALG socket, thesocket's input scatterlist holds direct references to the kernel's cached pagesof that file. The pages are not duplicated; the scatterlist entries point at thesame physical pages that back every read(), mmap(), andexecve() of that file.

[$] Python packaging council approved
The Python packaging world now has a formalgovernance council, of the form described in PEP 772 ("PackagingCouncil governance process"), which was approvedby the steering council on April 16. It has been over a yearsince the PEP was first proposed in February 2025 and it has undergonelengthy discussions in multiple postings to the Python discussion forum. Thepackaging council will have "broad authority over packaging standards,tools, and implementations"; it will consist of five members who willbe elected in a vote that is likely to come in June—after PyCon US 2026 is held mid-May.

Arch-Based Omarchy 3.7 Released with Steam, RetroArch, Lutris, and Heroic Launcher
Omarchy 3.7 arrives as The Gaming Edition, adding Steam, RetroArch, Lutris, Heroic, Moonlight, Xbox Cloud Gaming, and more.

Linux File-System Proliferation A Burden: Requirements Laid Out For Any Future File-Systems
The growing number of file-systems within the Linux kernel source tree is causing an ongoing burden for upstream developers maintaining the virtual file-system (VFS) code around it and associated code. As a result of the continuing rise of new file-systems being proposed for the Linux kernel, documentation is being introduced to establish clear guidelines for getting new file-systems accepted into the mainline kernel...

Linuxiac Weekly Wrap-Up: Week 18, 2026 (Apr 27 – May 3)
Catch up on the latest Linux news: Fedora 44, EndeavourOS Titan Neo, APT 3.3, Arch Linux May ISO, Wine 11.8, GCC 16, Copy Fail Linux kernel flaw, and more.

MSI MS-CF27 3.5-inch SBC with Alder Lake-N, quad GbE, and triple display
Following earlier platforms such as the MS-CF16 V3.0 and MS-CF19, MSI has introduced a new 3.5-inch SBC based on Intel Alder Lake-N, Twin Lake-N, and Amston Lake processors, continuing its focus on fanless, low-power, wide-voltage embedded systems with expanded connectivity and I/O. Processor options include the Intel Processor N97, Core i3-N305, Amston Lake x7433RE, and […]

VideoLAN Releases dav2d 0.0.1 as Early Preview AV2 Decoder
VideoLAN releases dav2d 0.0.1 “Merbanan,” an early preview AV2 decoder and successor to its widely used dav1d AV1 project.

Linux 7.1-rc2 Released With Audio Fix For Steam Deck OLED, Other Fixes
Linux 7.1-rc2 is out for testing with its accumulation of initial bug and regression fixes that have been collected over the past week since the Linux 7.1 merge window was capped off...

9to5Linux Weekly Roundup: May 3rd, 2026
The 290th installment of the 9to5Linux Weekly Roundup is here for the week ending May 3rd, 2026, keeping you updated on the most important developments in the Linux world.

Adiuvo Explorer Board aims to bring Artix UltraScale+ FPGA to $99 platform
Adiuvo is developing the Explorer Board, a compact FPGA platform built around the Artix UltraScale+ AU7P, targeting embedded, signal processing, and high-speed I/O applications. The design aims to provide access to UltraScale+ capabilities at a lower price point. The design is based on the AU7P FPGA, which provides approximately 37K LUTs, 75K flip-flops, 216 DSP […]

Many Exciting Google Summer of Code 2026 Projects & A Lot Of AI
This week Google announced the selected Google Summer of Code "GSoC" 2026 projects for providing stipends to student developers for engaging in different open-source projects. This year a lot of open-source projects involve AI/LLM adoption but there are also a number of other interesting student projects at large from GNOME Mutter GPU reset recovery to adding new features to FreeBSD...

NHS England May Make Public GitHub Repositories Private Over AI Concerns
National Health Service England reportedly plans to make most public code repositories private over AI-assisted vulnerability scanning concerns.

Mullvad Browser is a Tor Browser without a Tor Network
Discover Mullvad Browser, a collaborative effort by Mullvad VPN and the Tor Project, ensuring unparalleled privacy by eliminating tracking and fingerprinting.

OnlyOffice Just Learned You Can't Fake Open Source (And the Internet Isn't Happy)
OnlyOffice added a licensing trap to prevent forks while claiming to be open source. Now a coalition of European tech companies is calling their bluff with Euro Office-and the FSF says they're right

Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others
Found by Xint Code, the Copy Fail (CVE-2026-31431) security vulnerability, which could allow a local user to elevate privileges to the root user, has been patched in Debian, Ubuntu, AlmaLinux OS, and other popular distributions affected by this flaw.

New NTFS Driver Sees More Fixes With Linux 7.1-rc2
One of the most prominent changes with the upcoming Linux 7.1 kernel release is the introduction of the new NTFS driver in the Linux 7.1 kernel. This new driver provides more features and better performance than the Paragon NTFS3 driver that's been in the kernel the past few years and far better off than the original NTFS read-only driver that previously was in the kernel and for which this new driver is based. Needless to say it's also a big improvement over the NTFS-3G user-space FUSE driver too...

Wireshark 4.6.5 Fixes Multiple Vulnerabilities and Updates Protocol Support
Wireshark 4.6.5 open-source network protocol analyzer is now available for download with updated protocol and capture file support, fixes for multiple security vulnerabilities, and various bug fixes.

GCC 16.1 Released as First GCC 16 Series Release with C++20 Default
GCC 16.1 arrives as the first GCC 16 release, switching the default C++ dialect from GNU C++17 to GNU C++20.

Linux Kernel Tainted by Software Patents That Make Linux Worse and the 'Linux' Foundation is Compiling Bribes to Enable This (Promotion of Monopolies and Tolerance of Software Patenting)
Why you need to reboot when a serious bug is found in Linux? "Licensing"...

LibreOffice 26.2.3 Open-Source Office Suite Released with More Than 40 Bug Fixes
LibreOffice 26.2.3 is now available for download as the third point release to the LibreOffice 26.2 office suite series with 43 bug fixes.

AMD's GAIA Defaults To Better Model, Continued Improvements For Local AI
AMD software engineers on Friday released a new version of GAIA "Generative AI Is Awesome" as their open-source software for Windows and Linux leveraging the Lemonade SDK and aiming to make it easy to build AI agents on your PC with all local AI processing across AMD's CPUs, GPUs, and NPUs...

What's New for Fedora Atomic Desktops in Fedora Linux 44
Fedora Linux 44 has been released! So, let’s see what is included in this new release for the Fedora Atomic Desktop variants (Silverblue, Kinoite, Sway Atomic, Budgie Atomic and COSMIC Atomic). Changes for all Atomic Desktops Issue tracker moved to the new Fedora forge We have moved the cross-variants issue tracker to the new Fedora […]

Linux Insider"LinuxInsider"

Super Productivity App: The Closest Ive Come to a Workflow That Sticks
Super Productivity stands out with flexible workflows, offline-first design, and free syncing. It adapts to how you work instead of forcing structure, making it one of the most practical tools I've used. The post Super Productivity App: The Closest Ive Come to a Workflow That Sticks appeared first on LinuxInsider.

ClusterAPI Simplifies Provisioning but Leaves Ops Gaps
ClusterAPI simplified Kubernetes provisioning, but operations remain complex. Teams still must correlate fragmented signals across systems, driving demand for AI-driven visibility and faster issue resolution. The post ClusterAPI Simplifies Provisioning but Leaves Ops Gaps appeared first on LinuxInsider.

Percona, Chainguard Advance Secure-by-Default Open-Source Databases
Percona and Chainguard aim to cut CVE patching and reduce overhead with secure-by-default images for open-source databases. The post Percona, Chainguard Advance Secure-by-Default Open-Source Databases appeared first on LinuxInsider.

Rocky Linux Expands Into Enterprise AI Infrastructure
CIQ is expanding Rocky Linux with enterprise and AI-focused versions designed to simplify deployments and improve GPU performance. The post Rocky Linux Expands Into Enterprise AI Infrastructure appeared first on LinuxInsider.

The Patching Paradox Driving Most Breaches
More than half of breaches occur after fixes are available, revealing an execution gap as delayed patching turns known vulnerabilities into ongoing enterprise risk. The post The Patching Paradox Driving Most Breaches appeared first on LinuxInsider.

Lock Down Your Linux Laptop on Public Wi-Fi
Public Wi-Fi exposes Linux systems to monitoring, spoofed networks, and data interception. This guide shows how to secure your device with VPNs, firewalls, and browser protections. The post Lock Down Your Linux Laptop on Public Wi-Fi appeared first on LinuxInsider.

Percona Spins Off Everest DBaaS Into OpenEverest Project
Percona is moving its Everest DBaaS platform into OpenEverest, a community-driven project focused on governance, vendor neutrality, and modern data infrastructure. The post Percona Spins Off Everest DBaaS Into OpenEverest Project appeared first on LinuxInsider.

Oracle Declines Community Proposal for Neutral MySQL Foundation
More than 500 developers are urging Oracle to consider a vendor-neutral foundation for MySQL, warning that limited community input could slow innovation and fragment the ecosystem. The post Oracle Declines Community Proposal for Neutral MySQL Foundation appeared first on LinuxInsider.

How to Harden Firefox for Better Security on Linux
This guide shows how to install the latest Firefox build on Linux and adjust key settings to reduce tracking, limit telemetry, and strengthen browser security. The post How to Harden Firefox for Better Security on Linux appeared first on LinuxInsider.

Open-Source Vulnerabilities Double as AI Coding Grows
As AI-assisted coding accelerates software development, security teams are facing a growing challenge managing expanding open-source dependencies and the vulnerabilities they introduce across enterprise environments. The post Open-Source Vulnerabilities Double as AI Coding Grows appeared first on LinuxInsider.

The Audio Industry Is Grappling With the Rise of 'Podslop'
An anonymous reader quotes a report from Bloomberg's Ashley Carman: Welcome to the modern era of podcasting in which thousands of new shows are released into the world every day with a sizable portion likely being AI-generated. Figuring out exactly which ones fall into that growing category is becoming more difficult just as the industry is starting to take this issue seriously. In only the past month or so, Amazon launched a feature that explains a product by generating a quasi-podcast, complete with co-hosts talking to each other and taking questions from users. Shout out to Business Insider reporter Katie Notopoulos for spotting this (and, naturally, demoing it with an adult diaper rash-cream). Not long ago, Nicholas Thompson, chief executive officer of the Atlantic, noted "podslop" dominated his Spotify search results when he typed in the word "Sora." This was around the time that OpenAI shut down its user-generated, AI-content-only app. [...] All of which raises some big, difficult questions. For one, what should the listening platforms do about this incursion? As of right now, Apple Podcasts requires creators who generated a "material portion" of their show using AI to disclose it. The platform also bans misleading or deceptive content. Spotify hasn't published any specific guidelines around AI, though it maintains general rules around dangerous and misleading content. Where this conversation gets even trickier is when it comes to money. Many of these podcasts are hosted on at least one free service that allows programs to opt into their ad marketplace with zero barrier to entry, meaning these shows (and the hosting service) profit off every listen or download. Spreaker, a company owned by iHeartMedia, is the primary one to watch here. Though it tells users to disclose when they rely on AI, it still allows those shows to opt into its programmatic ad marketplace, which pays creators 60% of the revenue generated by the ads placed in their shows. It stands to reason that most of these thousands of shows don't reach many people. But in the aggregate, the ears and dollars could add up. Are the advertisers on board with being next to AI-generated content, some of which might be deemed "slop?" There's also the question of how to define "slop." Jackson of the Podcast Index and his co-host Adam Curry treat it as something listeners simply know when they hear it, while Alberto Betella, co-founder of RSS.com, defines it as "fully automated content with no human review." Jeanine Wright, co-founder of Inception Point, rejects the debate altogether: "The people still talking about slop are still making 6-7 jokes," she said. "It's still yesterday's conversation."

Read more of this story at Slashdot.

Anthropic Nears $1.5 Billion AI Joint Venture With Wall Street Firms
Anthropic is reportedly nearing a roughly $1.5 billion joint venture with Blackstone, Goldman Sachs, Hellman & Friedman, and other Wall Street firms to sell AI tools to private-equity-backed companies. "The investors aim to create a company that acts as a consulting arm for Anthropic and helps teach businesses -- including the private-equity firms' portfolio companies -- how to incorporate AI across their operations," reports the Wall Street Journal. Anthropic, Blackstone, and Hellman & Friedman would each invest about $300 million, while Goldman would contribute around $150 million.

Read more of this story at Slashdot.

GameStop Offers to Buy eBay for $56 Billion
GameStop has made an unsolicited $56 billion cash-and-stock offer to buy eBay (paywalled; alternative source), with CEO Ryan Cohen arguing he can turn the marketplace into a far larger Amazon competitor. "EBay should be worth -- and will be worth -- a lot more money," Cohen said in an interview. "I'm thinking about turning eBay into something worth hundreds of billions of dollars." The Wall Street Journal reports: Cohen said GameStop has a commitment letter from TD Bank to provide up to $20 billion in debt financing to help make a deal possible. GameStop delivered an offer letter to eBay on Sunday and released a copy of it following the Journal's report on the details of the bid. Cohen wrote in the letter to eBay Chairman Paul Pressler that GameStop started building its eBay position on Feb. 4. It said its offer consists of 50% cash and 50% GameStop shares. EBay said Monday morning its board and financial advisers would review GameStop's unsolicited proposal. It said there were no discussions with or outreach from GameStop before receiving the offer. Ebay added that it will review the offer "with a focus on the value to be delivered to eBay shareholders, including the value of the GameStop stock consideration and the ability of GameStop to deliver a binding, actionable proposal." If eBay isn't receptive, Cohen said he was prepared to run a proxy fight and take the offer directly to its shareholders. The window for shareholders to nominate director candidates at eBay ahead of an annual meeting scheduled for this June has already closed, according to the company's proxy materials. Cohen told the Journal that putting his videogame retailer and eBay under one roof could create opportunities to cut costs and improve earnings. The two companies have some overlap already, including a focus on selling collectibles such as trading cards. "There is nobody who is more qualified, based on my experience, to run the eBay business," Cohen said, referencing his time at GameStop and previously Chewy, the online pet-products marketplace he co-founded.

Read more of this story at Slashdot.

Scientists Discover 27 Potential New Planets That Orbit Two Stars
Astronomers have identified 27 potential new circumbinary planets -- worlds that orbit two stars, like Star Wars' Tatooine. "To date, only about 18 circumbinary planets ... had been identified in the universe," reports the Guardian. "More than 6,000 planets have been discovered that orbit single stars, like Earth does around the sun." The Guardian reports: In a timely publication for May 4, also known as Star Wars Day, scientists have identified nearly 30 more candidate planets, whose distances range from 650 to 18,000 light years away from Earth. [...] More than half of the stars in the universe exist in binary or multiple star systems. The researchers instead used a method known as "apsidal precession," searching for a wobble between stars that orbit around and eclipse each other. "If we monitor the exact timing of these eclipses ... that can tell us that there's something else going on in the system," said Margo Thornton, the study's lead author and a PhD candidate at UNSW. After eliminating other factors such as the rotation and gravitational pull of the two stars, the team identified 36 star systems out of 1,590 whose behavior could only be explained by a third body. For "27 of those objects, it is possible that they are planet mass," Thornton said. More research into their spectra -- the light they emit -- was needed to formally confirm them as circumbinary planets, she said. "It's just a matter of: what is the mass of it? Is it a planet? Is it a brown dwarf? Is it a star?" The team discovered the potential planets -- which likely range from Neptune-sized to ten times heavier than Jupiter -- using data from Nasa's Transiting Exoplanet Survey Satellite, a planet-hunting space telescope that launched in 2018. The research was published in the Monthly Notices of the Royal Astronomical Society.

Read more of this story at Slashdot.

Infrasound Waves Stop Kitchen Fires, But Can They Replace Sprinklers?
An anonymous reader quotes a report from Ars Technica: In a makeshift demonstration kitchen in Concord, California, cooking oil splatters in and around a frying pan, which catches fire on an unattended gas stove. Within moments, a smoke detector wails. But in this demonstration, something less common happens: An AI-driven sensor activates and wall emitters blast infrasound waves toward the source of the fire in an attempt to put it out. The science of acoustic fire suppression, which has long been known and documented in scientific literature and the press, works by vibrating oxygen molecules away from a fuel source, depriving the fire of a critical component needed for combustion. Indeed, after just a few seconds of infrasound, the tiny kitchen blaze goes out. "We were able to not just point-and-shoot like a fire extinguisher; we figured out how to run it through ducting and distribute it like a sprinkler system," said Geoff Bruder, co-founder and CEO of Sonic Fire Tech, during the presentation. The company's goal is to replace sprinklers, which are effective at stopping fires but can also do significant water damage to a property. Sonic Fire Tech appears to be the first company trying to commercialize the science of acoustic fire suppression. Its executives have already been touring Southern California; Wednesday's event was the first in the northern half of the state. The company aims to make this infrasound technique mainstream in both commercial (for instance, a data center, where sprinklers would damage electronics) and in-home installations, given that sprinklers are already required in all new California homes built in 2011 and later. Sonic Fire Tech also hopes to produce a backpack-based system that could be worn by wildland firefighters headed out into the field. "We are making meaningful technological improvements on a monthly basis," Stefan Pollack, a company spokesperson, emailed Ars after the event. But two experts who spoke with Ars raised serious questions about the potential for this technology to supplant traditional sprinklers in a home. They are even more skeptical as to whether the technique can be effective in an uncontrolled wildfire situation, where flames can grow very quickly. Experts are concerned that infrasound may knock down small flames but does not cool hot surfaces or wet fuel like sprinklers do, which raises the risk of re-ignition, smoldering fires, hidden fires, or blocked fires. Sonic Fire Tech has claimed third-party validation and possible NFPA 13D equivalency, but it has not publicly released full testing details. Fire officials and outside observers also want more information about reliability, maintenance, calibration, and how system failures would be detected and communicated.

Read more of this story at Slashdot.

16% of Parents Help Their Children Bypass Online Age Checks, Study Finds. One 15-Year-Old Just Uses a Fake Moustache
The Independent reports that "more than a third of children in the UK have found a way around age verification measures" for social media sites and other online platforms. And new research from online safety organisation Internet Matters "suggests one in six parents have helped their child to get past age verification checks, with children reporting 'tricking' platforms into thinking they are older. "Parents also said they had caught their children drawing on facial hair in a bid to evade the technology. One mother said: "I did catch my son using an eyebrow pencil to draw a moustache on his face, and it verified him as 15 years old"... From a sample of 1,000 UK children, 46% said they believed age checks are easy to bypass, while 32% admitted to having done so. 49% of the children surveyed said they'd still encountered harmful content, according to the online safety activists. The group called the figure "unacceptable," and complained that age verification measures "are often ineffective in practice or easy to bypass."

Read more of this story at Slashdot.

Can Investors Trust AI Sales Figures? Asks Wall Street Journal Opinion Piece
A Wall Street Journal opinion piece warns of "a troubling trend" in AI's growth. "Rather than selling software, some AI companies are paying their partners to use it." It cites OpenAI's $1.5 billion joint venture with private-equity firms, Anthropic's $200 million contribution to a private-equity firm joint venture, and Google's $750 million subsidization of Gemini's adoption by consulting firms. "These agreements muddy the distinction between a company's sound growth trajectory and artificial financial engineering."[T]he scale and structure of the recent AI deals go beyond standard incentive mechanisms... When a seller pays customers to buy its products, it is unclear if its revenue growth reflects vibrant demand or a willingness to accept subsidies. Slashdot reader destinyland writes:This warning comes from a prominent figure in the investing community. For six years Robert Pozen was chairman of America's oldest mutual fund company, after five years at Fidelity. An advocate for corporate governance, he's currently a lecturer at MIT's business school (and the author of the book Remote Inc.: How to Thrive at Work...Wherever You Are). "As AI companies prepare initial public offerings, investors should scrutinize their numbers closely," Pozner writes, warning about "time-limited financial support". "In evaluating AI sales figures, analysts should consider the distorted incentives that the recent financing deals create," writes Pozner: Private-equity firms, enticed by promised returns, might demand rapid rollouts of AI products, rather than ensuring their orderly and safe development. Portfolio companies of private-equity firms may embrace AI tools not because they are needed but because adoption is mandated by their owners. Consultants may favor one set of AI models based on the subsidy instead of the merits. If guarantees and subsidies are major factors in the rapid adoption of AI tools, investors should be skeptical of AI companies' revenue projections. Many of their customers enticed by consultants will stop paying full price when the financial incentives are gone. Many of the portfolio companies of private-equity firms could back away from selected AI tools once these joint ventures expire. The challenge with evaluating these AI financing deals is the lack of transparency. At present, AI vendors don't separate revenue driven by subsidies or joint ventures from standard sales. The lesson from the telecom debacle is that financial engineering can obscure, for years, the difference between real customer demand and demand driven by incentives. When AI companies begin to finance their own product distribution, guaranteeing returns to investors and subsidizing sales, it's a signal for investors to dig deeper.Investing in an AI company? Ask what percentage of enterprise revenue is coming from subsidized channels or joint ventures, Pozner suggests. And the renewal/retention rate for customers not supported by subsidies or joint ventures...

Read more of this story at Slashdot.

Roblox Blames Age-Verification Rollout for Lowered Growth. Stock Tumbles 22%
Age verification became mandatory for chat access on Roblox in January — and Friday morning Quartz reported it's apparently impacted the company's financials:Roblox cut its full-year 2026 bookings forecast by roughly $900 million at the midpoint on Thursday, blaming stronger-than-expected headwinds from its mandatory age-verification rollout on an audience that skews heavily toward children and teenagers. Full-year 2026 bookings are now projected at $7.33 billion to $7.60 billion, a range that sits roughly $900 million below the prior guidance of $8.28 billion to $8.55 billion; analysts had expected $8.38 billion, according to Yahoo Finance. Roblox stock fell almost 22% in premarket trading.... Daily active users rose 35% year over year to 132 million, while hours engaged climbed 43% to 31 billion hours... Daily Active Users and hours engaged fell below forecasts of 143.8 million and 33.68 billion, respectively, according to Yahoo Finance... Users who have not completed age checks have faced restricted communication features, and the process has weighed on the platform's ability to bring in new users. Russia's blocking of the platform, which took effect in December 2025, added further drag on user growth, according to Yahoo Finance. As of the end of the first quarter, 51% of global daily active users had completed age verification, with 65% of U.S. users having done so, Roblox said.... The safety push has come with legal costs. Roblox accrued $57 million in the first quarter for settlements and settlement proposals with certain states over youth-related consumer protection and digital safety matters, with payments structured over multiple years, the company said. Roblox acknowledged in a letter to shareholders that "our aggressive push to enhance safety lowers our expectations for topline growth in 2026." But they argued that it also "makes our platform fundamentally better and amplifies the long-term growth potential of Roblox through more effective content targeting, tailored communication experiences, and improved community sentiment."

Read more of this story at Slashdot.

NetHack 5.0 Released
"So yesterday the Devteam (it is always the Devteam) released version 5.0 of legendary and venerable rogueike compuer game NetHack," writes the Rogue-like games column @Play. "It is 39 years old..." MilenCent (Slashdot reader #219,397) writes: In addition to play changes it's left for players to discover, this version updates the code to compile with C99, makes it much easier to cross compile the code for other systems than the one running, and now uses Lua for its dungeon generation. Happy hacking! For new players, "Nethack 5.0 now has an optional tutorial in the early phases of the game that might help you," notes the Rogue-like games column @Play:Three systems binaries are provided: Windows, MS-DOS and Amiga. Yes, Nethack still supports MS-DOS, and yes, it still supports classic Amiga: it explicitly supports AmigaDOS 3.0, meaning it can still run on 68000 machines... That these are the only systems they provide binaries for shouldn't be seen as an indication that these are the "most important" platforms for Nethack, it's more that, since it's entirely open source, building it yourself is entirely possible, and more expected than with most software. Nethack can be built for Linux, Windows 8-11, AmigaDOS, MacOS (I'm not sure if this includes classic Mac too but it might), Windows CE (wow), OS/2 (additional wow), BeOS, VMS and multiple Unixes... Another option is to play through public Nethack servers. The most popular of these are probably alt.org and Hardfought.

Read more of this story at Slashdot.

OpenAI Introduces AI-Generated Pets for Its Codex App
"Vibe coding just got a whole lot more adorable," writes Engadget:OpenAI introduced AI-generated pets to the Codex app, its agentic tool that helps with coding. These "optional animated companions" don't do any coding themselves, but serve as a floating overlay that can tell you what Codex is working on, notify you when Codex completes a task or whether it needs your input on something. The new feature lets developers see Codex's active thread, without having to switch away from your current open app. "The feature ships with eight built-in variations — including a cat and dog," reports Mashable. "But the more interesting play is the custom pet creator." Users can prompt Codex directly to generate their own companion, then share it online. A quick scroll through the homepage reveals the community has already gotten to work. Current creations include Goku, Patrick Star, Microsoft's long-retired Clippy, OpenAI CEO Sam Altman, Anthropic CEO Dario Amodei, and — naturally — a goblin. There's also Grogu, Dobby, a tiny Bob Rossi, and a "Doge-style Shiba Inu dog"...

Read more of this story at Slashdot.

AI Cameras are Being Deployed Across the Western US for Early Detection of Wildfires
The Associated Press reports:On a March afternoon, artificial intelligence detected something resembling smoke on a camera feed from Arizona's Coconino National Forest. Human analysts verified it wasn't a cloud or dust, then alerted the state's forest service and largest electric utility. One of dozens of AI cameras installed for the utility Arizona Public Service had spotted early signs of what came to be known as the Diamond Fire. Firefighters raced to the scene and contained the blaze before it grew past 7 acres (2.8 hectares). As record-breaking heat and an abysmal snowpack raise concerns about severe wildfires, states across the fire-prone West are adding AI to their wildfire detection toolbox, banking on the technology to help save lives and property. Arizona Public Service has nearly 40 active AI smoke-detection cameras and plans to have 71 by summer's end, and the state's fire agency has deployed seven of its own. Another utility, Xcel Energy in Colorado, has installed 126 and aims to have cameras in seven of the eight states it serves by year's end... ALERTCalifornia is a network of some 1,240 AI-enabled cameras across the Golden State that work similar to the system in Arizona.... Pano AI, whose technology combines high-definition camera feeds, satellite data and AI monitoring, has seen a growing interest in its cameras since launching in 2020. They've been deployed in Australia, Canada and 17 U.S. states, including Oregon, Washington and Texas... Last year, its technology detected 725 wildfires in the U.S., the company said... Cindy Kobold, an Arizona Public Service meteorologist, said the technology notifies them about 45 minutes faster on average than the first 911 call.

Read more of this story at Slashdot.

Carbon Pollution Is Making Food Less Nutritious, Risking the Health of Billions
A new meta-analysis found nutrients in food decreased over the last 40 years, reports the Washington Post. "Many of humanity's most important crops — including wheat, potatoes, beans — contain fewer vitamins and minerals than they did a generation ago." "The invisible culprit behind this damaging phenomenon? Carbon dioxide pollution."Surging concentrations of carbon in the atmosphere, caused largely by burning fossil fuels, have produced potent changes in the way plants grow — from increasing their sugar content to depleting essential nutrients like zinc... "The diets we eat today have less nutritional density than what our grandparents ate, even if we eat exactly the same thing," said Kristie Ebi, a professor at the University of Washington's Center for Health and the Global Environment. People in wealthy countries with strong health care systems will have many tools to cope with the change, experts said. But for the world's poorest and most vulnerable, the consequences could be devastating. One study concluded that by the middle of the century the phenomenon could put more than a billion additional women and children at risk of iron-deficiency anemia — a condition that can cause pregnancy complications, developmental problems and even death. Meanwhile, some 2 billion people across the globe who already suffer from some form of nutrient shortage could see their health problems grow even worse. "The scale of the problem is huge," Ebi said. Plants depend on carbon dioxide to perform photosynthesis — but that doesn't mean they grow better when there's more carbon in the air, scientists say. A sweeping survey of changes among 32 compounds in 43 crops found that nearly every plant that humans eat is harmed by rising CO2 levels... On average, they found, nutrients have already decreased by an average 3.2 percent across all plants since the late 1980s, when the concentration of carbon dioxide in the atmosphere was about 350 parts per million. Thanks to long-time Slashdot reader GameboyRMH for sharing the news.

Read more of this story at Slashdot.

Robots Are Building Clay Homes In Texas Using Dirt From the Ground
A startup south of Austin is using robots to build homes out of clay pulled directly from the ground, reports a local news station:The materials are gathered on site, mixed, and placed on a build plate. From there, a robot lowers from above, picks up the clay with a claw, carries it to the wall and drops it into place. Later, the same robot switches tools, using a hammer attachment to pound the material into shape. "It's kind of trying to replicate how a human might build an adobe house," said software engineer Anastasia Nikoulina... Using machine learning, the system constantly evaluates the wall, adjusting how it builds to create a flat, solid surface... The project is underway at Proto-Town, a ranch between Lockhart and Luling where startups test new technologies, from anti-drone systems to nuclear reactors. The company plans to build their next home on the property, with hopes to do more than 20 homes over the next year.

Read more of this story at Slashdot.

It's Goodbye Time for Jeeves and Ask.com - Relics of Yesterday's Internet
A 1999 press release bragged "Jeeves" answered 92.3 million questions in just three months. "In the digital wilds of Y2K, we came to him with our most probing questions," remembers the New York Times — whether it was Britney Spears or tamagotchis: We asked, and he answered: Jeeves, the digital butler of information, the online valet who led us into the depths of cyberspace. Now, like so many other relics of yesterday's internet, Jeeves — and his home, Ask.com — are no more. After almost 30 years, the question-and-answer service and former search engine shuttered on Friday. "To you — the millions of users who turned to us for answers in a rapidly changing world — thank you for your endless curiosity, your loyalty, and your trust," the company said in a notice posted on its now-defunct website... Created in Berkeley, Calif., in the days of the dot-com gold rush, Ask Jeeves first appeared on computer screens in 1996.... Their mascot, Jeeves, was modeled on the clever English butler character from the famed P.G. Wodehouse book series. Its search function was simple — type in a question, get an answer. But the quality of its responses was uneven, and the website was quickly eclipsed by Google and Yahoo as the world's go-to search engines. The site was bought by InterActive Corp. for more than $1 billion in 2005, and was given an injection of cash to help it compete as a search engine. It rebranded as Ask.com and as part of the reimagining, the site also ditched the character of Jeeves in 2006. Scrappy but inventive, the site was one of the first to introduce hyperlocal map overlays to its searches and incorporate thumbnails of webpages. "They are doing a lot of clever and interesting things," a Google executive noted of Ask.com at the time. Still, Ask.com struggled to compete and returned in 2010 to its bread and butter: question-and-answer style prompts. Even then, it faltered against newer, crowdsourced iterations like Quora and Google's unyielding march to the internet fore — the platform now dominates search traffic, and the world's general experience of the internet. A statement at Ask.com ends "by thanking its millions of users, and saying, 'Jeeves' spirit endures'," notes this article from Engadget:As sad as it is to see a relic of the early Internet days fade into obscurity, we still have Ask Jeeves to thank for why some users still punch in full questions when querying Google. On top of that, Jeeves was built to provide detailed answers in natural language, which could have arguably acted as a precursor to today's AI chatbots like ChatGPT. "Now, Ask.com joins the Internet graveyard that includes competitors like AltaVista, which shut down in 2013," the article points out. "With Ask.com gone, alongside AIM and AOL dial-up services also sunsetting, we're truly coming to an end of a specific era of the Internet." And the New York Times argues the memory of Jeeves now rests somewhere between Limewire and Beanie Babies... Slashdot reader BrianFagioli calls it "a quiet reminder of how quickly the web moves, and how even widely recognized names can drift into obscurity once the underlying technology leaves them behind."

Read more of this story at Slashdot.

Former Nintendo Executive Says Amazon Once Requested 'Illegal' Price Discounts
Amazon once tried to pressure Nintendo to break the law, says former Nintendo of America President Reggie Fils-Aimé. At a recent NYU lecture, he describes a conversation with an Amazon executive, Kotaku reports:"Amazon was looking to get bigger into the video game space," said Fils-Aimé. "Amazon's mentality back then is they wanted to have the lowest price out in the marketplace, even lower than Walmart... Essentially what Amazon wanted (was an) obscene amount of support, financial support, so they could have the lowest price and beat Walmart. I literally said to the executive, 'You know that's illegal, right? I can't do that'...." At the time, the Wii and DS were Nintendo's best selling hardware in history. Amazon originally sold books, but in the 2000s rapidly expanded with cheaper discounts to became a one-stop shop for almost everything. Everything except Nintendo, that is.... "Literally we stopped selling to Amazon," Fils-Aimé continued, "and it's because I wasn't going to do something illegal. I wasn't going to do something that would put at risk the relationship we have with other retailers." "The two sides have since made amends," notes the Verge, "and you can buy a Switch 2 through Amazon. But for a long time, Nintendo consoles had been largely unavailable on the site."

Read more of this story at Slashdot.

Hands off my trademark! Notepad++ dev threatens legal action against macOS port
It's not the fork that's the problem, it's the attempt to make it look official, says original Notepad++ dev Don Ho
Notepad++ remains a Windows-only app, at least under that name. The beloved developer-focused, open-source text editor recently was ported to macOS by a third party. However, developer Don Ho wants to be perfectly clear that, no matter how convincing the new project might look, it's not official. …

Inside Amazon Web Services' plan to make networking disappear
The Register gets a look inside AWS' networking lab in Cupertino
FEATURE In an unassuming three-story office building in Cupertino, California, engineers from Amazon Web Services are busy trying to make networking inconspicuous.…

Shadow IT has given way to shadow AI. Enter AI-BOMs
If you don't have visibility, you can't understand what to protect
When it comes to securing enterprise supply chains, now heavily infused with AI applications and agents, a software bill of materials (SBOM) no longer provides a complete inventory of all the components in the environment. Enter AI-BOMs.…

Moving to mainframe can be cheaper than sticking with VMware: Gartner
Serious Linux VMs will enjoy big iron – if you can learn to love lock-in risks and skills challenges
VMware users considering a new home might find it cheaper to move to an IBM mainframe than adopting Broadcom’s new licenses, according to Gartner Vice President Analyst Alessandro Galimberti.…

If the vote you rocked, your personal info can be grokked
Even limited voter rolls can be linked to identify people, research shows
Your voter data could be used against you. A foreign intelligence service that wished to identify the family members of deployed military personnel could do so by cross-referencing public voter record data and social media posts.…

Hope your holiday was horrid: You botched the last thing you did before leaving
That box-full-of-old-tech-you-should-probably-have-thrown-out-but-kept-just-in-case got a techie in trouble
Who, Me? Monday is upon us once again and The Register hopes that when you arrive at your desk, all is well. We offer that sentiment because we use the first day of the working week to bring you a fresh instalment of "Who, Me?" – the reader-contributed column in which you confess to making mistakes, and explain how you survived them.…

Ask.com, former home of search butler Jeeves, closes just as conversational search comes back
Like actual butlers, this relic of the first dotcom boom has been a quaint anachronism for decades
In the mid-1990s, search engine designers settled on the user interface that dominates to this day: a text box into which users enter text, and a resulting list of websites.…

Five Eyes spook shops warn rapid rollouts of agentic AI are too risky
Prioritize resilience over productivity, say CISA, NCSC and their friends from Oz, NZ, Canada
Information security agencies from the nations of the Five Eyes security alliance have co-authored guidance on the use of agentic AI that warns the technology will likely misbehave and amplifies organizations’ existing frailties, and therefore recommend slow and careful adoption of the tech.…

Just in time for Labour Day, China makes it illegal to fire humans if AI takes their jobs
PLUS: Samsung cashes in on RAM prices; Booze from space fetches huge price; China's hyperscalers surge
A Chinese court has ruled that it’s illegal to replace human workers with AI.…

Microsoft's turned Windows into a cesspool, but it wants to do better
Windows is a mess, GitHub keeps wobbling, Copilot draws flak - what’s wrong at Redmond?
kettle When it comes to making decisions that piss off your user base, no one knows how to do it like Microsoft. …

Inference is giving AI chip startups a second chance to make their mark
In a disaggregated AI world, Nvidia can be both a friend and an enemy
AI adoption is reaching an inflection point as the focus shifts from training new models to serving them. For the AI startups vying for a slice of Nvidia's pie, it's now or never.…

Royal Navy chief backs drones, autonomous weapons in ‘Hybrid Navy’
Plan mixes crewed ships, robot escorts, and long-range strike to bolster a stretched fleet
The leader of Britain’s Royal Navy has outlined a “Hybrid Navy” built on a mix of crewed, uncrewed, and autonomous platforms to ensure it can continue to defend the nation and operate overseas.…

Job's a good 'un: Bank of England tech project wins watchdog praise
PAC: Now why can't everybody else in public sector do it like this?
Parliament's spending watchdog has held up a successful large-scale public sector tech transformation as a rare example worth emulating, in a striking departure from the usual diet of failure and overspend.…

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents
Take those token limits and shove them by vibe coding with a local LLM
With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing, that vibe-coded hobby project is about to get a whole lot more expensive. Fortunately, you're not without cost-saving options.…

UK drivers' agency shrugs off claims of week-long booking site smashes, blames browser configs
Agency insists everything is working fine, even though users spend days failing to load it
The DVSA's driving test booking system has spent the week offline, according to frustrated users.…

Brace for the patch tsunami: AI is unearthing decades of buried code debt
Britain's cyber agency says the bill for years of technical shortcuts is coming due, and it's arriving all at once
Britain's cyber agency is warning that AI-fuelled bug hunting is about to flush out years of buried flaws, leaving defenders scrambling to keep up.…

ServiceNow under siege as Atlassian adds to ITSM take-outs
CEO Mike Cannon-Brookes touts 'largest ever quarter for competitive displacements'
The chase is on. Atlassian reported its largest-ever quarter for taking share from a major IT service management provider, CEO Mike Cannon-Brookes said on the company's fiscal third-quarter earnings call Thursday, escalating its rivalry with ServiceNow.…

Mythos complicates the breakup, says Pentagon CTO, but Anthropic is still barred
Emil Michael says agencies are evaluating the cybersecurity model, not deploying it
Pentagon CTO Emil Michael pushed back on reports of a thaw in the department’s relationship with Anthropic: The two are not getting back together, even as Mythos draws interest from government agencies.…

Artemis III aims for 'late 2027' for Earth orbit demonstration
SpaceX and Blue Origin will absolutely be ready in time. Definitely
Amid the sensational NASA budget cut proposals taking place in the US at the moment, NASA Administrator Jared Isaacman has refined the Artemis III launch date to "late 2027."…

Where to buy a non-Apple, non-Google smartphone
Both Cupertino and Google are imposing ever stricter limits on their phones – but you have alternatives
As both Apple and Google introduce unwelcome changes in their phone OSes, here's a quick reminder that you do have alternatives to the Gruesome Twosome.…

CIOs ready for another role-change as AI becomes agent of chaos
If software writes software the risk is “systematic failure at scale”. Someone needs to take charge, argues Forrester
Forrester predicts that by decade's end, the rush toward agentic AI will grow so chaotic that CIOs will be forced into a new role as enforcer of order.…

That old phone in the kitchen drawer could save an industry
Users have less cash to burn and less patience for AI in new models... now where to get the used stock
Secondhand phones sales are booming - relatively speaking - and the industry has rising inflation, AI bloat, and consumers' growing apathy toward overpriced new handsets to thank for it.…

First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed
Exploitation was underway before patches landed, at least one victim reports ransomware demand
CISA has added a critical cPanel bug to its known-exploited list, confirming that attackers are already poking holes in one of the internet's most widely used hosting stacks.…

Microsoft releases first big update after Nadella's vow to 'win back fans'
Lots of fixes, some performance tweaks. Fingers crossed there's no out-of-band patch to follow
Microsoft is following through on its promise to prioritize Windows stability with its April 30 non-security update.…

OpenAI locks GPT-5.5-Cyber behind velvet rope despite slamming Anthropic for doing exactly that
Altman's crew now doing the same gatekeeping it recently mocked
OpenAI is lining up a limited release of its new GPT-5.5-Cyber model to a handpicked circle of "cyber defenders," just weeks after taking a swipe at Anthropic for doing almost exactly the same thing.…

SpaceX rocket set for unintentional Moon landing – well, a piece of it anyway
But unlike most junkers, it'll be traveling faster than the speed of sound, claims astronomy software dev
An astronomy software dev claims a Falcon 9 upper stage will hit the Moon in August, traveling at several times the speed of sound.…

Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
313 Team tells Canonical: pay up or the packets keep coming
Canonical says its web infrastructure is under attack after a pro-Iran hacktivist group instructed its members to target the open source giant.…

UK pensions dept goes shopping for spy-van tech with £2M surveillance tender
Covert cameras, live-streaming systems, and in-vehicle recording kit sought to catch out fraudsters
The Department for Work and Pensions has gone shopping for covert cameras, live-streaming kit, and vehicle-based recording gear as it lines up a £2 million upgrade to watch fraud suspects in real time.…

Who needs ghost train scares when Windows is such a fright?
Things that go bork in the night
Bork!Bork!Bork! What frightens you? What, as an IT professional, would make you shriek like a small child? What tech horrors are lurking under your bed?…

Passport to £££: Home Office adds £216M to travel doc contract before a single bid's been placed
Start date pushed back a year, annual cost up a third, and UK's now handing out eight million passports a year
The Home Office has increased the annual value and overall duration of its new passport production contract, increasing it to a total of £576 million as it starts a third round of engagement with suppliers.…

DVLA's 14-week driving license fiasco – the tech, people and chatbot trying to clear it
Medical license applicants still waiting months while agency insists it's 'putting things right'
The Driver and Vehicle Licensing Agency (DVLA) has introduced new tech to support driving license applications that require medical checks, after processing times exceeded 14 weeks in February.…

User found the perfect formula to make Excel misbehave
For once, Oracle ERP wasn’t the problem
On Call Fridays can be a drag, but The Register has a formula to inject a little fun by delivering a new instalment of On Call – the reader-contributed column in which we share your tech support stories.…

Qualcomm teases ‘dedicated CPU for agentic experiences’ and ‘agentic smartphones’
Enters the custom AI silicon business with secret silicon for an un-named hyperscaler
Qualcomm has quietly entered the market for custom hyperscale silicon, and datacenter CPUs…

Fujitsu confirms mainframe biz to die in 2035, in time for quantum AI supercomputers to take over
In talks with Japan, the UK, and Australia on defense tech that can ‘contribute to global stability’
Japanese tech giant Fujitsu has confirmed the demise of its mainframe business in the year 2035 and hinted it’s working on significant defense projects.…

ICANN opens applications for new generic top-level domains for the first time since 2012
$227k gets you a hearing for your dot.vanity project, or strings in one of 27 scripts
The Internet Corporation for Assigned Names and Numbers (ICANN) on Thursday kicked off a new application process for generic top-level domains (gTLDs), its first since 2012.…

The never-ending supply chain attacks worm into SAP npm packages, other dev tools
Mini Shai-Hulud caught spreading credential-stealing malware
The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom npm packages, plus the lightning PyPI package.…

Govern your bots carefully or chaos could ensue
Stop the sprawl!
With the average Global Fortune 500 enterprise expected to run more than 150,000 AI agents by 2028, up from fewer than 15 today, there’s plenty of room for chaos. Analyst firm Gartner says that, without proper governance, those agents will multiply and run amok.…

Firefox maker torches Google for building Prompt API into browser
Mozilla fears wiring an AI API into Chrome will make the web less open
Updated Mozilla has reiterated its opposition to Google's decision to build AI plumbing into its Chrome browser, though rather belatedly now that the technology, known as the Prompt API, is already being tested in Chrome and Microsoft Edge.…

Bot her emails: most modern phishing campaigns are AI-enabled
KnowBe4 says 86% of phishing it tracked used AI, and inboxes are only the start
Give a man a phishing kit and he might get lucky a couple of times; teach an AI to phish and it'll change the landscape, if KnowBe4's latest phishing trends report is accurate.…

FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'
One alleged cyber contractor was extradited to the US over the weekend
China's "hacker-for-hire ecosystem has gotten out of control," according to Brett Leatherman, assistant director of the FBI's cyber division.…

Phone users know when to hold ’em, delay upgrades amid inflation
Analyst says handsets now stay in pockets for 4.2 years on average
Remember the early days of the smartphone revolution when, even after six months, your phone felt outdated? Not anymore. Smartphone replacement cycles are getting longer as discretionary household budgets come under pressure from inflation, with demand for new devices expected to fall for the rest of this year.…

Bandwidth hogs rejoice, Celestica's latest switch is bristling with 64 ports of 1.6 Tbps Ethernet
Networking kit arrives just in time for Nvidia's 1.6 Tbps ConnectX-9 NICs
If you thought 800 Gbps Ethernet was fast, just wait. Celestica's latest switches cram 64 1.6 Tbps ports into a single chassis.…

Google's fix for critical Gemini CLI bug might break your CI/CD pipelines
This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows
If you use Gemini CLI, watch out: Google has patched a CVSS 10.0 vulnerability in its command-line AI tool and is warning anyone running it in headless mode, or through GitHub Actions, to review their workflows.…

French prosecutors link 15-year-old to mega-breach at state’s secure document agency
Two computer crime allegations follow up to 18M lines of data surfacing online
French prosecutors say police detained a 15-year-old on April 25 over the alleged theft of millions of records from France Titres (ANTS), the agency handling secure documents.…

Zed team releases version 1.0 of Rust-built editor: Traditional editor and AI tool
Team wins praise for adding 'disable all AI features' setting for devs who want a code editor to be only a code editor
The Rust-built Zed editor has reached version 1.0, released yesterday, with development led by former members of the Atom team at GitHub.…

AWS says acute server memory shortage is driving customers to the cloud
When you can't get 'em with a 'transformation plan,' supply chain pain will do the job
The great memory shortage is having yet another effect, pushing enterprises into the waiting arms of the cloud operators as they can't secure enough on-prem compute themselves.…

Survey says no, American workers are not keen on Microsoft's AI
Lock-in worries threaten to dampen the E7 launch party
The Coalition for Fair Software Licensing has published research showing that US workers reckon Microsoft is using its productivity tools to lock their employers into the company's AI services.…

SAP user group slams 'uncertainty' in ERP giant's API policy
Concerns over new rules might stop customers from adopting innovations – including AI – that connect to SAP systems
An influential SAP user group has criticized the vendor's API policy update, saying it lacks clarity and potentially prevents users from starting new projects and innovating on their SAP platforms.…

Microsoft boss tells investors the company is working to 'win back fans'
But why did those fans go away in the first place, Satya?
Microsoft boss Satya Nadella told investors during an earnings call last night that the company needs to "win back" its fans.…

Fewer users, fatter wallets is why Anthropic tops OpenAI in LLM revenue stakes
AI boom splits between companies hoarding eyeballs and those actually charging for them
Anthropic is pulling in more LLM revenue than OpenAI, despite having a fraction of the users.…

Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]

The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.

From DHCP to SZTP – The Trust Revolution
By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]

The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.

Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]

The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.

Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights Part Two
In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]

The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights Part Two appeared first on Linux.com.

Disaggregated Routing with SONiC and VPP: Architecture and Integration Part One
The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]

The post Disaggregated Routing with SONiC and VPP: Architecture and Integration Part One appeared first on Linux.com.

Kubernetes on Bare Metal for Maximum Performance
When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]

The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.

How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]

The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.

Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]

The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.

A Simple Way to Install Talos Linux on Any Machine, with Any Provider
Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]

The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.

Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely

The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.

Valve9s Steam Controller Now Shipping
For those eager to get their hands on Valve's new Steam Controller, the gaming controller is now shipping...

Omarchy 3.7 Linux Distribution Overhauls Gaming Support, Adds Unified CLI
Omarchy as the Arch Linux based desktop distribution using the Hyprland compositor and led by David Heinemeier Hansson "DHH" is out with a big OS update...

GCC 16 Compiler Delivering Some Decent Performance Gains Over GCC 15
With the GCC 16.1 compiler released last Thursday, I have begun running more compiler benchmarks on this first GCC 16 stable feature release. GCC 16 comes heavy on new changes in being the annual feature release and delivering changes from AMD Zen 6 and Arm AGI CPU support to new C++ features and even the Algol 68 programming language front-end. It9s also looking quite good in the performance department relative to the GCC 15 compiler from last year.

CachyOS Switches Python To Using Tail-Call Interpreter For 5~15% Better Performance
CachyOS is a very fast out-of-the-box Linux distribution and for those concerned about Python performance, the newest updates to this Arch Linux based distribution will provide even better performance...

Linux File-System Proliferation A Burden: Requirements Laid Out For Any Future File-Systems
The growing number of file-systems within the Linux kernel source tree is causing an ongoing burden for upstream developers maintaining the virtual file-system (VFS) code around it and associated code. As a result of the continuing rise of new file-systems being proposed for the Linux kernel, documentation is being introduced to establish clear guidelines for getting new file-systems accepted into the mainline kernel...

Mesa Begins Seeing Patch Activity For AMD GFX12.1 Graphics
Since last November we've begun seeing new open-source driver activity for their next-gen GPU IP with their GFX12.1 graphics engine. GFX12 (12.0) was for the Radeon RX 9000 series RDNA4 hardware while GFX 12.1 is some new revision for yet-to-be-known products while there is also GFX13 bring-up and GFX12.5 too...

Linux 7.1-rc2 Released With Audio Fix For Steam Deck OLED, Other Fixes
Linux 7.1-rc2 is out for testing with its accumulation of initial bug and regression fixes that have been collected over the past week since the Linux 7.1 merge window was capped off...

Brush v0.4 Released As "Significant" Release For This Rust-Based Shell
Brush v0.4 debuted today for this "Bourne Rusty Shell" as a Bash/POSIX-compatible shell written in the Rust programming language...

ReactOS Introduces Unified Live/Install Media, New Storage Driver
ReactOS as the "open-source Windows" operating system project striving for binary compatibility with Microsoft Windows has seen some exciting improvements this week...

Many Exciting Google Summer of Code 2026 Projects & A Lot Of AI
This week Google announced the selected Google Summer of Code "GSoC" 2026 projects for providing stipends to student developers for engaging in different open-source projects. This year a lot of open-source projects involve AI/LLM adoption but there are also a number of other interesting student projects at large from GNOME Mutter GPU reset recovery to adding new features to FreeBSD...

Turtle Beach WaveFront ISA Sound Cards Seeing Suspend/Resume Support On Linux In 2026
It's been an interesting 2026 in Linux development with beginning to phase out i486 CPU support, dropping ISDN and amateur "ham" radio support, and other code cleaning in the name of a diminishing user base -- or perhaps even no users left -- for those running such vintage hardware with a modern, up-to-date kernel. Yet ISA sound card drivers have seen an uptick in activity...

The GNOME-Aligned RustConn Connection Manager Continues Piling On More Features
One of the interesting GNOME-aligned application developments in recent months has been RustConn as a modern GTK4-based connection manager. RustConn allows managing SSH, RDP, VNC, SPICE, and a variety of other connections from this Rust-written application. It's been steadily tacking on more features and that effort continued with more features landing...

New NTFS Driver Sees More Fixes With Linux 7.1-rc2
One of the most prominent changes with the upcoming Linux 7.1 kernel release is the introduction of the new NTFS driver in the Linux 7.1 kernel. This new driver provides more features and better performance than the Paragon NTFS3 driver that's been in the kernel the past few years and far better off than the original NTFS read-only driver that previously was in the kernel and for which this new driver is based. Needless to say it's also a big improvement over the NTFS-3G user-space FUSE driver too...

Linux 7.1 Fixes Audio For The Steam Deck OLED After Being Broken 2 Years On The Upstream Kernel
It turns out the Steam Deck OLED gaming handheld has not had working audio support with the mainline (upstream) Linux kernel since a change in late 2023 that was merged for Linux 6.8. There was an AMD ASoC audio change that inadvertently broke audio support for the Steam Deck OLED handheld but not affecting the original LCD model. Valve's downstream Steam OS kernel has compensated for this known breakage and other distributions targeting the Steam Deck OLED have carried the patch, but now there is a proper solution upstream ahead of Linux 7.1-rc2...

FUSEX File-System Being Developed For Extended/Experimental Features
Miklos Szeredi of Red Hat has been developing the FUSEX file-system as an extended/experimental area for File-System in User-Space "FUSE" development...

AMD9s GAIA Defaults To Better Model, Continued Improvements For Local AI
AMD software engineers on Friday released a new version of GAIA "Generative AI Is Awesome" as their open-source software for Windows and Linux leveraging the Lemonade SDK and aiming to make it easy to build AI agents on your PC with all local AI processing across AMD's CPUs, GPUs, and NPUs...

Linux 7.1-rc2 Bringing Some More Improvements/Fixes For Older AMD GPUs
Merged on Friday ahead of the Linux 7.1-rc2 kernel release due out tomorrow were this week's batch of Direct Rendering Manager (DRM) kernel graphics / display / accelerator driver fixes...

KDE Linux Now Using KMSCON For A Better VT Console Experience
KDE Linux continues making progress as the in-house Linux distribution to best showcase the latest KDE Plasma desktop innovations...

VideoLAN Publishes Dav2d For Open-Source AV2 Decoder
While the Alliance For Open Media had been aiming for the AV2 release by the end of 2025, as of right now the AV2 specification remains in a draft status. VideoLAN developers though for months have already been working on dav2d as an open-source AV2 decoder and that code was published this weekend...

FreeBSD 15.1 Beta Released For Early Testing
Following last year's release of FreeBSD 15.0, FreeBSD 15.1 is working its way toward release release in June. For kicking off the release dance, FreeBSD 15.1 Beta 1 is available today for testing...

NVIDIA Ships Fixes For Descriptor Heaps, More Vulkan Performance Optimizations
NVIDIA on Friday released the 595.44.06 beta driver build as their newest Vulkan developer beta for Linux. This was joined by the NVIDIA 595.46 Windows Vulkan beta and there are performance improvements in tow and more work on their descriptor heaps support...

KDE Plasma 6.6.5 Fixes Some NVIDIA Performance Issues, More Features Land For Plasma 6.7
We are now just one month out from the planned release of Plasma 6.7 in mid-June. Feature activity continues to be brisk for Plasma 6.7 while KDE developers also continue landing more fixes for the current Plasma 6.6 series...

Steam On Linux In April Pulled Back From Its Record High Marketshare
Steam on Linux use in March had skyrocketed to 5.33%, a 3.1% boost month-over-month and easily the highest level we've seen Steam on Linux at since its inception more than a decade ago. This record growth came amid the ongoing success of the Steam Deck handheld and Steam Play (Proton) for enabling more Windows games to run well on Linux. The April numbers are in and the Linux gaming marketshare pulled back somewhat but still remaining healthy...

Wine 11.8 Improves VBScript Compatibility, Finally Fixes Microsoft Golf 1999
Wine 11.8 delivers the latest and greatest support for running Windows applications and games under Linux and other platforms. This newest bi-weekly development release brings several more enhancements in working toward Wine 12.0 stable due out in early 2027...

EndeavourOS "Triton" To Ship New Desktop/WM Options, Titan Neo Brings Various Updates
In addition to today's monthly ISO refresh of Arch Linux that is now pulling in the Linux 7.0 kernel and other updates, the downstream EndeavourOS also happens to be out with a new ISO release for starting the month of May...

Vulkan 1.4.350 Released With Three New Extensions
Vulkan 1.4.350 released earlier today as the newest routine spec update. Beyond the usual minor fixes/clarifications, Vulkan 1.4.350 tacks on three more extensions...

AMD Posts HDMI 2.1 FRL Patches For Their AMDGPU Linux Driver
It's not complete HDMI 2.1 support but to much surprise hitting the mailing list today were official patches from AMD for implementing HDMI Fixed Rate Link "FRL" support for their kernel graphics driver. HDMI FRL as part of HDMI 2.1+ allows for higher bandwidth to support higher refresh rates and resolutions...

Linux Support Coming For The ASUS ROG RAIKIRI II: A $160 High-End Gaming Controller
The ASUS ROG RAIKIRI II is a recently-launched wireless gaming controller for both PC and Xbox gaming. This is a premium controller priced at $160 USD and has been receiving positive reviews under Windows while now it will soon be seeing mainline Linux support...

Intel Making More GPU Driver Improvements For Crescent Island With Linux 7.2
Intel's upcoming Crescent Island product as a reminder is a new inference-optimized Xe3P graphics card with 160GB of vRAM and targeting enterprise AI workloads. Intel's open-source Linux graphics driver engineers continue to be very busy enabling the driver support for Crescent Island as well as making broader Xe3P improvements...

Mesa Developers Consider Branching Off Some Older GPU Drivers - Including AMD R300/R600
Mike Blumenkrantz of Valve's Linux graphics team has ignited a discussion over potentially shifting some of Mesa's older GPU drivers into a new legacy Git branch in order to better support the more modern OpenGL and Vulkan drivers without having to worry about breaking the legacy drivers and to allow for better cleaning of the Mesa codebase. Among the drivers that could be impacted are the ATI/AMD R300 and R600 drivers and many smaller drivers...

Linux 7.0 Release, Age Verification Laws, Ryzen 9 9950X3D2 & Other April Happenings
A lot happened in the Linux and open-source world during the month of April. Ubuntu 26.04 LTS and Fedora 44 shipped, a lot of news around age attestation/verification laws, the Linux 7.0 kernel was released, Linux 7.1 is bringing many exciting changes as well as removing of old hardware drivers, the Ryzen 9 9950X3D2 Dual Edition CPU was released, we began testing the Intel Arc Pro B70 "BMG-G31", and much more software and hardware content that made the month interesting. Last month on Phoronix were 303 original news articles and 16 Linux hardware reviews / multi-page featured benchmark articles...

CachyOS Linux Performance Leading Over Ubuntu 26.04 LTS, Fedora Workstation 44
It9s not too entirely surprising given the aggressive stance that the CachyOS Linux distribution has taken on out-of-the-box performance, but for those curious, it continues largely leading over the newly-released Ubuntu 26.04 LTS and Fedora Workstation 44 distributions for the leading performance on modern hardware.

Engadget"Engadget - Technology News & Expert Reviews"

Wholesome Direct returns June 6 with a slew of joyful games
Catch the stream the day after Summer Game Fest9s 2026 showcase.

One of iRobot's co-founders is now making weird little robot companions
They are like pets, but without all of that pesky love.

Mini Motorways is letting players vote for its next city map
The traffic management sim will include the new area later this year.

A study shows that cellphone bans didn't improve US students' test scores
However, students reported improvements in overall well-being in later years.

How to watch Xbox's Stranger Than Heaven showcase
Tune in Wednesday for a closer look with the game's developers and cast.

Instagram is testing optional 'AI creator' labels
The company is encouraging accounts that frequently post Gen AI content to use the feature, but isn9t requiring it.

Amazon opens up its logistics networks to any business
The first to sign up are P&G, 3M, Lands9 End and American Eagle.

Sony will soon settle a PlayStation Store class action lawsuit for $7.8 million
Those affected will see their PlayStation Network accounts automatically credited.

GameStop submits $56 billion offer to buy eBay
The Wall Street Journal reported that the offer could come as soon as this month.

Ask.com has shut down, marking the official farewell to the Internet's favorite butler
RIP to the original AI search bot.

Lego is releasing a Sega Genesis set complete with little controllers
It's not playable, but it's still pretty cool.

OpenAI introduces AI-generated pets for its Codex app
It's like Microsoft's Clippy, but useful.

Tesla starts selling Chinese-made Model 3s in Canada at the EV's lowest price ever
The cars made at the Giga Shanghai factory start at $39,490 CAD, or roughly $29,000 in USD for a Model 3 Premium Rear-Wheel Drive variant.

Meta acquires robotics AI startup as it makes the push into humanoid machines
The company has purchased Assured Robot Intelligence, whose staff is joining Meta9s Superintelligence Labs.

Undead co-op shooters, gorgeous hack-and-slash action and other new indie games worth checking out
Plus, more Ball x Pit is never a bad thing.

AI performances and screenplays won't be eligible for Oscars
Will that stop them from taking over?

Apple appears to have discontinued its cheapest Mac mini
The compact desktop Mac now starts at $799 and comes with 512GB of storage.

There's already a way to mount your smartphone to a Steam Controller
Just don9t expect it to work with many iOS or Android apps yet.

LG's 2026 Gram laptop lineup starts at $1,150
They're available today from LG's website.

It's Bandcamp Friday again
What are you buying today?

GNOME is good, actually
While Im normally a KDE user, I do keep close tabs on various other desktop environments, and install and set them up every now and then to see how theyre fairing, what improvements theyve made, and ultimately, if my preference for KDE is still warranted. This usually means setting up a nice OpenBSD installation for Xfce, Fedora for GNOME, and less often others for some of the more niche desktop environments. Since GNOME 50 was just released, guess whos time in the round is up? Since everybodys already made up their mind about their preferred desktop eons ago, with upsides and downsides debated far past their expiration date, Im not particularly interested in reviewing desktop environments or Linux distributions. However, after asking around on Fedi, it seemed there was quite a bit of interest in an article detailing how I set up GNOME, what changes I make to the defaults, which extensions I use, what tweaks I apply, and so on. Of course, everything described in this article is highly personal, and Im not arguing that this is the optimal way to tweak GNOME, that the extensions I use are the best ones, or that any visual modifications I make are better than whatever defaults GNOME uses. No, my goal with this article is twofold: one, to highlight that GNOME is a lot more configurable, extensible, and malleable than common wisdom on the internet would have you believe. Its not KDE or one of those cobbled-together tiling Wayland desktops, but its definitely not as rigid as you might think. And two, that GNOME is good, actually. Tools of the trade The first thing I do is install a few crucial tools that make it easier to modify and tweak GNOME. I really dislike lists in articles, but I will begrudgingly use one here: After installing all of these tools, the actual tweaking can commence. Visual tweaks I didnt use to like GNOMEs Adwaita visual style, but over the years, it started growing on me to the point where I dont actively dislike it anymore. With the arrival of libadwaita, it has also become effectively impossible to theme modern GNOME applications, so even if you do change to something else, many of your applications wont follow along. If consistency is something you care about, youll stick to Adwaita, but that leaves one problem unresolved: applications that still use GTK3. These applications will follow a much older version of Adwaita, making them stand out like eyesores among all the modern GTK4 stuff. Luckily, since GTK3 applications are still properly themable, this is easily fixed: just install the adw-gtk3 theme, either by hand, or through your distributions repositories. To enable it, first install the user themes extension through Extension Manager, and then enable the theme in GNOME Tweaks for Legacy Applications!. Any potential GTK3 applications you still use will now integrate nicely with modern libadwaita applications. The one part of GNOME I really do deeply dislike is its icon theme. I cant quite explain why I dislike this icon set so much, but it runs deep, so one of the very first things I do is replace the default GNOME icon set with my personal favourite, Qogir. This is a popular icon set, so its usually available in your distributions repositories, but I always install it from its GitHub page. Changing GNOMEs icon set is as simple as selecting it in GNOME Tweaks. You cant get much more personal taste than an icon set, and there are dozens of amazing sets to choose from in the Linux world. Changing them out and trying out new ones is stupidly easy, and its definitely worth looking at a few that might be more pleasing to you than GNOMEs (or KDEs) default. Lastly, I open Add Water and enable the amazing GNOME theme for LibreWolf. Add Water basically makes this as easy as flipping a switch, so theres no need to copy any files into your LibreWolf profile or whatever. The application also provides a few more small tweaks to fiddle with, like enabling standard tab widths so tabs dont grow and shrink as you close and open tabs, moving the bookmarks bar below the tab bar, and many more. Extensions Since the release of GNOME 3 in 2011, extensions have been the most capable way to modify GNOMEs look, behaviour, and feature set. As far as I can tell, while the extension framework is an official part of the GNOME Shell, the extensions themselves are all third-party and not part of a vanilla GNOME installation. By now, there are over 2800 listed extensions, but that number includes abandoned extensions so its hard to determine the actual number of currently-maintained ones. Whatever the actual number is, theres bound to be things in there youre going to want to use. Here are the extensions I have installed. Lets just start at the top and work our way down. I guess Im forced to do another list. There are countless more extensions to choose from, and youre definitely going to find things you never even thought could be useful. Miscellaneous tweaks Theres a few other things I modify. In GNOME Tweaks, I make it so that double-clicking a windows titlebar minimises it while right-clicking it lowers it; two features I picked up during my years as a BeOS user that I absolutely refuse to give up. I configure the dock from Dash to Dock so that it always remains on top and never hides itself, no matter the circumstances. In Settings, I disable virtual desktops entirely (I dont like virtual desktops), and I make sure tap-to-click is disabled (if Im on a laptop). GNOME is good, actually After making all of these changes, I feel quite comfortable using GNOME, at least on my laptop. Its a nice, coherent experience, and offers what is probably the most polished graphical user interface you can find on Linux, even if it isnt the most full-featured. The third-party application ecosystem, through modern

How fast is a macOS VM, and how small could it be?
To assess how small a macOS VM could be, I ran the same VM of macOS 26.4.1 on progressively smaller CPU core and memory allocations, using my virtualiser Viable. The VM’s display window was set to a standard 1600 x 1000, and I ran Safari through its paces and performed some lightweight everyday tasks, including Storage analysis in Settings. Starting with 4 virtual cores and 8 GB vRAM, where the VM ran perfectly briskly with around 5 GB of memory used, I stepped down to 3 cores and 6 GB, to discover that memory usage fell to 3.9 GB and everything worked well. With just 2 cores and 4 GB of memory only 3.1 GB of that was used, and the VM continued to handle those lightweight tasks normally. ↫ Howard Oakley This is good news for people interested in the MacBook Neo who may also want to run a macOS virtual machine on it.

Email is crazy
Email is like those creaking old Terminators from the ’70s which continue to function without complaining. Designed for a world that doesn’t exist anymore, it has optional encryption, no built-in auth, three⁺ retrofitted security layers bolted on top, an unstandardized filtering layer and many more quirks. Yet billions of emails arrive correctly every single day. Email is not elegant but nonetheless it is Lindy. In the new age of agentic AI, we can only expect it to metamorphose into another dimension. ↫ Saurabh Sam! Khawase The fact that email is as complicated as it is bad enough, but having it be so dominantly controlled by only a few large gatekeepers like Google and Microsoft surely isnt helping either. I feel like email is no longer really a technology individuals can actively partake in at every level; it feels much more like WhatsApp or iMessage or whatever in that we just get to send messages, and thats it. Running your own mail sever isnt only a complex endeavour, its also a continuous cat-and-mouse game with companies like Google and Microsoft to ensure you dont end up on some shitlist and your emails stop arriving. I settled on Fastmail as my email service, and it works quite well. Still, I would love to be able to just run my own email server, or have some of my far more capable friends run one for a small group of us, but its such a daunting and unpleasant effort few people seem to have the stomach and perseverance for it.

The day I logged 1 in every 2000 public IPv4: visualizing the AI scraper DDoS
What if you run a few online services for you and your friends, like a small git instance and a grocery list service, but you get absolutely hammered by AI! scrapers? I cannot impress upon you, reader, that this is not only an attack that is coordinated, it is an attack that is distributed. I run a small set of services, basically only for me and my friends. I am not a hyperscaler, I am not a tech company, I am not even a small platform. I have a git forge where I put the shit I make, and a couple other services where me and my friends backup our files or write our grocery lists. I am not fucking Meta and I cannot scale the fuck up just because OpenAI or Anthropic or Meta or whoever is training a model that weeks wants to suck all the content out of my VPS ONCE MORE until it’s dry. ↫ lux at VulpineCitrus So how much traffic did the author of this piece, lux, get from AI! scraping bots? Within a time period of 24 hours, they were hammered by 2040670 unique IP addresses, 98% of which were IPv4 addresses, which means that 1 out of every 2000 publicly available IPv4 addresses were involved in the scraping. Together, they performed over 5 million requests. And just to reiterate: they were scraping a few very small, friends-only services run by some random person. This is absolutely insane. If, at this point in time, with everything that we know about just how deeply unethical every single aspect of AI! is, youre still using and promoting it, what is wrong with you? If youre so addicted to your AI! girlfriends unending stream of useless, forgettable sycophantic slop, despite being aware of the damage youre doing to those around you, theres something seriously wrong with you, and you desperately need professional help. You dont need any of this. The world doesnt need any of this. Nobody likes the slop AI! regurgitates, and nobody likes you for enabling it. Get help.

Earliest 86-DOS and PC-DOS code released as open source
Microsoft is continuing its efforts to release early versions of DOS as open source, and today weve got a special one. We’re stoked today to showcase some newly available source code materials that provide an even earlier look into the development of PC-DOS 1.00, the first release of DOS for the IBM PC. A dedicated team of historians and preservationists led by Yufeng Gao and Rich Cini has worked to locate, scan, and transcribe the stack of DOS-era source listings from Tim Paterson, the author of DOS. The listings include sources to the 86-DOS 1.00 kernel, several development snapshots of the PC-DOS 1.00 kernel, and some well-known utilities such as CHKDSK. Not only were these assembler listings, but there were also listings of the assembler itself! This work offers rare insight into how MS-DOS/PC-DOS came to be, and how operating system development was done at the time, not as it was later reconstructed. ↫ Stacey Haffner and Scott Hanselman Its wild that the source code had to be transcribed from paper, including notes and changes. You can find more information about the process on Gao’s website and Cini’s website.

Apple gives up on Vision Pro, disbands Vision Pro team
When Apple unveiled the Vision Pro, almost three (!) years ago, I concluded: If there’s one company that can convince people to spend $3500 to strap an isolating dystopian glowing robot mask onto their faces it’s Apple, but I still have a hard time believing this is what people want. ↫ Thom Holwerda at OSNews (quoting myself is weird) MacRumors Juli Clover, today: Apple has all but given up on the Vision Pro after the M5 model failed to revitalize interest in the device, MacRumors has learned. Apple updated the Vision Pro with a faster M5 chip and a more comfortable band in October 2025, but there were no other hardware changes, and consumers still werent interested. Apple has apparently stopped work on the Vision Pro and the Vision Pro team has been redistributed to other teams within Apple. Some former Vision Pro team members are working on Siri, which is not a surprise as Vision Pro chief Mike Rockwell has been leading the Siri team since March 2025. ↫ Juli Clover at MacRumors VR what the Vision Pro is, whether Apples marketing likes to say it or not has proven to be good for exactly two things: games and porn. The Vision Pro has neither. It was destined to be a flop from the start, as nobody wants to strap an uncomfortable computer to their face that does less than all of the other computers they already have, and what it does do, it does worse. I do wonder if this makes the Vision Pro the most expensive flop in human history. Has any company ever spent more on a product that failed this spectacularly?

Apple wants to kill your Time Capsule, but they run NetBSD so they cant
It seems like Apple is finally going to remove support for AFP from macOS, twelve years after first moving from AFP to SMB for its default network file-sharing technology. This change shouldnt impact most people, as its highly unlikely youre using AFP for anything in 2026. Still, there is one small group of people to whom this change has an actual impact: owners of Apples Time Capsule devices. Time Capsules only support AFP and SMB1, and with SMB1 being removed from macOS ages ago, and now AFP being on the chopping block as well, macOS 27 would render your Time Capsule more or less unusable. Its important to note that the last Time Capsule sold by Apple, the fifth generation, was released in 2013, and the product line as a whole was discontinued in 2018. If you bought a Time Capsule in the twilight years of the lines availability, I think you have a genuine reason to be perturbed by Apple cutting you off from your product if you upgrade to macOS 27, but at least you have the option of keeping an older version of macOS around so you can keep interacting with your time Capsule. It still feels like a bit of a shitty move though, as those fifth generation models came with up to 3TB of storage, which can still serve as a solid NAS solution. Thank your lucky stars, then, that open source can, as usual, come to the rescue when proprietary software vendors do what they always do and screw over their customers. Did you know every generation of Time Capsule actually runs NetBSD, and that its trivially easy to add support for Samba 4 and SMB3 authentication to your Time Capsule, thereby extending its life expectancy considerably? TimeCapsuleSMB does exactly that. If the setup completes successfully, your Time Capsule will run its own Samba 4 server, advertise itself over Bonjour (show up automatically in the Network! folder on macOS), and accept authenticated SMB3 connections from macOS. You should then be able to open Finder, choose Connect to Server, and use a normal SMB URL instead of relying on Apple’s legacy stack. You should also be able to use the disk for Time Machine backups. ↫ TimeCapsuleSMB Its compatible with both NetBSD 4 and NetBSD 6-based Time Capsules, although youll need to run a single SMB activation command every time a NetBSD 4-based Time Capsule reboots. This will also disable any AFP and SMB1 support, but that is kind of moot since those are exactly the technologies that dont and wont work anymore once macOS 27 is released. The installation is also entirely reversible if, for whatever reason, you want to undo the addition of Samba 4. This whole saga is such an excellent example of why open source software protects users rights, by design.

Dillo 3.3.0 released
Dillo is an amazing web browser for those of us who want their web browsing experience to be calmer and less flashing. Dillo also happens to be a very UNIX-y browser, and their latest release, 3.3.0, underlines that. A new dilloc program is now available to control Dillo from the command line or from a script. It searches for Dillo by the PID in the DILLO_PID environment variable or for a unique Dillo process if not set. ↫ Dillo 3.3.0 release notes You can use this program to control your Dillo instance, with basic commands like reloading the current URL, opening a new URL, and so on, but also things like dumping the current pages contents. I have a feeling more commands and features will be added in future releases, but for now, even the current set of commands can be helpful for scripting purposes. Im sure some of you who live and die in the terminal are already thinking of all the possibilities here. You can now also add page actions to the right-click context menu, so you can do things like reload a page with a Chrome curl impersonator to avoid certain JavaScript walls. This, too, is of course extensible. Dillo 3.3.0 also brings experimental support for building the browser with FLTK 1.4, and implemented a fix specifically to make OAuth work properly.

Ubuntu is going to integrate AI!, but Canonical remains vague about the how and why
Ubuntu, being one of the more commercial Linux distributions, was always going to jump on the AI! bandwagon, and Jon Seager, Canonicals VP Engineering, published a blog post with more details. Throughout 2026 we’ll be working on enabling access to frontier AI for Ubuntu users in a way that is deliberate, secure, and aligned with our open source values. By focusing on the combination of education for our engineers, our existing knowledge of building resilient systems and our strengthening silicon partnerships, we will deliver efficient local inference, powerful accessibility features, and a context-aware OS that makes Ubuntu meaningfully more capable for the people who rely on it Ubuntu is not becoming an AI product, but it can become stronger with thoughtful AI integration. ↫ Jon Seager at Ubuntu Discourse The problem with this entire post is that, much like all other corporate communications about AI!, its all deceptively vague, open-ended, and weasely. Adjectives like focused!, principled!, thoughtful!, and tasteful! dont really mean anything, and leave everything open for basically every type of slop AI! feature under the sun. Their claims about open weights and open source models are also weakened by words like favour! and where possible!, again leaving the door wide open for basically any shady AI! companys models and features to find their way into your default Ubuntu installation. Theres also very little in terms of concrete plans and proposed features, leaving Ubuntu users in the dark about what, exactly, is going to be added to their operating system of choice during the remainder of the year. Theres mentions of improved text-to-speech/speech-to-text and text regurgitators, but thats about it. None of it feels particularly inspired or ground-breaking, and the veneer of open source, ethical model creation, and so on, is particularly thin this time around, even for Canonical. I dont really feel like I know a lot more about Canonicals AI! intentions for Ubuntu after reading this post than I did before, other than Ubuntu users might be able to generate text in their email client or whatever later this year. Is that really something anybody wants?

If 64bit Windows 11 contains a copy of 32bit explorer.exe, could you run it as its shell?
Raymond Chen published a blog post about how a crappy uninstaller on Windows caused a mysterious spike in the number of Explorer (Windows graphical shell) crashes. It turns out the buggy uninstaller caused repeated crashes in the 32bit version of Explorer on 64bit systems, and hold on a minute. The how many bits on the what now? The 32-bit version of Explorer exists for backward compatibility with 32-bit programs. This is not the copy of Explorer that is handling your taskbar or desktop or File Explorer windows. So if the 32-bit Explorer is running on a 64-bit system, it’s because some other program is using it to do some dirty work. ↫ Raymond Chen at The Old New Thing So I had no idea that 64bit Windows included a copy of the 32bit Explorer for backwards compatibility. It obviously makes sense, but I just never stopped to think about it. This made me wonder though if you could go nuts and do something really dumb: could you somehow trick 64bit Windows into running this 32bit copy of Explorer as its shell? Youd be running 32bit Explorer on 64bit Windows using the 32bit WoW64 binaries where you just pulled the 32bit Explorer binary from, which seems like a really nonsensical thing to do. Since theres no longer any 32bit builds of Windows 11, you also cant just copy over the 32bit Explorer from a 32bit Windows 11 build and achieve the same goal that way, so youd really have to go digging around in WoW64 to get 32bit versions. I guess the answer to this question depends on just how complete this copy of 32bit Explorer really is, and if Windows has any defenses or triggers in place to prevent someone from doing something this uselessly stupid. Of course, theres no practical reason to do any of this and it makes very little sense, but it might be a fun hacking project. Most likely the Windows experts among you are wondering what kind of utterly deranged new designer drug Im on, but I was always told that sometimes, the dumbest questions can lead to the most interesting answers, so here we are.

8087 emulation on 8086 systems
Not too long ago I had a need and an opportunity to re-acquaint myself with the mechanism used for software emulation of the 8087 FPU on 8086/8088 machines. ↫ Michal Necasek Look, when a Michal Necasek article starts out like this, you know youre in for a learnin ol time. The 8087 was a floating-point coprocessor for the 8086 and 8088 processors, since back in those early days, processors did not include an integrated floating-point unit. It wouldnt be until the release of the 486DX, in 1989, that Intel would integrate an FPU inside the processor itself, negating the need for a separate chip and socket. Interestingly enough, Intel also released a cut-down version of the 486 with the FPU removed, the 486SX, for which an optional external FPU did exist.

How hard is it to open a file?
Sebastian Wick has a great explanation of why opening files programmatically is a lot more complex and fraught with dangers than you might think it is. This issue was relevant for Wick as he is one of the lead developers of Flatpak, for which a number of security issues have recently been discovered, and it just so happens that many of these issues dealt with this very topic. The biggest security issue found was a complete sandbox escape, originating from the fact that flatpak run, the command-line tool to start a Flatpak application, accepted path strings, since flatpak run is assumed to be run by a trusted user. The problem lay in a D-Bus service sandboxed applications could use to create subsandboxes, and this service was built around, you guessed it, flatpak run. The issues in question, including this complete sandbox escape, have been addressed and fixed, but they highlight exactly the dangers that can come from opening files. This subsandboxing approach in Flatpak is built on assumptions from fifteen years ago, and times have changed since then. If youre a programmer who deals with opening files, you might want to take a look at your own code to see if similar issues exist.

AI as a fascist artifact
In that reading „AI“ is a machine for the creation of epistemic injustice and the replacement of truth with what a tech elite wants it to be in order to control the population. This is a Fascist project that not so subtly aligns with Fascism’s totalitarian will to power and control as well as its reliance in replacing reasoning and debate with belief in power and the leader. ↫ Jürgen Geute The purpose of a system is what it does, and what AI! does is stunt users own abilities and development and concentrate power and wealth even further in the hands of a very small privileged few a privileged few who consistently espouse fascist ideology and promote and implement fascist ideas. Jürgen Geute lays it out in much more detail backed by solid references and concrete examples, but the conclusion is clear. And uncomfortable to many, as such conclusions always are.

Ubuntu 26.04 LTS Resolute Raccoon released
Im not sure many OSNews readers still use Ubuntu as their operating system of choice, and from the release announcement of todays Ubuntu 26.04 its clear why thats the case. Resolute Raccoon builds on the resilience-focused improvements introduced in interim releases, with TPM-backed full-disk encryption, improved support for application permission prompting, Livepatch updates for Arm-based servers, and Rust-based utilities for enhanced memory safety. This release brings native support for industry-leading AI/ML toolkits like NVIDIA CUDA and AMD ROCm, making Ubuntu 26.04 LTS the ideal platform for AI development and production workloads. ↫ Canonical press release Its obvious where Canonicals focus lies with Ubuntu, and us desktop people who dont like AI! arent it. On top of all the AI! nonsense, this new version comes with all the latest versions of the various open source components that make up a Linux distribution, as well as a slew of Rust-based replacements for core CLI tools, like sudo-rs, uutils coreutils, and more. All the derivative release of Ubuntu, like Kubuntu, Xubuntu, and others, will also be updated over the coming days. If youre already running any of these, updating wont be a surprise to you.

Windows 9x Subsystem for Linux
You can find beauty in the oddest of places. WSL9x runs a modern Linux kernel (6.19 at time of writing) cooperatively inside the Windows 9x kernel, enabling users to take advantage of the full suite of capabilities of both operating systems at the same time, including paging, memory protection, and pre-emptive scheduling. Run all your favourite applications side by side no rebooting required! ↫ Hailey Somerville Yes, this is exactly what it sounds like. Hailey Somerville basically recreated the first version of WSL or coLinux, for the old people among us but instead of running on Windows NT, it runs on Windows 9x. A VxD driver loads a patched Linux kernel using DOS interrupts, and this Linux kernel calls Windows 9x kernel APIs instead of POSIX APIs. A small DOS client application then allows the Linux kernel to use MS-DOS prompts as TTYs. This is a great oversimplification, but it does get the general gist across. Anyway, the end result is that you can use a modern Linux kernel and Windows 9x at the same time, without virtualising or dual-booting. This might be one of the greatest hacks in recent times, and I find it oddly beautiful in its user-facing simplicity.

Oracle Solaris 11.4 SRU92 released
Despite years of apparent stagnation and reported mass layoffs, it seems the Solaris team at Oracle has found somewhat of a renewed stride recently. Both branches of Solaris the one for paying customers (SRU) and the free one for enthusiasts (CBE) are receiving regular updates again, and there seems to be a more concerted effort to let the outside world know, too. Weve got another update to the SRU branch this week which brings updates to a few important open source packages, like Django, Firefox, Thunderbird, Golang, and others, to address security issues. In addition, this update marks as a change in the release cadence for the commercial branch of Solaris. From here on out, there will be two Critical Patch Updates! per quarter to address security issues, followed by a Support Repository Update containing new features and larger changes.

EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.

Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.

Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.

However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.

Source: It's FOSS
European Union

Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight

Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.

In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.

On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.

Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.

The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.

Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.

You can download the latest kernel here.
Linus Torvalds kernel

AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.

This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.

Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.

Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.

Source: 9to5Linux
AerynOS

Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.

Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.

Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM

New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux

Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.

Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.

Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.

Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.

Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.

Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.

By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows

Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities

The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.

As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.

In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.

After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.

The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.

At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.

The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security

Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges

The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.

A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.

This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.

The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.

On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.

In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel

Linux Celebrates 32 Years with the Release of 6.6-rc2 Version

Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.

The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.

Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction

Want to interact with ChatGPT from your Linux desktop without using a web browser?

Bavarder, a new app, allows you to do just that.

Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.

With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.

During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.

At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.

As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!

Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI

LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite

Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.

Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.

LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.

You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.

All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.

In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.

Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.

The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice

Is AI Coming to Your Ubuntu Desktop?
According to the VP of Engineering at Canonical, AI could soon be added to the Ubuntu desktop distribution.

Framework Laptop 13 Pro Competes with the Best
Framework has released what might be considered the MacBook of Linux devices.

The Latest CachyOS Features Supercharged Kernel
The latest release of CachyOS brings with it an enhanced version of the latest Linux kernel.

Kernel 7.0 Is a Bit More Rusty
Linux kernel 7.0 has been released for general availability, with Rust finally getting its due.

France Says "Au Revoir" to Microsoft
In a move that should surprise no one, France announced plans to reduce its reliance on US technology, and Microsoft Windows is the first to get the boot.

CIQ Releases Compatibility Catalog for Rocky Linux
The company behind Rocky Linux is making an open catalog available to developers, hobbyists, and other contributors, so they can verify and publish compatibility with the CIQ lineup.

KDE Gets Some Resuscitation
KDE is bringing back two themes that vanished a few years ago, putting a bit more air under its wings.

Ubuntu 26.04 Beta Arrives with Some Surprises
Ubuntu 26.04 is almost here, but the beta version has been released, and it might surprise some people.

Ubuntu MATE Dev Leaving After 12 years
Martin Wimpress, the maintainer of Ubuntu MATE, is now searching for his successor. Are you the next in line?

Kali Linux Waxes Nostalgic with BackTrack Mode
For those who've used Kali Linux since its inception, the changes with the new release are sure to put a smile on your face.

Gnome 50 Smooths Out NVIDIA GPU Issues
Gamers rejoice, your favorite pastime just got better with Gnome 50 and NVIDIA GPUs.

System76 Retools Thelio Desktop
The new Thelio Mira has landed with improved performance, repairability, and front-facing ports alongside a high-quality tempered glass facade.

Some Linux Distros Skirt Age Verification Laws
After California introduced an age verification law recently, open source operating system developers have had to get creative with how they deal with it.

UN Creates Open Source Portal
In a quest to strengthen open source collaboration, the United Nations Office of Information and Communications Technology has created a new portal.

Latest Linux Kernel RC Contains Changes Galore
Linux kernel 7.0-rc3 includes more changes than have been made in a single release in recent history.

Nitrux 6.0 Now Ready to Rock Your World
The latest iteration of the Debian-based distribution includes all kinds of newness.

Linux Foundation Reports that Open Source Delivers Better ROI
In a report that may surprise no one in the Linux community, the Linux Foundation found that businesses are finding a 5X return on investment with open source software.

Keep Android Open
Google has announced that, soon, anyone looking to develop Android apps will have to first register centrally with Google.

Kernel 7.0 Now in Testing
Linus Torvalds has announced the first Release Candidate (RC) for the 7.x kernel is available for those who want to test it.

Introducing matrixOS, an Immutable Gentoo-Based Linux Distro
It was only a matter of time before a developer decided one of the most challenging Linux distributions needed to be immutable.