All the News that Matters

• Debian Trixie: FFmpeg Critical Denial of Service and Code Exec DSA-6073-1
  Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (trixie), this problem has been fixed in version 7:7.1.3-0+deb13u1.

• Debian: libpng Critical DoS Update DLA-4396-1 CVE-2025-64505
  Multiple vulnerabilties have been found in libpng, the official PNG reference library, allowing information disclosure via out-of-bounds read, denial of service via application crash, or heap corruption with potential for arbitrary code execution.

• Fedora 42: tinygltf Update 2.9.7 Advisory FEDORA-2025-ac8ed4a110
  Update to 2.9.7

• Fedora 43: webkitgtk Critical Update for CVE-2025-13947, 43458, 66287
  Fix seeking and looping of media elements that set the loop property. Fix several crashes and rendering issues. Fix CVE-2025-13947, CVE-2025-43458, CVE-2025-66287

• Fedora 43: TinyGLTF 2.9.7 Security Advisory FEDORA-2025-47bff6f74d
  Update to 2.9.7

• Debian 11: Krita Major Heap Overflow Issue DLA-4395-1 CVE-2025-59820
  Loading a manipulated TGA file in krita, an image manipulation program, could result in a heap-based buffer overflow in KisTgaImport.

• Using AI To Modernize The Ubuntu Error Tracker Produced Some Code That Was "Plain Wrong"
  A week ago I wrote about AI being used to help modernize Ubuntu's Error Tracker. Microsoft GitHub Copilot was tasked to help adapt its Cassandra database usage to modern standards. It's worked in some areas but even for a rather straight forward task, some of the generated functions ended up being "plain wrong" according to the developer involved...

• PSoC Edge E84-Based Handheld Runs RT-Thread for Local Machine Learning
  RT-Thread has launched a Crowd Supply campaign for the Edgi-Talk, a handheld reference platform built for hardware-accelerated machine learning. Based on Infineon’s PSoC Edge E84 architecture, it targets smart home, wearable, and industrial interfaces that rely on local inference and responsive voice interaction. The core of the system is the Infineon PSoC Edge E84, which […]

• Linux 6.19 Adds New Console Font To Better Handle Modern Laptops With HiDPI Displays
  Sent in for the Linux 6.19 merge window when it comes to the frame-buffer device "FBDEV" subsystem are just a set of "fixes" for FBDEV drivers and code clean-ups. But it does also include a new console font option for better supporting modern laptops with high density displays...

• Navidrome 0.59 Music Server & Streamer Introduces Scrobble History
  Navidrome 0.59, a self-hosted music server and streamer, adds native scrobble history, smarter library scanning, and major UI updates.

• Flowblade Video Editor May Go Wayland-Only As Part Of GTK4 Port
  Flowblade 2.24 released today as the newest version of this open-source, non-linear video editing application. Flowblade 2.24 brings a number of refinements while also interesting is their commentary concerning the future with Wayland and GTK4 porting...

• Palm-sized Mini PC NAS offers four M.2 bays and dual 2.5GbE ports
  Youyeetoo has introduced the NestDisk, a compact mini-PC NAS built around Intel’s Alder Lake-N architecture. The system integrates four M.2 NVMe slots in a chassis similar to an external drive enclosure, targeting home lab, soft routing, and media server deployments. The device is powered by the Intel Processor N150, a quad-core CPU within the Alder […]

• Linux Distros Designed for Former Windows Users Are Picking Up Steam
  For years, Windows users frustrated with constant changes, aggressive updates, and growing system bloat have flirted with switching to Linux. But 2025 marks a noticeable shift: a new generation of Linux distributions built specifically for ex-Windows users is gaining real traction. One of the standout examples is Bazzite, a gaming-optimized Fedora-based distro that has quickly become a go-to choice for people abandoning Windows in favor of a cleaner, more customizable experience.

• AMD Starts Enabling Zen 6 "znver6" Compiler Support In GCC
  Making for a bit more exciting weekend is that minutes ago AMD has posted their first patch for enabling Zen 6 processor support within the GNU Compiler Collection (GCC) for -march=znver6 targeting...

• Fastfetch 2.56 Arrives With Improved Config Loading and NUMA Detection
  Fastfetch 2.56, the system information tool, enhances config loading, adds NUMA node detection, and broadens hardware and OS support.

• FEX 2512 Released With More Improvements For Gaming On ARM64 Linux
  FEX 2512 is out toda as the newest monthly update for this software that enables running x86/x86_64 Linux binaries on ARM64 Linux, including the likes of Wine and Valve's Steam Play (Proton) for being able to run Windows games on 64-bit ARM Linux devices...

• Was the Airbus A320 Recall Caused By Cosmic Rays?
  What triggered that Airbus emergency software recall? The BBC reports that Airbus's initial investigation into an aircraft's sudden drop in altitude linked it "to a malfunction in one of the aircraft's computers that controls moving parts on the aircraft's wings and tail." But that malfunction "seems to have been triggered by cosmic radiation bombarding the Earth on the day of the flight..." The BBC believes radiation from space "could become a growing problem as ever more microchips run our lives."What Airbus says occurred on that JetBlue flight from Cancun to New Jersey was a phenomenon called a single-event upset, or bit flip. As the BBC has previously reported, these computer errors occur when high-speed subatomic particles from outer space, such as protons, smash into atoms in our planet's atmosphere. This can cause a cascade of particles to rain down through our atmosphere, like throwing marbles across a table. In rare cases, those fast-moving neutrons can strike computer electronics and disrupt tiny bits of data stored in the computer's memory, switching that bit — often represented as a 0 or 1 — from one state to another."That can cause your electronics to behave in ways you weren't expecting," says Matthew Owens, professor of space physics at the University of Reading in the UK. Satellites are particularly affected by this phenomenon, he says. "For space hardware we see this quite frequently." This is because the neutron flux — a measure of neutron radiation — rises the higher up in the atmosphere you go, increasing the chance of a strike hitting sensitive parts of the computer equipment on board. Aircraft are more vulnerable to this problem than computer equipment on the ground, although bit flips do occur at ground level, too. The increasing reliance of computers in fly-by-wire systems in aircraft, which use electronics rather than mechanical systems to control the plane in the air, also mean the risk posed by bit flips when they do occur is higher... Airbus told the BBC that it tested multiple scenarios when attempting to determine what happened to the 30 October 2025 JetBlue flight. In this case also, the company ruled out various possibilities except that of a bit flip. It is hard to attribute the incident to this for sure, however, because careering neutrons leave no trace of their activity behind, says Owens... [Airbus's software update] works by inducing "rapid refreshing of the corrupted parameter so it has no time to have effect on the flight controls", Airbus says. This is, in essence, a way of continually sanitising computer data on these aircraft to try and ensure that any errors don't end up actually impacting a flight... As computer chips have become smaller, they have also become more vulnerable to bit flips because the energy required to corrupt tiny packets of data has got lower over time. Plus, more and more microchips are being loaded into products and vehicles, potentially increasing the chance that a bit flip could cause havoc. If nothing else, the JetBlue incident will focus minds across many industries on the risk posed to our modern, microchip-dependent lives from cosmic radiation that originates far beyond our planet. Airbus said their analysis revealed "intense solar radiation" could corrupt data "critical to the functioning of flight control." But that explanation "has left some space weather scientists scratching their heads," adds the BBC. Space.com explains:Solar radiation levels on Oct. 30 were unremarkable and nowhere near levels that could affect aircraft electronics, Clive Dyer, a space weather and radiation expert at University of Surrey in the U.K., told Space.com. Instead, Dyer, who has studied effects of solar radiation on aircraft electronics for decades, thinks the onboard computer of the affected jet could have been struck by a cosmic ray, a stream of high-energy particles from a distant star explosion that may have travelled millions of years before reaching Earth. "[Cosmic rays] can interact with modern microelectronics and change the state of a circuit," Dyer said. "They can cause a simple bit flip, like a 0 to 1 or 1 to 0. They can mess up information and make things go wrong. But they can cause hardware failures too, when they induce a current in an electronic device and burn it out."
  
  
  Read more of this story at Slashdot.
  

• All of Russia's Porsches Were Bricked By a Mysterious Satellite Outage
  An anonymous reader shared this report from Autoblog:Imagine walking out to your car, pressing the start button, and getting absolutely nothing. No crank, no lights on the dash, nothing. That's exactly what happened to hundreds of Porsche owners in Russia last week. The issue is with the Vehicle Tracking System, a satellite-based security system that's supposed to protect against theft. Instead, it turned these Porsches into driveway ornaments. The issue was first reported at the end of November, with owners reporting identical symptoms of their cars refusing to start or shutting down soon after ignition. Russia's largest dealership group, Rolf, confirmed that the problem stems from a complete loss of satellite connectivity to the VTS. When it loses its connection, it interprets the outage as a potential theft attempt and automatically activates the engine immobilizer. The issue affects all models and engine types, meaning any Porsche equipped with the system could potentially disable itself without warning. The malfunction impacts Porsche models dating back to 2013 that have the factory VTS installed... When the VTS connection drops, the anti-theft protocol kicks in, cutting fuel delivery and locking down the engine completely.
  
  
  Read more of this story at Slashdot.
  

• Can This Simple Invention Convert Waste Heat Into Electricity?
  Nuclear engineer Lonnie Johnson worked on NASA's Galileo mission, has more than 140 patents, and invented the Super Soaker water gun.But now he's working on "a potential key to unlock a huge power source that's rarely utilized today," reports the Atlanta Journal-Constitution. [Alternate URL here.] Waste heat...The Johnson Thermo-Electrochemical Converter, or JTEC, has few moving parts, no combustion and no exhaust. All the work to generate electricity is done by hydrogen, the most abundant element in the universe. Inside the device, pressurized hydrogen gas is separated by a thin, filmlike membrane, with low pressure gas on one side and high pressure gas on the other. The difference in pressure in this "stack" is what drives the hydrogen to compress and expand, creating electricity as it circulates. And unlike a fuel cell, it does not need to be refueled with more hydrogen. All that's needed to keep the process going and electricity flowing is a heat source. As it turns out, there are enormous amounts of energy vented or otherwise lost from industrial facilities like power plants, factories, breweries and more.Between 20% and 50% of all energy used for industrial processes is dumped into the atmosphere and lost as waste heat, according to the U.S. Department of Energy. The JTEC works with high temperatures, but the device's ability to generate electricity efficiently from low-grade heat sources is what company executives are most excited about.Inside JTEC's headquarters, engineers show off a demonstration unit that can power lights and a sound system with water that's roughly 200 degrees Fahrenheit — below the boiling point and barely warm enough to brew a cup of tea, said Julian Bell, JTEC's vice president of engineering. Comas Haynes, a research engineer at the Georgia Tech Research Institute specializing in thermal and hydrogen system designs, agrees the company could "hit a sweet spot" if it can capitalize on lower temperature heat... For Johnson, the potential application he's most excited about lies beneath our feet.Geothermal energy exists naturally in rocks and water beneath the Earth's surface at various depths. Tapping into that resource through abandoned oil and gas wells — a well-known access point for underground heat — offers another opportunity."You don't need batteries and you can draw power when you need it from just about anywhere," Johnson said. Right now, the company is building its first commercial JTEC unit, which is set to be deployed early next year. Mike McQuary, JTEC's CEO and the former president of the pioneering internet service provider MindSpring, said he couldn't reveal the customer, but said it's a "major Southeast utility company." "Crossing that bridge where you have commercial customers that believe in it and will pay for it is important," McQuary said... On top of some initial seed money, the company brought in $30 million in a Series A funding in 2022 — money that allowed the company to move to its Lee + White headquarters and hire more than 30 engineers. McQuary said it expects to begin another round of fundraising soon. "Johnson, meanwhile, hasn't stopped working on new inventions," the article points out. "He continues to refine the design for his solid-state battery..."
  
  
  Read more of this story at Slashdot.
  

• Why Meetings Can Harm Employee Well-Being
  Phys.org republishes this article from The Conversation:On average, managers spend 23 hours a week in meetings. Much of what happens in them is considered to be of low value, or even entirely counterproductive. The paradox is that bad meetings generate even more meetings... in an attempt to repair the damage caused by previous ones... A 2015 handbook laid the groundwork for the nascent field of "Meeting Science". Among other things, the research revealed that the real issue may not be the number of meetings, but rather how they are designed, the lack of clarity about their purpose, and the inequalities they (often unconsciously) reinforce... Faced with what we call meeting madness, the solution is not to eliminate meetings altogether, but to design them better. It begins with a simple but often forgotten question: why are we meeting...? The goal should not be to have fewer meetings, but better ones. Meetings that respect everyone's time and energy. Meetings that give a voice to all. Meetings that build connection. Slashdot reader ShimoNoSeki shares an obligatory XKCD comic...
  
  
  Read more of this story at Slashdot.
  

• EU Urged to Soften 2035 Ban on Internal Combustion Engine Cars
  Friday six European Union countries "asked the European Commission to water down an effective ban on the sale of internal combustion engine cars slated for 2035," reports ReutersThe countries have asked the EU Commission to allow the sale of hybrid cars or vehicles powered by other, existing or future, technologies "that could contribute to the goal of reducing emissions" beyond 2035, a joint letter seen by Reuters showed on Friday. The letter was signed by the prime ministers of Bulgaria, the Czech Republic, Hungary, Italy, Poland and Slovakia. They also asked for low-carbon and renewable fuels to be included in the plan to reduce the carbon emissions from transportation... Since they adopted a regulation that all new vehicles from 2035 should have zero emissions in March 2023, EU countries are now having second thoughts. Back then, the outlook for battery electric vehicles was positive, but carmakers' efforts have later collided with the reality of lower-than-expected demand and fierce competition from China. Car and Drive reports that Chancellor Friedrich Merz of Germany also "wants to allow exceptions for plug-in hybrids, extended-range EVs, and 'highly efficient' combustion vehicles beyond the current 2035 deadline." They cite a report in Automotive News.The European Commission hasn't made any official changes yet, but mounting pressure suggests that a revised plan could be coming soon.... Apostolos Tzitzikostas, the European Commissioner for Sustainable Transport and Tourism, was cited by the German paper Handelsblatt as saying that the EU "will take all technological advances into account when reassessing fleet emission limits, including combustion engines running on e-fuels and biofuels." And these renewable products will apparently be key pieces of the puzzle. BMW uses a vegetable-oil-derived fuel called HVO 100 in its diesel products throughout Europe. The plant-oil-based fuel reportedly reduces tailpipe emissions by 90 percent compared with traditional diesel. For its part, Porsche has been working on producing synthetic fuel at a plant in Chile since 2022. The European Commission is set to meet on December 10. At that time, the body is expected to assemble a package of proposals to help out the struggling European automotive industry, though the actual announcement may be pushed to a later date. Thanks to long-time Slashdot reader sinij for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• College Students Flock To A New Major: AI
  AI is the second-largest major at M.I.T. after computer science, reports the New York Times. (Alternate URL here and here.) Though that includes students interested in applying AI in biology and health care — it's just the beginning:This semester, more than 3,000 students enrolled in a new college of artificial intelligence and cybersecurity at the University of South Florida in Tampa.At the University of California, San Diego, 150 first-year students signed up for a new A.I. major. And the State University of New York at Buffalo created a stand-alone "department of A.I. and society," which is offering new interdisciplinary degrees in fields like "A.I. and policy analysis...." [I]nterest in understanding, using and learning how to build A.I. technologies is soaring, and schools are racing to meet rising student and industry demand. Over the last two years, dozens of U.S. universities and colleges have announced new A.I. departments, majors, minors, courses, interdisciplinary concentrations and other programs. "This is so cool to me to have the opportunity to be at the forefront of this," one 18-year-old told the New York Times. Their article points out 62% of America's computing programs reported drops in undergraduate enrollment this fall, according to a report in October from the Computing Research Association. "One reason for the dip: student employment concerns." Thanks to long-time Slashdot reader theodp for sharing the article.
  
  
  Read more of this story at Slashdot.
  

• No Rise in Radiation Levels at Chernobyl, Despite Damage from February's Drone Strike
  UPDATE (12/7): The New York Times clarifies today that the damage at Chernobyl hasn't led to a rise in radiation levels:"If there was to be some event inside the shelter that would release radioactive materials into the space inside the New Safe Confinement, because this facility is no longer sealed to the outside environment, there's the potential for radiation to come out," said Shaun Burnie, a senior nuclear specialist at Greenpeace who has monitored nuclear power plants in Ukraine since 2022 and last visited Chernobyl on October 31. "I have to say I don't think that's a particularly serious issue at the moment, because they're not actively decommissioning the actual sarcophagus." The I.A.E.A. also said there was no permanent damage to the shield's load-bearing structures or monitoring systems. A spokesman for the agency, Fredrik Dahl, said in a text message on Sunday that radiation levels were similar to what they were before the drone hit. But "A structure designed to prevent radioactive leakage at the defunct Chernobyl nuclear plant in Ukraine is no longer operational," Politico reported Saturday, "after Russian drones targeted it earlier this year, the U.N.'s nuclear watchdog has found."[T]he large steel structure "lost its primary safety functions, including the confinement capability" when its outer cladding was set ablaze after being struck by Russian drones, according to a new report by the International Atomic Energy Agency. Beyond that, there was "no permanent damage to its load-bearing structures or monitoring systems," it said. "Limited temporary repairs have been carried out on the roof, but timely and comprehensive restoration remains essential to prevent further degradation and ensure long-term nuclear safety," IAEA Director General Rafael Mariano Grossi said in astatement. The Guardian has pictures of the protective shield — incuding the damage from the drone strike. The shield is the world's largest movable land structure, reports CNN:The IAEA, which has a permanent presence at the site, will "continue to do everything it can to support efforts to fully restore nuclear safety and security," Grossi said.... Built in 2010 and completed in 2019, it was designed to last 100 years and has played a crucial role in securing the site. The project cost €2.1 billion and was funded by contributions from more than 45 donor countries and organizations through the Chernobyl Shelter Fund, according to the European Bank for Reconstruction and Development, which in 2019 hailed the venture as "the largest international collaboration ever in the field of nuclear safety."
  
  
  Read more of this story at Slashdot.
  

• OpenAI Insists Target Links in ChatGPT Responses Weren't Ads But 'Suggestions' - But Turns Them Off
  A hardware security response from ChatGPT ended with "Shop for home and groceries. Connect Target." But "There are no live tests for ads" on ChatGPT, insists Nick Turley, OpenAI's head of ChatGPT. Posting on X.com, he said "any screenshots you've seen are either not real or not ads." Engadget reportsThe OpenAI exec's explanation comes after another post from former xAI employee Benjamin De Kraker on X that has gained traction, which featured a screenshot showing an option to shop at Target within a ChatGPT conversation. OpenAI's Daniel McAuley responded to the post, arguing that it's not an ad but rather an example of app integration that the company announced in October. [To which De Kraker responded "when brands inject themselves into an unrelated chat and encourage the user to go shopping at their store, that's an ad. The more you pretend this isn't an ad because you guys gave it a different name, the less users like or trust you."] However, the company's chief research officer, Mark Chen, also replied on X that they "fell short" in this case, adding that "anything that feels like an ad needs to be handled with care." "We've turned off this kind of suggestion while we improve the model's precision," Chen wrote on X. "We're also looking at better controls so you can dial this down or off if you don't find it helpful."
  
  
  Read more of this story at Slashdot.
  

• How Home Assistant Leads a 'Local-First Rebellion'
  It runs locally, a free/open source home automation platform connecting all your devices together, regardless of brand. And GitHub's senior developer calls it "one of the most active, culturally important, and technically demanding open source ecosystems on the planet," with tens of thousands of contributors and millions of installations. That's confirmed by this year's "Octoverse" developer survey...Home Assistant was one of the fastest-growing open source projects by contributors, ranking alongside AI infrastructure giants like vLLM, Ollama, and Transformers. It also appeared in the top projects attracting first-time contributors, sitting beside massive developer platforms such as VS Code... Home Assistant is now running in more than 2 million households, orchestrating everything from thermostats and door locks to motion sensors and lighting. All on users' own hardware, not the cloud. The contributor base behind that growth is just as remarkable: 21,000 contributors in a single year... At its core, Home Assistant's problem is combinatorial explosion. The platform supports "hundreds, thousands of devices... over 3,000 brands," as [maintainer Franck Nijhof] notes. Each one behaves differently, and the only way to normalize them is to build a general-purpose abstraction layer that can survive vendor churn, bad APIs, and inconsistent firmware. Instead of treating devices as isolated objects behind cloud accounts, everything is represented locally as entities with states and events. A garage door is not just a vendor-specific API; it's a structured device that exposes capabilities to the automation engine. A thermostat is not a cloud endpoint; it's a sensor/actuator pair with metadata that can be reasoned about. That consistency is why people can build wildly advanced automations. Frenck describes one particularly inventive example: "Some people install weight sensors into their couches so they actually know if you're sitting down or standing up again. You're watching a movie, you stand up, and it will pause and then turn on the lights a bit brighter so you can actually see when you get your drink. You get back, sit down, the lights dim, and the movie continues." A system that can orchestrate these interactions is fundamentally a distributed event-driven runtime for physical spaces. Home Assistant may look like a dashboard, but under the hood it behaves more like a real-time OS for the home... The local-first architecture means Home Assistant can run on hardware as small as a Raspberry Pi but must handle workloads that commercial systems offload to the cloud: device discovery, event dispatch, state persistence, automation scheduling, voice pipeline inference (if local), real-time sensor reading, integration updates, and security constraints. This architecture forces optimizations few consumer systems attempt. "If any of this were offloaded to a vendor cloud, the system would be easier to build," the article points out. "But Home Assistant's philosophy reverses the paradigm: the home is the data center..." As Nijhof says of other vendor solutions, "It's crazy that we need the internet nowadays to change your thermostat."
  
  
  Read more of this story at Slashdot.
  

• Why Gen Z is Using Retro Tech
  "People in their teens and early 20s are increasingly turning to old school tech," reports the BBC, "in a bid to unplug from the online world."Amazon UK told BBC Scotland News that retro-themed products surged in popularity during its Black Friday event, with portable vinyl turntables, Tamagotchis and disposable cameras among their best sellers. Retailers Currys and John Lewis also said they had seen retro gadgets making a comeback with sales of radios, instant cameras and alarm clocks showing big jumps. While some people scroll endlessly through Netflix in search of their next watch, 17-year-old Declan prefers the more traditional approach of having a DVD in his hands. He grew up surrounded by his gran's collection and later bought his own after visiting a shop with a friend. "The main selling point for me is the cases," he says. Streaming services like Netflix and Disney+ dominate the market but Declan says he values ownership. "It's nice to have something you own instead of paying for subscriptions all the time," he says. "If I lost access to streaming tomorrow, I'd still have my favourite movies ready to watch." He admits DVDs are a "dying way of watching movies" but that makes them cheaper. "I think they're just cool, there's something authentic about having DVDs," he says. "These things are generations old, it's nice to have them available." The BBC also writes that one 21-year-old likes the "deliberate artistry" of traditional-camera photography — and the nostalgic experience of using one. They interview a 20-year-old who says vinyl records have a "more authentic sound" — and he appreciates having the physical disc and jacket art. And one 21-year-old even tracked down the handheld PlayStation Portable he'd used as a kid...
  
  
  Read more of this story at Slashdot.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

• Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
  OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
  
  The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
  

• Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation.
  Exciting news! The Tazama project is officially a Digital Public Good having met the criteria to be accepted to the Digital Public Goods Alliance ! Tazama is a groundbreaking open source software solution for real-time fraud prevention, and offers the first-ever open source platform dedicated to enhancing fraud management in digital payments. Historically, the financial [0]
  
  The post Project Tazama, A Project Hosted by LF Charities With Support From the Gates Foundation, Receives Digital Public Good Designation. appeared first on Linux.com.
  

• Xen 4.19 is released
  Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
  
  The post Xen 4.19 is released appeared first on Linux.com.
  

• Advancing Xen on RISC-V: key updates
  At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
  
  The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• Trump says if Netflix buys Warner Bros. its market share 'could be a problem'
  After Netflix announced that it was acquiring Warner Bros. Discovery last week, observers immediatley wondered when or if the deal could obtain regulatory approval. Now, President Trump has made comments indicating that said approval is likely to take awhile if it happens at all, pointed out last week, Netflix and HBO Max combined would account for around 33 percent of the US streaming video market, ahead of Prime Video9s 21 percent share and likely enough to attract the antitrust division of the US Justice Department. For its part, Netflix has said that it will "maintain Warner Bros. current businesses," which includes HBO Max and HBO, theatrical releases for films as well as movie and TV studio operations. 
  
  Headwinds were likely with any deal, so in November Netflix9s co-CEO Ted Sarandos reportedly met with Trump at the White House, arguing that the acquisition wouldn9t create a monopoly. Trump said that Warner Bros. Discovery should sell to the highest bidder, and Sarandos left the meeting feeling that Netflix wouldn9t face White House opposition in the short term.
  
  Even before regulators address the acquisition, more drama may ensue. Paramount, which first expressed interested in buying WBD when it wasn9t even for sale, may launch a hostile bid. And Hollywood9s unions and guilds are up in arms over fears that Netflix may significantly reduce Warner Bros.9 theatrical distribution, along with its back end profits and production jobs. 
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/trump-says-if-netflix-buys-warner-bros-its-market-share-could-be-a-problem-123004774.html?src=rss

• Apple's AirPods Pro 3 are back to an all-time low price
  If you haven9t yet upgraded to Apple9s AirPods Pro 3, you can pick up the company9s latest model at a discount through a deal on Amazon right now. The AirPods Pro 3, which came out in September, are currently down from $249 to $220 — their Cyber Monday all-time low price. With the new AirPods Pro, Apple made some big improvements, including better battery life and sound quality, and introduced useful new features, such as Live Translation.
  
  
  
  The AirPods Pro 3 are the best AirPods available today, with Apple9s H2 chip, and earned a score of 90 out of 100 in Engadget9s review this fall. Active noise cancellation (ANC) is one of the biggest selling points of the AirPods Pro, and Apple has made the experience even better with the AirPods Pro 3. They sport new foam-infused ear tips that create a better seal to improve passive noise isolation, and as Engadget9s Billy Steele wrote in his review, "Ultra-low-noise microphones combine with advanced computational audio to silence even more background noise." In testing, they had no problem blocking out the chatter of people nearby or otherwise noisy environments.
  
  With the AirPods Pro 3, Apple introduced heart-rate sensing, so you9ll be able to see your heart rate data from the earbuds in the Fitness app and other workout apps. The AirPods Pro 3 also boast Live Translation, which you can activate via controls on the earbuds themselves. As long as you have an Apple Intelligence-capable device, you9ll be able to translate in-person conversations in English, French, German, Italian, Japanese, Korean, Portuguese, Spanish and Chinese (Mandarin).
  
  Follow @EngadgetDeals on X for the latest tech deals and buying advice.
  This article originally appeared on Engadget at https://www.engadget.com/deals/apples-airpods-pro-3-are-back-to-an-all-time-low-price-222806220.html?src=rss

• The 5 best Mint alternatives to replace the budgeting app that shut down
  It9s been over one year since Intuitshut down the popular budgeting app Mint. I was a Mint user for many years; millions of other users like me enjoyed how easily Mint allowed us to track all accounts in one place and monitor credit scores. I also used it regularly to help me track spending, set goals like pay my mortgage down faster and with general money management.
  
  Ahead of Mint’s demise, I gaveCredit Karma, Intuit’s other financial app, a try but found it to be a poor Mint alternative. So I set out to find a true replacement in another budgeting app. The following guide lays out my experience testing some of the most popular Mint replacement apps available today. Our pick for best Mint alternative remainsQuicken Simplifi, even this long after Mint being shut down, thanks to its easy to use app, good income and bill detection and its affordable price. But there are plenty of other solid options out there for those with different needs. If you’re also on the hunt for a budgeting app to replace Mint, we hope these details can empower you to choose which of thebest budgeting apps out there will be right for you.
  Table of contents
  Best Mint alternatives in 2025?
  
  Other Mint alternatives we tested?
  
  What is Plaid and how does it work??
  
  How to import your financial data from the Mint app?
  
  How we tested Mint alternatives?
  
  What about Rocket Money??
  Best Mint alternatives in 2025
  
  
  
  
  No pun intended, but what I like about Quicken Simplifi is its simplicity. Whereas other budgeting apps try to distinguish themselves with dark themes and customizable emoji, Simplifi has a clean user interface, with a landing page that you just keep scrolling through to get a detailed overview of all your stats. These include your top-line balances; net worth; recent spending; upcoming recurring payments; a snapshot of your spending plan; top spending categories; achievements; and any watchlists you’ve set up.
  
  Another one of the key features I appreciate is the ability to set up savings goals elsewhere in the app. I also appreciate how it offers neat, almost playful visualizations without ever looking cluttered. I felt at home in the mobile and web dashboards after a day or so, which is faster than I adapted to some competing services (I’m looking at you, YNAB and Monarch).
  
  Getting set up with Simplifi was mostly painless. I was particularly impressed at how easily it connected to Fidelity; not all budget trackers do, for whatever reason. This is also one of the only services I tested that gives you the option of inviting a spouse or financial advisor to co-manage your account. One thing I would add to my initial assessment of the app, having used it for a few months now: I wish Simplifi offered Zillow integration for easily tracking your home value (or at least a rough estimate of it). Various competitors including Monarch Money and Copilot Money work with Zillow, so clearly there9s a Zillow API available for use. As it stands, Simplifi users must add real estate manually like any other asset.
  Dana Wollman / Engadget
  In practice, Simplifi miscategorized some of my expenses, but nothing out of the ordinary compared to any of these budget trackers. As you’re reviewing transactions, you can also mark if you’re expecting a refund, which is a unique feature among the services I tested. Simplifi also estimated my regular income better than some other apps I tested. Most of all, I appreciated the option of being able to categorize some, but not all, purchases from a merchant as recurring. For instance, I can add my two Amazon subscribe-and-saves as recurring payments, without having to create a broad-strokes rule for every Amazon purchase.
  
  The budgeting feature is also self-explanatory and can likely accommodate your preferred budgeting method. Just check that your regular income is accurate and be sure to set up recurring payments, making note of which are bills and which are subscriptions. This is important because Simplifi shows you your total take-home income as well as an “income after bills” figure. That number includes, well, bills but not discretionary subscriptions. From there, you can add spending targets by category in the “planned spending” bucket. Planned spending can also include one-time expenditures, not just monthly budgets. When you create a budget, Simplifi will suggest a number based on a six-month average.
  
  Not dealbreakers, but two things to keep in mind as you get started: Simplifi is notable in that you can’t set up an account through Apple or Google. There is also no option for a free trial, though Quicken promises a “30-day money back guarantee.”
  
  
  
  Monarch Money grew on me. My first impression of the budgeting app, which was founded by a former Mint product manager, was that it9s more difficult to use than others on this list, including Simplifi, NerdWallet and Copilot. And it is. Editing expense categories, adding recurring transactions and creating rules, for example, is a little more complicated than it needs to be, especially in the mobile app. (My advice: Use the web app for fine-tuning details.) Monarch also didn’t get my income right; I had to edit it.
  
  Once you’re set up, though, Monarch offers an impressive level of granularity. In the budgets section, you can see a bona fide balance sheet showing budgets and actuals for each category. You9ll also find a forecast, for the year or by month. And recurring expenses can be set not just by merchant, but other parameters as well. For instance, while most Amazon purchases might be marked as “shopping,” those for the amounts of $54.18 or $34.18 are definitely baby supplies, and can be automatically marked as such each time, not to mention programmed as recurring payments. Weirdly, though, there’s no way to mark certain recurring payments as bills, specifically.
  Dana Wollman / Engadget
  Not long after I first published this story in December 2023, Monarch introduced a detailed reporting section where you can create on-demand graphs based on things like accounts, categories and tags. That feature is available just on the web version of the app for now. As part of this same update, Monarch added support for an aggregator that makes it possible to automatically update the value of your car. This, combined with the existing Zillow integration for tracking your home value, makes it easy to quickly add a non-liquid asset like a vehicle or real estate, and have it show up in your net worth graph.
  
  The mobile app is mostly self-explanatory. The main dashboard shows your net worth; your four most recent transactions; a month-over-month spending comparison; income month-to-date; upcoming bills; an investments snapshot; a list of any goals you’ve set; and, finally, a link to your month-in-review. That month-in-review is more detailed than most, delving into cash flow; top income and expense categories; cash flow trends; changes to your net worth, assets and liabilities; plus asset and liability breakdowns. In February 2024, Monarch expanded on the net worth graph, so that if you click on the Accounts tab you can see how your net worth changed over different periods of time, including one month, three months, six months, a year or all time.
  
  On the main screen, you’ll also find tabs for savings and checking accounts (and all others as well), transactions, cash flow, budget and recurring. Like many of the other apps featured here, Monarch can auto-detect recurring expenses and income, even if it gets the category wrong. (They all do to an extent.) Expense categories are marked by emoji, which you can customize if you’re so inclined.
  
  Monarch Money uses a combination of networks to connect with banks, including Plaid, MX and Finicity, a competing network owned by Mastercard. (I have a quick explainer on Plaid, the industry standard in this space, toward the end of this guide.) As part of an update in late December, Monarch has also made it easier to connect through those other two networks, if for some reason Plaid fails. Similar to NerdWallet, I found myself completing two-factor authentication every time I wanted to get past the Plaid screen to add another account. Notably, Monarch is the only other app I tested that allows you to grant access to someone else in your family — likely a spouse or financial advisor. Monarch also has a Chrome extension for importing from Mint, though really this is just a shortcut for downloading a CSV file, which you’ll have to do regardless of where you choose to take your Mint data.
  
  Additionally, Monarch just added the ability to track Apple Card, Apple Cash, and Savings accounts, thanks to new functionality brought with the iOS 17.4 update. It9s not the only one either; currently, Copilot and YNAB have also added similar functionality that will be available to anyone with the latest versions of their respective apps on a device running iOS 17.4. Instead of manually uploading statements, the new functionality allows apps like Monarch9s to automatically pull in transactions and balance history. That should make it easier to account for spending on Apple cards and accounts throughout the month.
  
  Monarch also recently launched investment transactions in beta. It also says bill tracking and an overhauled goals system are coming soon. Monarch hasn9t provided a timeline for that last one, except to say that the improved goals feature is coming soon.
  
  
  
  Copilot Money might be the best-looking budgeting app I tested. It also has the distinction of being exclusive to iOS and Macs — at least for now. Andres Ugarte, the company’s CEO, has publicly promised that Android and web apps are coming soon. But until it follows through, I can’t recommend Copilot for most people with so many good competitors out there.
  Copilot Money for Web and Android!
  
  Thanks to the support from our users, and the overwhelming positive reception we9re seeing from folks migrating from Mint, we can now say that we9ll be building @copilotmoney for Web and Android with a goal to launch in 2024.
  
  We9ll continue to…
  — Andres Ugarte (@chuga) November 15, 2023
  There are other features that Copilot is missing, which I’ll get into. But it is promising, and one to keep an eye on. It’s just a fast, efficient, well designed app, and Android users will be in for a treat when they’ll finally be able to download it. It makes good use of colors, emoji and graphs to help you understand at a glance how you’re doing on everything from your budgets to your investment performance to your credit card debt over time. In particular, Copilot does a better job than almost any other app of visualizing your recurring monthly expenses.
  
  Behind those punchy colors and cutesy emoji, though, is some sophisticated performance. Copilot’s AI-powered “Intelligence” gets smarter as you go at categorizing your expenses. (You can also add your own categories, complete with your choice of emoji.) It’s not perfect. Copilot miscategorized some purchases (they all do), but it makes it easier to edit than most. On top of that, the internal search feature is very fast; it starts whittling down results in your transaction history as soon as you begin typing.
  Dana Wollman / Engadget
  Copilot is also unique in offering Amazon and Venmo integrations, allowing you to see transaction details. With Amazon, this requires just signing into your Amazon account via an in-app browser. For Venmo, you have to set up fwd@copilot.money as a forwarding address and then create a filter, wherein emails from venmo@venmo.com are automatically forwarded to fwd@copilot.money. Like Monarch Money, you can also add any property you own and track its value through Zillow, which is integrated with the app.
  
  While the app is heavily automated, I still appreciate that Copilot marks new transactions for review. It’s a good way to both weed out fraudulent charges, and also be somewhat intentional about your spending habits.
  
  Like Monarch Money, Copilot updated its app to make it easier to connect to banks through networks other than Plaid. As part of the same update, Copilot said it has improved its connections to both American Express and Fidelity which, again, can be a bugbear for some budget tracking apps. In an even more recent update, Copilot added a Mint import option, which other budgeting apps have begun to offer as well.
  
  Because the app is relatively new (it launched in early 2020), the company is still catching up to the competition on some table-stakes features. Ugarte told me that his team is almost done building out a detailed cash flow section as well. On its website, Copilot also promises a raft of AI-powered features that build on its current “Intelligence” platform, the one that powers its smart expense categorization. These include “smart financial goals,” natural language search, a chat interface, forecasting and benchmarking. That benchmarking, Ugarte tells me, is meant to give people a sense of how they’re doing compared to other Copilot users, on both spending and investment performance. Most of these features should arrive in the new year.
  
  Copilot does a couple interesting things for new customers that distinguish it from the competition. There’s a “demo mode” that feels like a game simulator; no need to add your own accounts. The company is also offering two free months with RIPMINT — a more generous introductory offer than most. When it finally does come time to pony up, the $7.92 monthly plan is cheaper than some competing apps, although the $95-a-year-option is in the same ballpark.
  
  
  
  
  
  You may know NerdWallet as a site that offers a mix of personal finance news, explainers and guides. I see it often when I google a financial term I don’t know and sure enough, it’s one of the sites I’m most likely to click on. As it happens, NerdWallet also has the distinction of offering one of the only free budgeting apps I tested. In fact, there is no paid version; nothing is locked behind a paywall. The main catch: There are ads everywhere. To be fair, the free version of Mint was like this, too.
  
  Even with the inescapable credit card offers, NerdWallet has a clean, easy-to-understand user interface, which includes both a web and a mobile app. The key metrics that it highlights most prominently are your cash flow, net worth and credit score. (Of note, although Mint itself offered credit score monitoring, most of its rivals do not.) I particularly enjoyed the weekly insights, which delve into things like where you spent the most money or how much you paid in fees — and how that compares to the previous month. Because this is NerdWallet, an encyclopedia of financial info, you get some particularly specific category options when setting up your accounts (think: a Roth or non-Roth IRA).
  Dana Wollman / Engadget
  As a budgeting app, NerdWallet is more than serviceable, if a bit basic. Like other apps I tested, you can set up recurring bills. Importantly, it follows the popular 50/30/20 budgeting rule, which has you putting 50% of your budget toward things you need, 30% toward things you want, and the remaining 20% into savings or debt repayments. If this works for you, great — just know that you can’t customize your budget to the same degree as some competing apps. You can’t currently create custom spending categories, though a note inside the dashboard section of the app says “you’ll be able to customize them in the future.” You also can’t move items from the wants column to “needs” or vice versa but “In the future, you9ll be able to move specific transactions to actively manage what falls into each group.” A NerdWallet spokesperson declined to provide an ETA, though.
  
  Lastly, it’s worth noting that NerdWallet had one of the most onerous setup processes of any app I tested. I don’t think this is a dealbreaker, as you’ll only have to do it once and, hopefully, you aren’t setting up six or seven apps in tandem as I was. What made NerdWallet’s onboarding especially tedious is that every time I wanted to add an account, I had to go through a two-factor authentication process to even get past the Plaid splash screen, and that’s not including the 2FA I had set up at each of my banks. This is a security policy on NerdWallet’s end, not Plaid’s, a Plaid spokesperson says.
  
  Precisely because NerdWallet is one of the only budget trackers to offer credit score monitoring, it also needs more of your personal info during setup, including your birthday, address, phone number and the last four digits of your social security number. It’s the same with Credit Karma, which also does credit score monitoring.
  
  Related to the setup process, I found that NerdWallet was less adept than other apps at automatically detecting my regular income. In my case, it counted a large one-time wire transfer as income, at which point my only other option was to enter my income manually (which is slightly annoying because I would have needed my pay stub handy to double-check my take-home pay).
  
  
  
  YNAB is, by its own admission, “different from anything you’ve tried before.” The app, whose name is short for You Need a Budget, promotes a so-called zero-based budgeting system, which forces you to assign a purpose for every dollar you earn. A frequently used analogy is to put each dollar in an envelope; you can always move money from one envelope to another in a pinch. These envelopes can include rent and utilities, along with unforeseen expenses like holiday gifts and the inevitable car repair. The idea is that if you budget a certain amount for the unknowns each month, they won’t feel like they’re sneaking up on you.
  
  Importantly, YNAB is only concerned with the money you have in your accounts now. The app does not ask you to provide your take-home income or set up recurring income payments (although there is a way to do this). The money you will make later in the month through your salaried job is not relevant, because YNAB does not engage in forecasting.
  
  The app is harder to learn than any other here, and it requires more ongoing effort from the user. And YNAB knows that. Inside both the mobile and web apps are links to videos and other tutorials. Although I never quite got comfortable with the user interface, I did come to appreciate YNAB’s insistence on intentionality. Forcing users to draft a new budget each month and to review each transaction is not necessarily a bad thing. As YNAB says on its website, “Sure, you’ve got pie charts showing that you spent an obscene amount of money in restaurants — but you’ve still spent an obscene amount of money in restaurants.” I can see this approach being useful for people who don’t tend to have a lot of cash in reserve at a given time, or who have spending habits they want to correct (to riff off of YNAB’s own example, ordering Seamless four times a week).
  
  My colleague Valentina Palladino, knowing I was working on this guide, penned a respectful rebuttal, explaining why she’s been using YNAB for years. Perhaps, like her, you have major savings goals you want to achieve, whether it’s paying for a wedding or buying a house. I suggest you give her column a read. For me, though, YNAB’s approach feels like overkill.
  Other Mint alternatives we tested PocketGuard
  PocketGuard used to be a solid free budget tracker, but the company has since limited its “free” version to just a free seven-day trial. Now, you’ll have to choose between two plans once the trial is over: a $13 monthly plan or a $75 annual plan. When I first tested it, I found it to be more restricted than NerdWallet, but still a decent option. The main overview screen shows you your net worth, total assets and debts; net income and total spending for the month; upcoming bills; a handy reminder of when your next paycheck lands; any debt payoff plan you have; and any goals. Like some other apps, including Quicken Simplifi, PocketGuard promotes an “after bills” approach, where you enter all of your recurring bills, and then PocketGuard shows you what’s left, and that’s what you’re supposed to be budgeting: your disposable income.
  
  Although PocketGuard’s UI is easy enough to understand, it lacks polish. The “accounts” tab is a little busy, and doesn’t show totals for categories like cash or investments. Seemingly small details like weirdly phrased or punctuated copy occasionally make the app feel janky. More than once, it prompted me to update the app when no updates were available. The web version, meanwhile, feels like the mobile app blown up to a larger format and doesn’t take advantage of the extra screen real estate. Ultimately, now that the free tier is gone, it just doesn’t present the same value proposition as it once did.
  What is Plaid and how does it work?
  Each of the apps I tested uses the same underlying network, called Plaid, to pull in financial data, so it’s worth explaining in its own section what it is and how it works. Plaid was founded as a fintech startup in 2013 and is today the industry standard in connecting banks with third-party apps. Plaid works with over 12,000 financial institutions across the US, Canada and Europe. Additionally, more than 8,000 third-party apps and services rely on Plaid, the company claims.
  
  To be clear, you don’t need a dedicated Plaid app to use it; the technology is baked into a wide array of apps, including the budget trackers I tested for this guide. Once you find the “add an account” option in whichever one you’re using, you’ll see a menu of commonly used banks. There’s also a search field you can use to look yours up directly. Once you find yours, you’ll be prompted to enter your login credentials. If you have two-factor authentication set up, you’ll need to enter a one-time passcode as well.
  
  As the middleman, Plaid is a passthrough for information that may include your account balances, transaction history, account type and routing or account number. Plaid uses encryption, and says it has a policy of not selling or renting customer data to other companies. However, I would not be doing my job if I didn’t note that in 2022 Plaid was forced to pay $58 million to consumers in a class action suit for collecting “more financial data than was needed.” As part of the settlement, Plaid was compelled to change some of its business practices.
  
  In a statement provided to Engadget, a Plaid spokesperson said the company continues to deny the allegations underpinning the lawsuit and that “the crux of the non-financial terms in the settlement are focused on us accelerating workstreams already underway related to giving people more transparency into Plaid’s role in connecting their accounts, and ensuring that our workstreams around data minimization remain on track.”
  How to import your financial data from the Mint app
  Mint users should consider getting their data ready to migrate to their new budgeting app of choice soon. Unfortunately, importing data from Mint is not as easy as entering your credentials from inside your new app and hitting “import.” In fact, any app that advertises the ability to port over your stats from Mint is just going to have you upload a CSV file of transactions and other data.
  
  To download a CSV file from Mint, do the following:
  
  Sign into Mint.com and hit Transactions in the menu on the left side of the screen.
  
  Select an account, or all accounts.
  
  Scroll down and look for “export [number] transactions” in smaller print.
  
  Your CSV file should begin downloading.
  
  Note: Downloading on a per-account basis might seem more annoying, but could help you get set up on the other side, if the app you’re using has you importing transactions one-for-one into their corresponding accounts.
  How we tested Mint alternatives
  Before I dove into the world of budgeting apps, I had to do some research. To find a list of apps to test, I consulted trusty ol’ Google (and even trustier Reddit); read reviews of popular apps on the App Store; and also asked friends and colleagues what budget tracking apps they might be using. Some of the apps I found were free, just like Mint. These, of course, show loads of ads (excuse me, “offers”) to stay in business. But most of the available apps require paid subscriptions, with prices typically topping out around $100 a year, or $15 a month. (Spoiler: My top pick is cheaper than that.)
  
  Since this guide is meant to help Mint users find a permanent replacement, any services I chose to test needed to do several things: import all of your account data into one place; offer budgeting tools; and track your spending, net worth and credit score. Except where noted, all of these apps are available for iOS, Android and on the web.
  
  Once I had my shortlist of six apps, I got to work setting them up. For the sake of thoroughly testing these apps (and remember, I really was looking for a Mint alternative myself), I made a point of adding every account to every budgeting app, no matter how small or immaterial the balance. What ensued was a veritable Groundhog Day of two-factor authentication. Just hours of entering passwords and one-time passcodes, for the same banks half a dozen times over. Hopefully, you only have to do this once.
  What about Rocket Money?
  Rocket Money is another free financial app that tracks spending and supports things like balance alerts and account linking. If you pay for the premium tier, the service can also help you cancel unwanted subscriptions. We did not test it for this guide, but we9ll consider it in future updates.
  This article originally appeared on Engadget at https://www.engadget.com/apps/the-best-budgeting-apps-to-replace-mint-143047346.html?src=rss

• The best Secret Santa gift ideas for 2025: Affordable gifts to give from Apple, Lego, Yeti and others
  Secret Santa gift exchanges are supposed to be fun, but it’s easy to overthink it. You want a gift that feels thoughtful without being awkward, useful without being boring, and most importantly, affordable. The sweet spot is under $50, which is plenty to find something that fits your recipient’s personality. Whether you’re buying for a co-worker you only chat with at the coffee machine, a friend who already has everything or a cousin who never gives you ideas, there are clever options that will make them smile. These picks prove you don’t need to spend big to win at Secret Santa.
  Best Secret Santa gift ideas
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  Check out the rest of our gift ideas here.
  This article originally appeared on Engadget at https://www.engadget.com/the-best-secret-santa-gift-ideas-for-2025-affordable-gifts-to-give-from-apple-lego-yeti-and-others-130014197.html?src=rss

• The Lord of the Rings trilogy returns to theaters in January for 25th anniversary
  One does not simply spend more than 11 hours watching The Lord of the Rings trilogy in a single weekend at home when the opportunity to do so in theaters arises. As The Lord of the Rings: The Fellowship of the Ring turns 25, Fathom Entertainment and Warner Bros. announced theatrical screenings of the Peter Jackson trilogy in their extended editions, according to an exclusive report from Fathom9s website.
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/tv-movies/the-lord-of-the-rings-trilogy-returns-to-theaters-in-january-for-25th-anniversary-202433217.html?src=rss

• OpenAI’s head of ChatGPT says posts appearing to show in-app ads are â€�not real or not ads’
  Those might not exactly be ads you9re seeing on ChatGPT, at least according to OpenAI. Nick Turley, OpenAI9s head of ChatGPT, clarified the confusion around potential ads appearing with the AI chatbot. In a post on X, Turley said "there are no live tests for ads" and that "any screenshots you9ve seen are either not real or not ads." The OpenAI exec9s explanation comes after another post from former xAI employee Benjamin De Kraker on X that has gained traction, which featured a screenshot showing an option to shop at Target within a ChatGPT conversation.
  
  OpenAI9s Daniel McAuley responded to the post, arguing that it9s not an ad but rather an example of app integration that the company announced in October. However, the company9s chief research officer, Mark Chen, also replied on X that they "fell short" in this case, adding that "anything that feels like an ad needs to be handled with care."
  
  "We’ve turned off this kind of suggestion while we improve the model’s precision," Chen wrote on X. "We’re also looking at better controls so you can dial this down or off if you don’t find it helpful."
  
  There9s still a lot of uncertainty about whether OpenAI will introduce ads to ChatGPT, but in November, someone discovered code in a beta version of the ChatGPT app on Android that made several mentions of ads. Even in Turley9s post debunking the inclusion of live ads, the OpenAI exec added that "if we do pursue ads, we’ll take a thoughtful approach." Turley also posted that "people trust ChatGPT and anything we do will be designed to respect that."
  This article originally appeared on Engadget at https://www.engadget.com/ai/openais-head-of-chatgpt-says-posts-appearing-to-show-in-app-ads-are-not-real-or-not-ads-190454584.html?src=rss

• X shuts down the European Commission’s ad account the day after major fine
  Just a day after receiving a roughly $140 million fine, X has terminated the ad account of the European Commission. Nikita Bier, X9s head of product, accused the European Commission of using an exploit to artificially boost the reach of its post announcing the major fine.
  
  In the post, Bier said that the commission "logged into [their] dormant ad account to take advantage of an exploit in our Ad Composer" and posted "a link that deceives users into thinking it’s a video and to artificially increase its reach." Bier explained in a separate post that the exploit has "never been abused like this" and "is now patched." However, X still revoked the European Commission9s ability to buy and track ads on its platform.
  
  While X decided to remove the European Commission9s ad account, it still needs to submit specific measures and an action plan to address the concerns associated with the $140 million fine. The European Commission9s spokesperson for Tech Sovereignty, Defence, Space and Research, Thomas Regnier, said that this is the first-ever fine under the Digital Services Act. The European legislative body claimed that X has a deceptive system when it comes to verified accounts, lacks transparency with its advertising repository and doesn9t provide effective data for researchers. In response, X9s owner, Elon Musk, replied to the European Commission9s post, calling it "bullshit."
  This article originally appeared on Engadget at https://www.engadget.com/social-media/x-shuts-down-the-european-commissions-ad-account-the-day-after-major-fine-173553267.html?src=rss

• Missing NBC on Fubo? Here's how to watch Sunday Night Football this week and more
  If you9re a Fubo subscriber, you9ve certainly noticed that NBC and all NBCUniversal-owned channels have gone dark on the platform. For over a week, customers have gone without NBC programming like the Today Show and The Voice, and for the second week in a row, customers will have to find alternate methods of watching this week9s Sunday Night Football game, too. It9s all because Fubo and NBCUniversal are having a contract dispute, so channels like NBC, USA Network, Telemundo, and Bravo have been unavailable on Fubo since Nov. 21, and as of now, there9s no projected date for their return. 
  
  A message released by Fubo to their customers explains, "Fubo believes customers should have the option to choose among multiple distributors to access the content they love. Unfortunately, NBCU has offered terms regarding pricing and packaging that are egregiously above those offered to other distributors." A statement from an NBCU spokesperson adds, "Fubo has chosen to drop NBCUniversal programming despite being offered the same terms agreed to by hundreds of other distributors. Unfortunately, this is par for the course for Fubo — they’ve dropped numerous networks in recent years at the expense of their customers, who continue to lose content.” (Fubo, for instance, cut Warner-owned channels back in 2024.) You can read more about exactly why Fubo is countering NBC9s proposed deal here. 
  
  While the companies are continuing discussions to come to an agreement, there is still no resolution. Fubo has already begun issuing $15 credits to subscribers9 bills as a gesture of goodwill, but if you9re a Fubo customer and are wondering how to watch this week9s biggest games and shows, here9s everything you need to know about the Fubo-NBC blackout, which channels are missing and your options for where to watch them.
  How to watch Sunday Night Football without Fubo
  This week9s Sunday Night Football matchup between the Houston Texans and the Kansas City Chiefs airs at 8:20 p.m. ET on NBC, but you9ll also be able to stream it on Peacock, DirecTV, and Hulu + Live TV. 
  What else is on NBC this week?
  In addition to this week9s Sunday Night Football game, there are loads of sports on NBC, USA, Universo and more that you won9t want to miss, including extensive Premiere League coverage, NBA and NHL games, plus dozens of new show premieres this week like Stumble and The Voice. On Bravo, there are new episodes of The Real Housewives of Potomac and The Real Housewives of Salt Lake City, and The Real Housewives of Beverly Hills, too.
  Which channels are no longer available on Fubo?
  The following is a list of channels owned or operated by NBC that are not currently available on Fubo:
  Local Channels:
  NBC Local Affiliates
  
  Telemundo Local/National
  Regional Sports Channels:
  NBC Sports 4K
  
  NBC Sports Bay Area
  
  NBC Sports Bay Area Plus
  
  NBC Sports Boston
  
  NBC Sports California
  
  NBC Sports California Plus
  
  NBC Sports California Plus 3
  
  NBC Sports Philadelphia
  
  NBC Sports Philadelphia Plus
  National Channels:
  American Crimes
  
  Bravo
  
  Bravo Vault
  
  Caso Cerrado
  
  CNBC
  
  CNBC World
  
  Cozi
  
  Dateline 24/7
  
  E! Entertainment Television
  
  E! Keeping Up
  
  Golf Channel
  
  GolfPass
  
  LX Home
  
  Million Dollar Listing Vault
  
  MS NOW (formerly MSNBC)
  
  NBC NOW
  
  NBC Sports NOW
  
  NBC Universo
  
  True CRMZ
  
  New England Cable News
  
  Noticias Telemundo Ahora
  
  Oxygen True Crime
  
  Oxygen True Crime Archives
  
  Real Housewives Vault
  
  SNL Vault
  
  Syfy
  
  Telemundo Accion
  
  Telemundo al Dia
  
  The Golf Channel
  
  Today All Day
  
  Universal Movies
  
  USA Network
  Why are these NBC-owned channels currently unavailable?
  Per Fubo, NBC channels were pulled from the platform because of a disagreement over their long-standing content distribution agreement that has yet to be resolved.
  When will the missing channels return?
  There is no information available as to when NBC9s lineup of channels will return. Negotiations between the companies are ongoing.
  Is Fubo offering a rebate while these channels are missing?
  In a message to subscribers, Fubo stated, "If NBCU programming remains off of Fubo for an extended period, we will directly credit $15 to your Fubo account." At least one Fubo customer on our staff received an email confirming the credit would be automatically applied in the December billing cycle.
  What alternatives do viewers have in the meantime?
  Looking to switch from Fubo? You9ve got plenty of options, including Peacock, DirecTV, and Hulu + Live TV. Here are some of your choices:
  Watch NBC on Peacock
  
  Get a deal on Peacock with Walmart+
  
  Try DirecTV free for 5 days, and get $30 off your first month
  
  Try Hulu + Live TV for free
  
  
  Other services to watch NBC
  
  
  
  If I switch to a different service, can I cancel or pause Fubo in the meantime?
  Fubo does not allow customers to pause their subscriptions, so if you9re looking to make a change, you can cancel your plan outright. 
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/missing-nbc-on-fubo-heres-how-to-watch-sunday-night-football-this-week-and-more-014052821.html?src=rss

• Judge puts a one-year limit on Google's contracts for default search placement
  A federal judge has expanded on the remedies decided for the Department of Justice9s antitrust case against Google, ruling in favor of putting a one-year limit on the contracts that make Google9s search and AI services the default on devices, ruled in September that Google would not have to sell off Chrome, as the DOJ proposed at the end of 2024. 
  
  This all follows the ruling last fall that Google illegally maintained an internet search monopoly through actions including paying companies such as Apple to make its search engine the default on their devices and making exclusive deals around the distribution of services such as Search, Chrome and Gemini. Mehta9s September ruling put an end to these exclusive agreements and stipulates that Google will have to share some of its search data with rivals to "narrow the scale gap" its actions have created. 
  
  
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/judge-puts-a-one-year-limit-on-googles-contracts-for-default-search-placement-215549614.html?src=rss

• Apple's Johny Srouji could continue the company's executive exodus, according to report
  Apple9s Johny Srouji may be the latest company executive to seek greener pastures, according to a report from John Giannandrea, the company9s senior vice president for machine learning and AI strategy, would be retiring from his role in spring 2026. A couple of days later, revealed that Kate Adams, who has been Apple9s general counsel since 2017, and Lisa Jackson, vice president for Environment, Policy, and Social Initiatives, will both be leaving in early 2026.
  
  The shakeup at the executive level comes after Bloomberg9s Mark Gurman previously reported that Cook may not be preparing for his own departure as CEO next year. Gurman9s prediction counters a report from the Financial Times that claimed that Apple was accelerating succession plans for Cook with an expected stepping down sometime next year.
  This article originally appeared on Engadget at https://www.engadget.com/big-tech/apples-johny-srouji-could-continue-the-companys-executive-exodus-according-to-report-200750252.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice