All the News that Matters

• Fedora 42 Nextcloud 33.0.1 Key Denial of Service Advisory 2026-ca43aa006f
  33.0.1 release

• Arch Linux 2024 Kindle Significant Client-Side Vulnerability 2026-5bac4d9f3
  Update to 9.6.0. Fixes rhbz#2452087

• Ubuntu OS 22 LTS Kernel-Security Flaw Fix RLSB-2025-7925 CVE-2025-38253
  Moderate: kernel-rt security update

• Rocky Linux 8 RLSA-2026-7415 Python3.10 Vulnerability Execution Risk Alert
  Important: python3.12 security update

• Ubuntu Server 20.04 Database Severe Vulnerability RLSB-2023-3022
  Moderate: 389-ds:1.4 security update

• Essential Security Patch RLSB-2026-5420 for Ubuntu Server 20 with Nginx
  Moderate: nginx:1.24 security update

• JetStream 3 Debuts as a Major Browser Benchmark Update
  JetStream 3 represents a significant BrowserBench update, supported by Apple, Google, Mozilla, and other browser engine contributors.

• Wine Staging 11.6 Ships Big Patch Series For Working On DirectComposition
  Following Friday's release of Wine 11.6 with reviving the Android driver and improving game mod support as part of DLL loader updates, Wine-Staging 11.6 is out today with extra patches atop...

• Data-Driven Career Intelligence for Linux Professionals
  After years offline, LinuxCareer.com returns with a new mission: turning real job postings into actionable career intelligence. Updated quarterly with current market data, the site breaks down which skills, certifications, and salary ranges employers are actually hiring for. All data is free, openly available, and published under a Creative Commons license. I hope you find it useful and welcome any feedback.

• PacHub Is a Sleek GTK4 Frontend for Arch’s Pacman and AUR
  PacHub gives Arch Linux users a sleek GTK4 app for browsing, installing, and managing packages from official repos and the AUR.

• Rust Coreutils 0.8 Brings Significant Performance Gains
  Rust Coreutils 0.8 was released today as the newest major release to this alternative to GNU Coreutils...

• Red Hat Launches RHEL Extended Life Cycle Premium With 14-Year Support
  Red Hat has launched RHEL Extended Life Cycle Premium, a stand-alone subscription that extends major-version support to 14 years.

• Patch to end i486 support hits Linux kernel merge queue
  After a year of patchwork, maintainers look ready to start retiring 486-class CPUsIt's taken nearly a full version number to get the pieces in order, but the long-awaited end of 486 chip support in the Linux kernel appears to be nigh with Linux 7.1's release later this year. …

• PeaZip 11.0 Released With Faster Archive Browsing
  PeaZip 11.0 improves archive browsing speed, updates 7z/p7zip to 26.00, adds batch archive testing, and refines the file manager.

• Meta Has A New Linux Optimization To Avoid Throttling TCP Throughput Unnecessarily
  Meta's great Linux engineering team have been working through some fresh performance optimizations recently from optimizing /proc/interrupts outputs to renewing their investment in jemalloc. A new Linux kernel patch this week provides another optimization to avoid a possible situation of throttling the TCP throughput unnecessarily on Linux systems...

• Beginners Guide for Vdir Command on Linux
  The vdir command is an equivalent to the “ls -l -b” command, printing the content in long list format and showing escape characters on the file or directory name, just like the dir command is equivalent to the “ls -C -b” command.

• China Flies World's First Megawatt-Class Hydrogen Turboprop Engine
  Longtime Slashdot reader walterbyrd shares a report from Fuel Cells Works: China says the AEP100, a megawatt-class hydrogen-fueled turboprop engine developed by the Aero Engine Corporation of China, has completed its maiden flight on a 7.5-ton unmanned cargo aircraft in Zhuzhou, Hunan. The 16-minute test covered 36km at 220km/h and 300 meters altitude, with the aircraft returning safely after completing its planned maneuvers. State media described it as the world's first test flight of a megawatt-class hydrogen-fueled turboprop engine. [...] The Aero Engine Corporation of China (AECC) says the result shows China now has a full technical chain for hydrogen aviation engines, from core parts to system integration, which is the kind of capability needed before any industrial rollout can begin. You can watch a video of the test flight here.
  
  
  Read more of this story at Slashdot.
  

• New Jersey Cannot Regulate Kalshi's Prediction Market, US Appeals Court Rules
  An anonymous reader quotes a report from Reuters: A federal appeals court ruled on Monday that New Jersey gaming regulators cannot prevent Kalshi from allowing people in the state to use its prediction market to place financial bets on the outcome of sporting events.A three-judge panel of the Philadelphia-based 3rd U.S. Circuit Court of Appeals ruled 2-1 (PDF) in finding that the U.S. Commodity Futures Trading Commission has exclusive jurisdiction over the sports-related event contracts that Kalshi allows people to trade on its platform. The ruling marked the first time a federal appeals court has ruled on what has become the central issue in an escalating battle over the ability of state gaming regulators to police the activity of prediction market operators. Kalshi and companies like it allow users to place trades and profit from predictions on events such as sports and elections. States argue that firms like Kalshi are operating without required state licenses, in violation of gaming laws, including bans on wagers by those under 21. Those states include New Jersey, which last year sent Kalshi a cease-and-desist letter stating that its listing of sports-related event contracts on its platform violated state gambling laws that prohibit betting on collegiate sports. Kalshi sued the state, arguing its event contracts qualify as "swaps," a type of derivative contract, that under the Commodity Exchange Act can only be regulated by the CFTC, which had granted the company a license to operate a designated contract market (DCM). A lower-court judge had sided with New York-based Kalshi and issued a preliminary injunction, prompting New Jersey to appeal. But a majority of the judges on the 3rd Circuit panel concluded the Commodity Exchange Act likely preempted state law. "Kalshi's sports-related event contracts are swaps traded on a CFTC-licensed DCM, so the CFTC has exclusive jurisdiction," U.S. Circuit Judge David Porter wrote. The ruling was in line with the position advanced in other litigation by the CFTC under President Donald Trump's administration. The regulator last week sued Arizona, Connecticut and Illinois to prevent them from pursuing what it called unlawful efforts to regulate prediction markets.
  
  
  Read more of this story at Slashdot.
  

• OpenAI Calls For Robot Taxes, Public Wealth Fund, and 4-Day Workweek To Tackle AI Disruption
  OpenAI is proposing (PDF) sweeping policy changes to help manage the societal disruption caused by advanced AI, including taxes on automated labor, a public wealth fund, and experiments with a four-day workweek. The company said the policy document offered a series of "initial ideas" to address the risk of "jobs and entire industries being disrupted" by the adoption of AI tools. Business Insider reports: Among the core policy suggestions is a public wealth fund, which would see lawmakers and AI companies work together to invest in long-term assets linked to the AI boom, with returns distributed directly to citizens. Another is that the government should encourage and incentivize employers to experiment with four-day workweeks with no loss in pay and offer "benefits bonuses" tied to productivity gains from new AI tools. The policy document also suggests lawmakers modernize the tax system and shift the tax base to corporate income and capital gains, rather than relying on labor income and payroll taxes that could be hit by a wave of AI-powered job losses. It also recommends taxes related to automated labor. OpenAI also called for the accelerated expansion of the US's electricity grid, which is already feeling the strain from a wave of data center construction and energy demand for training ever more powerful AI models.
  
  
  Read more of this story at Slashdot.
  

• Teardown of Unreleased LG Rollable Shows Why Rollable Phones Aren't a Thing
  A teardown video of LG's never-released Rollable phone helps explain why rollable phones never became a real product category: they were likely too expensive, fragile, and complicated to manufacture at scale. "The complexity of the internals would have made the Rollable extremely expensive to manufacture, and it would have demanded a high price tag," reports Ars Technica. "Durability is also a big concern. There's just a lot going on inside this phone, with multiple motors, springy arms, tracks, and a screen that has to loop around the back. [...] It seems unlikely the LG Rollable could have survived daily use for multiple years." From the report: The LG Rollable is just one of several rollable concept phones that appeared throughout the early 2020s. Flexible OLED screens had finally become affordable, leading to foldable phones like the Samsung Galaxy Z Fold. Although, "affordable" is relative here. Foldables were and still are very expensive devices. Based on what we can see of the complex inner workings of the LG Rollable, these devices may have commanded even higher prices. Noted YouTube phone destroyer JerryRigEverything managed to snag a working prototype LG Rollable. It may even be the unit LG demoed at CES 2021. The device looks like a regular phone at first glance, but a quick swipe activates the motor, which unfurls additional screen real estate from around the back. This makes the viewable area about 40 percent larger without the added thickness of a foldable. The device expands with the aid of two tiny motors, which are attached via straight teeth to an internal track. The screen assembly has zipper-like teeth that keep it locked into the frame as it moves. The motors make a surprising amount of noise when operating, so LG designed the phone to play a musical chime to hide the sound. While the motor does the heavy lifting, the phone also has a lattice of articulating spring-loaded arms inside that keep the OLED panel even as the frame slides side to side. The battery and motherboard sit in a tray that allows the back of the phone to expand as the OLED rolls into view. This is a prototype phone, featuring a chunky frame and visible screws. That helped Zack Nelson from JerryRigEverything successfully disassemble and reassemble the phone. So this little bit of mobile history was not destroyed, and the teardown gives us a good look at how LG was hoping to attract new customers before calling it quits.
  
  
  Read more of this story at Slashdot.
  

• AP Offers Buyouts As Part of Pivot Away From Newspaper Journalism
  The Associated Press is offering buyouts to U.S. journalists "as part of an acceleration away from the focus on newspaper journalism that sustained the company since the mid-1800s," the not-for-profit outlet reported today. AP says it is making the move from a position of strength, responding to shrinking newspaper revenue and growing demand from digital, broadcast, and tech clients. "The AP is not in trouble," said Julie Pace, executive editor and senior vice president of the AP. "We're making these changes from a position of strength but we're doing so now to recognize our changing customer base." From the report: The news organization is becoming more focused on visual journalism and developing new revenue sources, particularly through companies investing in artificial intelligence, to cope with the economic collapse of many legacy news outlets. Once the lion's share of AP's revenue, big newspaper companies now account for 10% of its income. "We're not a newspaper company and we haven't been for quite some time," [said Pace]. Despite changes -- the company has doubled the number of video journalists it employs in the United States since 2022 -- remnants of a staffing structure built largely to provide stories to newspapers and broadcasters in individual states have remained. That has its roots well back in American history; the AP was started in the mid-19th century by New York newspapers looking to share the costs of reporting outside their immediate territory. The number of AP journalists who will lose jobs is murky, in part intentionally. The AP does not say how many journalists it employs, though it has a large international presence as well as its U.S. staff. Pace said the AP's goal is to reduce its global staff by less than 5%. The Marketing and Media Alliance estimated the AP had 3,700 staffers, but it was not clear when that estimate was made. Since buyouts are being offered now to only U.S. journalists, it stands to reason that the cut among that workforce will be more than 5%. Whether there are layoffs depends on how many people take the offer, Pace said.
  
  
  Read more of this story at Slashdot.
  

• Artemis II Astronauts Break Apollo Record For Farthest Distance Humans Have Traveled From Earth
  Artemis II has broken the Apollo 13 record for the farthest distance humans have ever traveled from Earth. NASA reports: The Artemis II crew of NASA astronauts Reid Wiseman, Victor Glover, and Christina Koch, along with CSA (Canadian Space Agency) astronaut Jeremy Hansen have set the record for the farthest distance from Earth traveled by a human mission, surpassing the Apollo 13 record of 248,655 miles set in 1970. NASA Flight Director Brandon Lloyd, Capsule Communicator Amy Dill, and Command and Handling Data Officer Brandon Borter also marked a lighthearted milestone today by emailing the crew what is now assumed to be the longest person-to-person message ever sent in human history. After breaking the record for human spaceflight, crew also took a moment to provisionally name a couple of craters on the Moon, noting they were able to see them with their naked eye. Just northwest of Orientale basin highlighted above is a crater they would like to name Integrity after their spacecraft and this historic mission. Just northeast of Integrity, on the near and far side boundary, and sometimes visible from Earth, the crew suggested Carroll crater in honor of Reid Wiseman's late wife, Carroll Taylor Wiseman. After this mission is complete, the crater name proposals will be formally submitted to the International Astronomical Union, the organization that governs the naming of celestial bodies and their surface features. On April 1, NASA successfully launched humanity's first crewed trip around the Moon in more than 50 years. A couple of days into the mission, attention turned to a more mundane problem when reports said the astronauts had access to "two Microsoft Outlooks" and neither was working properly. By April 4, the crew had passed 100,000 miles from Earth as they continued deeper into space, and by April 6, they had entered the Moon's gravitational pull and caught their first views of the lunar far side.
  
  
  Read more of this story at Slashdot.
  

• Samsung's Messages App Is Shutting Down
  Samsung says it will discontinue its Samsung Messages app in July 2026 and is directing Galaxy users to switch to Google Messages instead. Android Central reports: [...] Samsung says users can switch to Google Messages as their default app to maintain a consistent Android messaging experience. The fine print also states that once the app is discontinued, "sending messages via Samsung Messages on your phone will no longer be possible, except for emergency service numbers or emergency contacts defined in your device." Samsung also notes that users will no longer be able to download the Messages app from the Galaxy Store once it is discontinued. Newer devices, including the Galaxy S26 series, already do not support installing Samsung Messages. It is, however, worth noting that users on Android 11 or older are not affected by this change and will still be able to use the Samsung Messages app on their devices. [...] Samsung also warns that on some devices released before 2022, switching apps may temporarily disrupt ongoing RCS conversations. However, chats should resume once both users move to Google Messages. The company also highlights some of the benefits of the switch, including improved security, RCS support, AI features, and better multi-device connectivity.
  
  
  Read more of this story at Slashdot.
  

• Germany Doxes 'UNKN,' Head of RU Ransomware Gangs REvil, GandCrab
  An anonymous reader quotes a report from KrebsOnSecurity: An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. Shchukin was named as UNKN (a.k.a. UNKNOWN) in an advisory published by the German Federal Criminal Police (the "Bundeskriminalamt" or BKA for short). The BKA said Shchukin and another Russian -- 43-year-old Anatoly Sergeevitsch Kravchuk -- extorted nearly $2 million euros across two dozen cyberattacks that caused more than 35 million euros in total economic damage. Germany's BKA said Shchukin acted as the head of one of the largest worldwide operating ransomware groups GandCrab and REvil, which pioneered the practice of double extortion -- charging victims once for a key needed to unlock hacked systems, and a separate payment in exchange for a promise not to publish stolen data. Shchukin's name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang's activities. The government said the digital wallet tied to Shchukin contained more than $317,000 in ill-gotten cryptocurrency. The BKA believes Shchukin resides in Krasnodar, Russia, where he is from. "Based on the investigations so far, it is assumed that the wanted person is abroad, presumably in Russia," the BKA advised. "Travel behavior cannot be ruled out."
  
  
  Read more of this story at Slashdot.
  

• More Americans Are Breaking Into the Upper Middle Class
  More Americans have moved into upper-middle-class incomes over the past several decades (source paywalled; alternative source), with new research suggesting that group has grown sharply while the lower and core middle class have shrunk. The Wall Street Journal reports: In 2024, about 31% of Americans were part of the upper middle class, up from about 10% in 1979, according to a report released this year by the right-leaning American Enterprise Institute. There is no single, standard definition of middle class, or upper middle class, and what counts as a hefty income in one city can feel paltry in another. The AEI report, by Stephen Rose and Scott Winship, classified a family of three earning $133,000 to $400,000 in 2024 dollars as upper middle class. Households earning more were categorized as rich. The analysis looked just at incomes, not assets such as stocks or real estate. [...] The gains span generations. Many baby boomers, born to parents who grew up in the Great Depression, are living well on their savings, aided by steady Social Security checks and decades of stock-portfolio gains that they can now tap. Millennials, who everyone worried would be permanently set back by the 2008-09 financial crisis, are earning solid incomes, buying homes and surpassing their parents. Many families are surprised to find that they have moved into this new economic tier, and see themselves as comfortable, not rich. They tend to have jobs that are white collar but not flashy -- think accountants, not tech founders. This doesn't mean that all Americans are climbing the ladder. Entrenched inflation and higher prices on major necessities have pushed many families closer to the financial edge, or locked them out of homeownership. Those costs weigh on high-earning families too, and for many are the reason they don't feel wealthy. The AEI report divided families into five different groups by income. Three groups were in the middle: lower middle class, core middle class and upper middle class. The authors found that more families now fall into the two highest-earning groups -- upper middle class and rich -- and fewer fall into the three lower-earning categories.
  
  
  Read more of this story at Slashdot.
  

• Peter Thiel Is Betting Big On Solar-Powered Cow Collars
  Halter, a New Zealand agtech startup now valued at $2 billion, has raised $220 million to expand its AI-powered cattle management system. "Halter is now valued at $2 billion following the Series E, which was led by Peter Thiel's Founders Fund with participation from Blackbird, DCVC, Bond, Bessemer, and several others," reports Inc. From the report: Halter plans to use the funding to expand its existing footprint in the U.S., Australia, and New Zealand, as well as to grow into new markets such as Ireland, the U.K., and parts of North and South America. The round is one of the biggest to-date in the industry, and comes amid growing adoption of the technology among U.S. ranchers. According to Halter, U.S. ranchers have erected some 60,000 miles of virtual fencing since the company's launch in 2024. Halter's technology works through a system of solar-powered collars and in-pasture towers that collect data -- some 6,000 data points per collar per minute -- from grazing cattle and feed it into a cloud-based platform and app for farmers. The collars are ergonomically designed to be comfortable for the cattle wearing them, and leverage AI to play audio cues or vibrate when it is time to move to a different grazing location or if they step outside of a predetermined zone. The collars can also deliver an electric pulse if an animal does not respond. Halter's app also creates a digital twin of a ranch, which essentially means a digital replica that leverages real-time data to accurately reflect conditions. Farmers can consult the app to check on their herd, or fence, and move cattle with just a few clicks. Halter also has a proprietary algorithm that it calls a "Cowgorithm" trained on seven billion hours of animal behavior. Altogether, this technology is meant to make ranchers' lives easier when herding cattle, help them save money on building physical fencing, and provide insights about pasture management to improve soil health and pasture productivity. Halter says some 2,000 farmers and ranchers currently use its tech worldwide.
  
  
  Read more of this story at Slashdot.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• Amazon's new USPS deal will see postal deliveries cut by 20 percent
  Earlier this year, Amazon threatened to cut US Postal Service deliveries by as much as two thirds. Now, the parties have reached tentative a deal that will see USPS deliveries reduced by 20 percent, implemented a new bidding process for last-mile deliveries. "Our goal was to increase our volumes with USPS, not reduce them — until USPS abruptly walked away at the eleventh hour in December," Amazon said at the time. 
  
  Amazon was reportedly considering expanding its own delivery network if the USPS deal fell through, though the company may have started those rumors itself to prod negotiations. The Postal Service decided to re-engage with Amazon after bids from several Amazon rivals fell short of its volume and revenue expectations, according to the WSJ's sources. The new agreement is still subject to approval by the federal Postal Regulatory Commission.
  This article originally appeared on Engadget at https://www.engadget.com/general/amazons-new-usps-deal-will-see-postal-deliveries-cut-by-20-percent-054608944.html?src=rss

• The League of Legends KeSPA cup will air globally on Disney+
  Disney has inked a deal with the Korea Esports Association that will bring several gaming tournaments to the its streaming platform. Disney+ will be the global live streaming home for Esports Champions Asia Jinju 2026, the 2026 League of Legends KeSPA CUP and some preliminary events ahead of the 20th Asian Games Aichi-Nagoya 2026. This agreement expands KeSPA9s arrangement with Disney, which only streamed its esports events to viewers in Asia last year. 
  
  Esports Champions Asia is the first event on the calendar, occurring April 24-26 with professional teams from across the continent squaring up in tournaments for games including Street Fighter 6, The King of Fighters XV, TEKKEN 8 and the eFootball series. Disney+ will also be an official streamer for the PUBG Mobile and Eternal Return competitions during that weekend. 
  
  It could be helpful for western esports fans to have a single location for watching the major events happening in Asia. However, many tournaments are currently free to watch on Twitch or YouTube, so now needing a Disney+ subscription to catch some of these international competitions might feel onerous. Esports might run the risk of turning into the fragmented set of rights deals that plagues traditional sports leagues, where a game could be on one of a half dozen different paid services each night. It9s also likely going to mean co-streamers take a hit to their viewership, since Disney seems unlikely to offer the same sort of broadcast access that has made the practice popular on Twitch.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/the-league-of-legends-kespa-cup-will-air-globally-on-disney-224455083.html?src=rss

• New Jersey has no right to ban Kalshi's prediction market, US appeals court rules
  Kalshi can't be stopped in New Jersey. A 3rd US Circuit Court of Appeals panel ruled on Monday that New Jersey has no authority to regulate Kalshi's prediction market allowing people to bet on the outcome of sports events. That power rests with the Commodity Futures Trading Commission, the panel ruled 2-1. 
  
  The CFTC is headed by President Donald Trump appointee Michael Selig, who vocally and actively supports prediction markets like Kalshi and Polymarket, calling them "exciting products." The Trump family agrees: Donald Trump Jr. is a paid adviser to Kalshi and an unpaid adviser to Polymarket, and Truth Social, which is run by the Trump Media and Technology Group, is set to start a prediction market of its own.
  
  Online prediction markets are an emerging phenomenon that allow users to bet on the outcome of basically anything, from local athletic competitions to lethal military invasions. Though they're new, these marketplaces have already shown evidence of insider trading on an extreme scale, with suspicious bets and big payouts tied to the US and Israel's military strikes in Iran, and also the US' brief invasion in Venezuela. According to blockchain analyst DeFi Oasis, fewer than 0.04 percent of Polymarket accounts captured more than 70 percent of profits, totaling $3.7 billion.
  
  Multiple state gaming regulators have filed legal challenges against Kalshi and Polymarket in recent months, and just last week the CFTC sued Arizona, Connecticut and Illinois over their attempts to regulate prediction markets. While each state has its own angle of attack, from election issues to underage betting, they're all broadly claiming that prediction markets are just illegal gambling businesses. Today's ruling marks the first federal-level decision in one of these cases and it's in favor of the prediction markets.
  
  New Jersey sent Kalshi a cease and desist letter in 2025, claiming the service violated the state's ban on collegiate sports betting. Kalshi escalated the situation and sued New Jersey, arguing that its sports contracts are actually swaps, a type of financial investment that's (conveniently) regulated by the CFTC. A lower-court judge previously sided with Kalshi, prompting New Jersey to appeal. Two of the three judges in that appeal ruled that Kalshi's sports-related event contracts were indeed swaps. Kalshi CEO Tarek Mansour called Monday's ruling "a big win for the industry."
  
  US Circuit Judge Jane Richards Roth dissented, writing that Kalshi's "offerings were virtually indistinguishable from the ​betting products available on online sportsbooks, such as DraftKings and FanDuel."
  
  New Jersey Attorney General Jennifer Davenport has the option to ask the full 3rd Circuit to rehear the case, and the issue is also pending in several other courts.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/new-jersey-has-no-right-to-ban-kalshis-prediction-market-us-appeals-court-rules-214448284.html?src=rss

• Apple will again appeal to the Supreme Court in battle with Epic Games
  The legal battle between Epic Games and Apple is escalating once again. For a second time, the warring factions are going straight to the top of the judicial system. Apple is asking for the Supreme Court to review when and how it can charge commissions on mobile purchases made via third-party payment systems. The business has requested a motion to stay on a lower court ruling regarding the fees Apple charges to software developers using those external financial systems rather than the App Store. 
  
  The last time Apple petitioned for an appeal at the top of the judicial branch, it was about a lower court requiring it to allow developers to use third-party payment options. The Supreme Court declined to hear that case. It9s possible that the tech company will once again be denied, although this effort regards specifically limits on commission rates rather than the basic premise of allowing in-app payments to be processed outside the App Store. 
  
  Epic Games has been pushing both Apple and Google on the subject of their app store commission fees for years. Recently, the gaming company did appear to reach an accord with Google that saw the company9s popular game Fortnite globally return to the Google Play Store in March. That ruling reportedly requires Epic9s notoriously opinionated CEO to keep quiet on the subject of Google9s app store fees until 2032. Epic Games recently made substantial job cuts, laying off more than 1,000 workers last month.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/apple-will-again-appeal-to-the-supreme-court-in-battle-with-epic-games-193551758.html?src=rss

• Three YouTubers accuse Apple of illegal scraping to train its AI models
  Three YouTube channels have banded together and filed a class action lawsuit against Apple, as first spotted by lawsuit, the creators behind h3h3 Productions, MrShortGameGolf and Golfholics have accused Apple of violating the Digital Millennium Copyright Act by scraping copyrighted videos on YouTube to train its AI models.
  
  While the YouTubers' videos are available to watch on the platform, the lawsuit alleged that Apple illegally circumvented the "controlled streaming architecture" that regular users are limited to. The creators claimed that Apple's video scraping was used to train its generative AI products, adding that the tech giant's "massive financial success would not have been possible without the video content created" by the YouTubers. MacRumors noted that these YouTube channels have also filed similar lawsuits against other tech companies, including Meta, Nvidia, ByteDance and Snap.
  
  It's not the first time a company's alleged AI training methods have gotten them in legal trouble. OpenAI and Microsoft were both accused of using copyrighted articles from the NYTimes to train its AI chatbots. Similarly, Perplexity was recently sued by Reddit and Encyclopedia Britannica for alleged copyright and trademark infringements. Last year, Apple was also named in a separate class action lawsuit from two neuroscience professors who claimed their copyrighted works were used without permission. We reached out to Apple for comment and will update the story when we hear back.
  This article originally appeared on Engadget at https://www.engadget.com/ai/three-youtubers-accuse-apple-of-illegal-scraping-to-train-its-ai-models-181028745.html?src=rss

• NASA's Artemis II crew just flew farther away from Earth than anyone ever has before
  NASA9s Artemis II crew just set a new distance record in miles traveled away from Earth. The team of four astronauts are in the process of circling the Moon, reaching 5,000 miles beyond the natural satellite. That brings the total distance traveled away from our home to over 250,000 miles. Gene Roddenberry would be proud.
  
  This broke the previous 1970 record set by Apollo 139s crew by around 4,000 miles. The four astronauts – Reid Wiseman, Victor Glover and Christina Koch of NASA and Jeremy Hansen of the Canadian Space Agency – are the first humans to cross the lunar threshold since 19729s Apollo 17 mission.
  
  "We challenge this generation and the next to make sure this record is not long-lived," Commander Reid Wiseman said upon crossing the distance threshold. He also suggested that NASA name a lunar crater after the craft itself. 
  
  The astronauts aren9t landing on the lunar surface, but are conducting a lengthy flyby that should provide clear images of the Moon9s far side "that have never been seen" by humans. These areas were too difficult to clearly see by the various Apollo crew members. They9ll also get a peek at a solar eclipse, though the crew will be out of contact with mission control for around 40 minutes.
  
  "We’ll get eyes on the moon, kind of map it out and then continue to go back in force," NASA flight director, Judd Frieling, said. Astronaut Christina Koch has called today9s record an important milestone "that people can understand and wrap their heads around."
  
  As for that mapping, the crew "has a series of different cameras, and they9re going to get data from that." This is according to NASA administrator Jared Isaacman who also said the astronauts have been training for this moment for almost four years. This mapping data will be used to plan future crewed missions to the lunar surface.
  
  The Orion capsule is now on its crawl back to Earth. It9ll drop down in around four days. NASA is planning for a splashdown in the Pacific Ocean near San Diego on April 10, which is nine days after the launch.
  
  Astronaut Victor Glover delivered an Easter message over the weekend in which he called Earth an "oasis" and said that humanity is "special in all of this emptiness." This is a marked contrast from the Easter message delivered by President Trump.
  This article originally appeared on Engadget at https://www.engadget.com/science/space/nasas-artemis-ii-crew-just-flew-farther-away-from-earth-than-anyone-ever-has-before-180259867.html?src=rss

• You can now search through app reviews on the Google Play Store
  Finding the right app on the Google Play Store just got a lot easier. Google is rolling out a new search function for an app's reviews when navigating its Play Store, as first spotted by App Store that can only sort an app's reviews. Google has also been cracking down on bad apps that violate its policies in recent years, but giving users the ability to search through reviews could offer another layer of scrutiny for any apps that slip through the cracks.
  This article originally appeared on Engadget at https://www.engadget.com/apps/you-can-now-search-through-app-reviews-on-the-google-play-store-170459063.html?src=rss

• Netflix just released a standalone gaming app for kids
  Netflix just released a free app called Playground for smartphones and tablets. This is a gaming app for kids, aged eight and under. It9s available to all Netflix members on any tier, and the company promises it doesn9t have ads or in-app purchases.
  
  It also works without a mobile or Wi-Fi connection. Netflix says this makes it the "perfect companion for long airplane rides or grocery trips." Kids do love their screens.
  
  The company promises an "ever-growing library of games" for children. The platform launches with titles based on some massively popular franchises. There9s something called Playtime with Peppa Pig, which is a collection of minigames starring the titular Peppa and friends.
  
  There9s also a game set on Sesame Street, in which kids get to "hang out with Elmo, Big Bird, Cookie Monster, Oscar and more beloved puppet pals." This is another minigame collection, with a memory card game, a connect-the-dots game and more.
  
  The catalog also includes a couple of games based on Dr. Seuss properties and a racing title based on the show Bad Dinosaurs. There are other things on the platform, like a sticker book collection and jigsaw puzzles. Again, every title here is intended for young children.
  
  Netflix Playground is available now in the US and many other parts of the world. It launches globally on April 28. The regular Netflix app still offers access to traditional video games, though the streamer9s interactive division has been struggling lately. It closed its AAA gaming studio back in 2024 and has since removed many titles from the platform.
  This article originally appeared on Engadget at https://www.engadget.com/apps/netflix-just-released-a-standalone-gaming-app-for-kids-170030884.html?src=rss

• How to watch the historic Artemis II lunar flyby
  NASA's Artemis II mission is about to make history. After a successful April 1 launch, and a trip of 39,000 miles through space, astronauts Reid Wiseman, Christina Koch, Victor Glover and Jeremy Hansen are about to travel farther from Earth than any human beings have before, and you can watch the entire thing unfold online. NASA will stream the entire flyby on YouTube and its own NASA+ website, with coverage beginning at 1PM ET.  You can also watch NASA+ through Netflix.
  
  It's going to take some time for things to get underway, so if you're working or have plans this evening but don't want to miss seeing history being made, your best bet is to try and catch a handful of key moments. At approximately 1:56PM ET, Artemis II will fly farther than any crewed mission has before, breaking the previous record set by Apollo 13 in 1970. Then, the Orion spacecraft will begin its flyby of the Moon at 2:45PM ET, with the craft expected to make its closest approach to the lunar surface at approximately 7:02PM ET. A few short minutes later, the spacecraft will reach its maximum distance from Earth at about 7:07PM ET. 
  
  A little more than an hour later at 8:35PM, the Artemis II crew will get a chance to see a total solar eclipse from the far side of the Moon. This is something that won't be visible from Earth. So if you can only catch one part of the broadcast, this is the one to watch.
  This article originally appeared on Engadget at https://www.engadget.com/science/space/how-to-watch-the-historic-artemis-ii-lunar-flyby-155114417.html?src=rss

• Mercedes-Benz recalls some G-Wagon EVs due to risk of wheels falling off
  Before you take your electric G-Wagon for its next off-roading excursion, you may want to stop by an authorized dealer. The German automaker issued a recall for every Mercedes-Benz G580 with EQ technology with the 2025 model year, as first spotted by website, the current wheel bolts could "allow a wheel to loosen or detach from the vehicle," potentially affecting 3,734 models on the road.
  
  The recall report explained that the electric G580's wheel bolts were "not adapted to the increased vehicle mass and higher torque loads associated with the electric variant." According to the NHTSA report, Mercedes-Benz used the same wheel assembly and bolts as its other G-Class vehicles for the electric model, but conducted an analysis from September 2024 to January 2025 that confirmed these wheel bolts could loosen from repeated rough driving and wheel changes, specifically with the 2025 Mercedes-Benz G580 with EQ technology models. In the end, Mercedes-Benz concluded in the report that it couldn't rule out the risk, even though the wheel bolt loosening was "unlikely to occur under real-world operating scenarios."
  
  To get it fixed, owners have to bring their affected G580s to a Mercedes-Benz authorized dealer, who will replace the bolts for free. Owners of the electric G580s, whose 2025 model year started at around $160,000, will get mail notices starting in late May. Besides this luxury SUV model, Mercedes-Benz had to issue another recall for another EV in 2021. The automaker recalled a couple hundred EQS EV and S-Class sedans that allowed for video playback on the dashboard even while the car was moving.
  This article originally appeared on Engadget at https://www.engadget.com/transportation/evs/mercedes-benz-recalls-some-g-wagon-evs-due-to-risk-of-wheels-falling-off-150939361.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice