All the News that Matters

• Mageia 9 rsync Critical Update for DoS Vulnerability CVE-2026-41035
  MGASA-2026-0101 - Updated rsync packages fix security vulnerability

• Fedora 42 mingw-LibRaw Critical Exec Issues CVE-2026-20884 2026-826db1b5c0
  Backport patch for CVE-2026-20884. Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 Update to libraw-0.21.5.

• Fedora 42 smb4k 4.0.6 Critical Local Root Exploit Vulnerabilities Revealed
  Update to version 4.0.6

• Fedora 42 stb Image Uninitialized Memory Access Fix 2026-651e3129a9
  Fix access/use of uninitialized memory in stb_image

• Fedora 42 Monkey's Audio Critical Update for Out-of-Bounds Read Issue
  Latest Monkey's Audio Codec release. Changes: https://monkeysaudio.com/versionhistory.html .

• Fedora 42 Aqualung FEDORA-2026-43278d411e Critical Out-of-Bounds Fix
  Latest Monkey's Audio Codec release. Changes: https://monkeysaudio.com/versionhistory.html .

• New/Overhauled NTFS Driver Merged For Linux 7.1
  As a very exciting follow-up to the recent article around the new NTFS driver being submitted for Linux 7.1 to address the shortcomings of the current Paragon NTFS3 driver and the prior read-only NTFS kernel driver, that work has been merged!..

• Shuttle XPC slim DB860 Leverages Core Ultra 200 in Compact 1.3L Barebone
  Shuttle has revealed the XPC slim DB860, a compact 1.35-liter barebone system built around Intel Core Ultra 200 series processors. The system provides desktop-class performance in a compact metal chassis and supports continuous operation. The platform supports Intel Core Ultra 200 processors (Arrow Lake-S) using the LGA1851 socket, with a maximum TDP of 65 W. […]

• Intel Xe2 Lunar Lake Linux Graphics Performance Up ~17% Over Past Year
  Given the Ubuntu 26.04 LTS release being imminent and also realizing it's been nearly one year to the day since reviewing the Lenovo ThinkPad X1 Carbon Gen 13 Aura Edition laptop under Linux, I ran some fresh benchmarks for seeing how the integrated Xe2 graphics have evolved on Linux over the past year.

• Archinstall 4.2 Shifts to Wayland-First Profiles, Leaving X.Org Behind
  The Arch Linux installer continues evolving alongside the broader Linux desktop ecosystem. With the release of Archinstall 4.2, a notable change has arrived: Wayland is now the default focus for graphical installation profiles, while traditional X.Org-based profiles have been removed or deprioritized.

• Free Software Foundation Says OnlyOffice Cannot Use AGPL to Restrict Forks
  The Free Software Foundation says OnlyOffice cannot use AGPLv3 to impose extra restrictions on forks, escalating the Euro-Office licensing dispute.

• Fedora 44 Will Not Be Released Next Week
  Fedora 44 final had been aiming for an early release target of 21 April, but due to outstanding blocker bugs, it's now revised to target a release on 28 April...

• Archinstall 4.2 Arch Linux Installer Brings Granular KDE Plasma Configuration
  Archinstall 4.2 text-based installer for Arch Linux is now available with granular KDE Plasma configuration, a new Pacman settings submenu with Color and Parallel Downloads, and other changes.

• GIMP 3.2.4 Fixes Layer Fills, Text Tool Bugs, and File Import Issues
  GIMP 3.2.4 image editor improves layer fills, text tool behavior, PDF export, and support for PSD, PNG, DDS, ORA, and other file formats.

• AI Pushes Cal.com to Shutter Open and Go Nonfree
  Cal.com blames AI-powered vulnerability hunting for its move from open source to locked-down code — and tosses a crippled ‘community’ edition to keep its cred.

• GNU Linux-Libre 7.0 Kernel Is Now Available for Software Freedom Lovers
  GNU Linux-libre 7.0 kernel is now available for download based on Linux kernel 7.0 and targeted at those seeking 100% freedom for their PCs.

• NASA Restarts Work To Support Europe's Uncrewed Trip To Mars After Years of Setbacks
  NASA has revived support for the European Space Agency's long-delayed Rosalind Franklin Mars rover mission. According to the space agency, the current plan is to launch via a SpaceX Falcon Heavy no earlier than 2028. Engadget reports: This is a partnership between NASA and the ESA, with the European agency providing the rover, the spacecraft and the lander. The US will provide braking engines for the lander, heater units for the rover's internal systems and, of course, assistance with the actual launch. The rover will be outfitted with scientific instruments to look for signs of ancient life on the red planet. These include a state-of-the-art mass spectrometer and an organic molecule analyzer, which will come in handy as the vehicle collects samples at the Oxia Planum landing site. The mission has been stuck in development limbo since 2001, with delays caused by budget problems, technical issues, shifting international partners, and geopolitical fallout. After NASA dropped out, Russia stepped in, then was cut loose after invading Ukraine, and now -- despite NASA rejoining in 2024 and fresh political budget threats -- the rover is tentatively back on track for a 2028 launch.
  
  
  Read more of this story at Slashdot.
  

• Critical Atlantic Current Significantly More Likely To Collapse Than Thought
  An anonymous reader quotes a report from the Guardian: The critical Atlantic current system appears significantly more likely to collapse than previously thought after new research found that climate models predicting the biggest slowdown are the most realistic. Scientists called the new finding "very concerning" as a collapse would have catastrophic consequences for Europe, Africa and the Americas. The Atlantic meridional overturning circulation (Amoc) is a major part of the global climate system and was already known to be at its weakest for 1,600 years as a result of the climate crisis. Scientists spotted warning signs of a tipping point in 2021 and know that the Amoc has collapsed in the Earth's past. Climate scientists use dozens of different computer models to assess the future climate. However, for the complex Amoc system, these produce widely varying results, ranging from some that indicate no further slowdown by 2100 to those suggesting a huge deceleration of about 65%, even when carbon emissions from fossil fuel burning are gradually cut to net zero. The research combined real-world ocean observations with the models to determine the most reliable, and this hugely reduced the spread of uncertainty. They found an estimated slowdown of 42% to 58% in 2100, a level almost certain to end in collapse. The Amoc is a major part of the global climate system and brings sun-warmed tropical water to Europe and the Arctic, where it cools and sinks to form a deep return current. A collapse would shift the tropical rainfall belt on which many millions of people rely to grow their food, plunge western Europe into extreme cold winters and summer droughts, and add 50-100cm to already rising sea levels around the Atlantic. The slowdown has to do with the Arctic's rapidly rising temperatures from global warming. "Warmer water is less dense and therefore sinks into the depths more slowly," explains the Guardian. "This slowing allows more rainfall to accumulate in the salty surface waters, also making it less dense, and further slowing the sinking and forming an Amoc feedback loop." The new research has been published in the journal Science Advances.
  
  
  Read more of this story at Slashdot.
  

• Online Personalities and Comedians Overtake TV and Newspapers as Primary News Sources
  A new Ipsos poll finds Americans are increasingly getting news from online personalities and comedians instead of traditional TV or newspapers. The survey says nearly 70% get news online in a given week, versus 55% from TV and 25% from newspapers, with figures like Joe Rogan, Greg Gutfeld, Sean Hannity, and late-night hosts ranking prominently depending on political leanings. From the Hollywood Reporter: The poll, which was conducted in March, actually found the conservative politicians and cabinet members, including President Trump, were the top news influencers. When politicos were excluded, Joe Rogan led the list, followed by Fox News personalities Greg Gutfeld and Sean Hannity, and then TuckerCarlson and Ben Shapiro. The only three influencers to crack 10 percent were Trump, Rogan, and JD Vance. Among people who voted for Kamala Harris, the top news personalities were late night hosts, led by ABC's Jimmy Kimmel, followed by CBS Late Show host Stephen Colbert, and Daily Show host Jon Stewart. Just under 70 percent of respondents said they get their news online in a given week, compared to 55 percent for TV, and 25 percent for newspapers. [...] Of traditional media outlets, TV dominated, with Fox News, the broadcast networks, and CNN topping the list of sources. Facebook, YouTube and Instagram were the most popular online news sources. "On these platforms opinionated personalities and comedians appear to drown out anyone who would fit in the traditional journalist category," said assistant professor of practice and Jordan Center Executive Director Steven L Herman. "Even in the late 19th century and early 20th centuries, sensationalist and polarizing voices in print and later on air were among the most influential in the political landscape -- such as political satirist Mark Twain and populist Father Charles Coughlin."
  
  
  Read more of this story at Slashdot.
  

• NIST Limits CVE Enrichment After 263% Surge In Vulnerability Submissions
  NIST is narrowing how it handles CVEs in the National Vulnerability Database (NVD), saying it will only automatically enrich higher-priority vulnerabilities. "CVEs that do not meet those criteria will still be listed in the NVD but will not automatically be enriched by NIST," it said. "This change is driven by a surge in CVE submissions, which increased 263% between 2020 and 2025. We don't expect this trend to let up anytime soon." The Hacker News reports: The prioritization criteria outlined by NIST, which went into effect on April 15, 2026, are as follows:- CVEs appearing in the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog.- CVEs for software used within the federal government.- CVEs for critical software as defined by Executive Order 14028: this includes software that's designed to run with elevated privilege or managed privileges, has privileged access to networking or computing resources, controls access to data or operational technology, and operates outside of normal trust boundaries with elevated access. Any CVE submission that doesn't meet these thresholds will be marked as "Not Scheduled." The idea, NIST said, is to focus on CVEs that have the maximum potential for widespread impact. "While CVEs that do not meet these criteria may have a significant impact on affected systems, they generally do not present the same level of systemic risk as those in the prioritized categories," it added. [...] Changes have also been instituted for various other aspects of the NVD operations. These include: - NIST will no longer routinely provide a separate severity score for a CVE where the CVE Numbering Authority has already provided a severity score.- A modified CVE will be reanalyzed only if it "materially impacts" the enrichment data. Users can request specific CVEs to be reanalyzed by sending an email to the same address listed above.- All unenriched CVEs currently in backlog with an NVD publish date earlier than March 1, 2026, will be moved into the "Not Scheduled" category. This does not apply to CVEs that are already in the KEV catalog.- NIST has updated the CVE status labels and descriptions, as well as the NVD Dashboard, to accurately reflect the status of all CVEs and other statistics in real time.
  
  
  Read more of this story at Slashdot.
  

• Gazing Into Sam Altman's Orb Could Solve Ticket Scalping
  An anonymous reader quotes a report from Wired: Sam Altman's iris-scanning, humanity-verifying World project announced at an event in San Francisco on Friday that Tinder users around the globe can now put a digital badge on their profiles signaling to potential suitors that they're a real human, provided they've already stared into one of World's glossy white Orbs and allowed their eyes to be scanned. The announcement follows a pilot project for Tinder verification that World previously conducted in Japan. [...] In addition to the Tinder global expansion, Tools for Humanity, the company behind World, announced a number of other consumer and enterprise partnerships on Friday at its Lift Off event in San Francisco. The startup says Tinder users who verify with their World ID will receive five free "boosts," typically a paid feature that increases the number of users who see a profile by up to 10 times for 30 minutes. The videoconferencing platform Zoom also says that users can now require other participants to verify their identity with World before joining a call. Docusign, the contract signing software, will allow users to require World's identity verification technology. Tiago Sada, Tools for Humanity's chief product officer, tells WIRED the company sees major platform partnerships as key to helping World become a mainstream identity-verification technology. Sada said he's especially interested in working with social media companies in the future, and was encouraged to see that Reddit has started testing World as a solution to help users distinguish bots from real people. [...] World is also launching a tool called Concert Kit, which lets artists reserve concert tickets for verified humans, a pitch aimed squarely at the bot-driven scalping problem that critics say has plagued sites like TicketMaster. World will test the feature on the upcoming Bruno Mars World Tour featuring Anderson .Paak, who is scheduled to play a verified-humans-only show under his alias DJ Pee .Wee in San Francisco on Friday night. "The idea that World ID is not just private, but it's one of the most private things you've ever used, that's not obvious," says Sada. "We're just not used to this kind of technology. Many people used to tape their [iPhone's sensor used to enable] Face ID when it came out, then we got used to it."
  
  
  Read more of this story at Slashdot.
  

• Mozilla 'Thunderbolt' Is an Open-Source AI Client Focused On Control and Self-Hosting
  BrianFagioli writes: Mozilla's email subsidiary MZLA Technologies just introduced Thunderbolt, an open-source AI client aimed at organizations that want to run AI on their own infrastructure instead of relying entirely on cloud services. The idea is to give companies full control over their data, models, and workflows while still offering things like chat, research tools, automation, and integration with enterprise systems through the Haystack AI framework. Native apps are planned for Windows, macOS, Linux, iOS, and Android. Thunderbolt allows organizations to do the following: - Run AI with their choice of models, from leading commercial providers to open-source and local models- Connect to systems and data: Integrate with pipelines and open protocols, including: deepset's Haystack platform, Model Context Protocol (MCP) servers, and agents with the Agent Client Protocol (ACP)- Automate workflows and recurring tasks: Generate daily briefings, monitor topics, compile reports, or trigger actions based on events and schedules- Work seamlessly across devices with native applications for Windows, macOS, Linux, iOS, and Android- Maintain security with self-hosted deployment, optional end-to-end encryption, and device-level access controls
  
  
  Read more of this story at Slashdot.
  

• Amazon's New Fire TV Sticks No Longer Support Sideloading
  Amazon's newest Fire TV Sticks are dropping support for normal sideloading, blocking apps from outside the Amazon Appstore unless the device is registered with developers. Cord Cutters News reports: This week, Amazon announced the upcoming launch of a new Fire TV Stick HD. The new model will run on Amazon's Vega OS, rather than Android, so most streaming apps will be supported, but users won't be add third party apps. Now, on the product page to preorder the new Fire Stick, some Amazon customers are getting a message warning them that the new model won't allow sideloading. Interestingly, not all customers are getting the message, whether signed in to an Amazon account or not. The message, shown in a screenshot below, says: "For enhanced security, this device prevents sideloading or installing apps from unknown sources. Only apps from the Amazon Appstore are available for download." [...] The Fire TV Stick Select, announced in September 2025, also runs on Vega and some customers will see the same message about sideloading on that product page. [...] While Amazon continues to be a "multi-OS company," we should expect that future Fire TV models will also be built with Vega OS, limiting the apps users can access with their streaming devices to those from the Amazon Appstore.
  
  
  Read more of this story at Slashdot.
  

• OpenAI Starts Offering a Biology-Tuned LLM
  An anonymous reader quotes a report from Ars Technica: On Thursday, OpenAI announced it had developed a large language model specifically trained on common biology workflows. Called GPT-Rosalind after Rosalind Franklin, the model appears to differ from most science-focused models from major tech companies, which have generally taken a more generic approach that works for various fields. In a press briefing, Yunyun Wang, OpenAI's Life Sciences Product Lead, said the system was designed to tackle two major roadblocks faced by current biology researchers. One is the massive datasets created by decades of genome sequencing and protein biochemistry, which can be too much for any one researcher to take in. The second is that biology has many highly specialized subfields, each with its own techniques and jargon. So, for example, a geneticist who finds themselves working on a gene that's active in brain cells might struggle to understand the immense neurobiological literature. Wang said the company had taken an LLM and trained it on 50 of the most common biological workflows, as well as on how to access the major public databases of biological information. Further training has resulted in a system that can suggest likely biological pathways and prioritize potential drug targets. "We're connecting genotype to phenotype through known pathways and regulatory mechanisms, infer likely structural or functional properties of proteins, and really leveraging this mechanistic understanding," Wang said. To address LLMs' tendencies toward sycophancy and overenthusiasm, OpenAI says it has tuned the model to be more skeptical, so it's more likely to tell you when something is a bad drug target. There was a lot of talk about GPT-Rosalind's "reasoning" and "expert-level" abilities. We were told that the former was defined as being able to work through complex, multi-step processes, while the latter was derived from the model's performance on a handful of benchmarks. Access to GPT-Rosalind is currently limited "due to concerns about the model's potential for harmful outputs if asked to do something like optimize a virus's infectivity," notes Ars. Only U.S.-based organizations can request access at the moment.
  
  
  Read more of this story at Slashdot.
  

• Microsoft Increases the FAT32 Limit From 32GB To 2TB
  Longtime Slashdot reader AmiMoJo writes: Windows has limited FAT32 partitions to a maximum of 32GB for decades now. When memory cards and USB drives exceeded 32GB in size, the only options were exFAT or NTFS. Neither option was well supported on other platforms at first, although exFAT support is fairly widespread now. In their latest blog post, Microsoft announced that the limit for FAT32 partitions is being increased to 2TB. Of course, that doesn't mean that every device that supports FAT32 will work flawlessly with a 2TB partition size, but at least there is a decent chance that older devices with don't support exFAT will now be usable with memory cards over 32GB.
  
  
  Read more of this story at Slashdot.
  

• Newly Unsealed Records Reveal Amazon's Price-Fixing Tactics
  Newly unsealed records in California's antitrust case against Amazon allegedly show the company pressured third-party sellers to raise prices on rival sites like Walmart, Target, and Wayfair so Amazon could maintain the appearance of offering the lowest price. California says Amazon used tools like Buy Box suppression to punish cheaper listings elsewhere. The Guardian reports: [...] In one previously redacted deposition, marked "highly confidential," Mayer Handler, owner of a clothing company called Leveret, testified that he received an email in October 2022 from Amazon notifying him that one of his products was "no longer eligible to be a featured offer" through Amazon's Buy Box. The tech giant, he testified, had suppressed the item, a tiger-themed, toddler's pajama set, because his company was selling it for $19.99 on Amazon, a single cent higher than what his company was offering it for on Walmart. Afterwards, Handler testified, his company "changed pricing on Walmart to match or exceed Amazon's price" or changed the item's product code to try to throw off Amazon's price tracking system. In response to a question from the Guardian, Handler criticized Amazon for tracking prices across the internet and "shadow" blocking his company's products -- tactics which he said were depriving consumers of "lower prices." "Maybe that's capitalism," he wrote. "Or that's a monopoly causing price hikes on the consumer." In another unsealed deposition, Terry Esbenshade, a Pennsylvania garden store supplier, testified in October 2024 that whenever his products lost Amazon's Buy Box because of lower prices elsewhere on the internet, his sales on Amazon would plummet by about 80%. This financial reality forced him to try to raise his products' prices with other retailers elsewhere, he said. In one instance, Esbenshade testified, he discovered that one of his company's better-selling patio tables had "become suppressed" on Amazon. Esbenshade wasn't sure why, he recalled, until someone at Amazon suggested he look at Wayfair, another online retailer that happened to be selling his patio table below Amazon's price. The businessman went online and set up a new minimum advertised price for the table on Wayfair to ensure it was higher than Amazon's. "So that raised the price up, and, voila, my product came back" on Amazon, he said, thanks to the reinstatement of the Buy Box.
  
  
  Read more of this story at Slashdot.
  

• Open Source Powers the Planet — Get 35% Off Sitewide
  For a limited time, get 35% off sitewide with code EARTH26. Build in-demand skills, earn certifications, and grow your impact with training designed for real-world success. SAVE NOW
  
  The post Open Source Powers the Planet — Get 35% Off Sitewide appeared first on Linux.com.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• 15 years after 'Video Games,' Lana Del Rey has an actual video game song
  
  The James Bond franchise has a long history of getting pop stars to record its theme songs (perhaps most memorably with IO Interactive has announced that Lana Del Rey co-wrote and performed the theme for the moody and abstract opening credits released alongside the song, could vaguely gesture at the themes of the game. IO Interactive has previously said that its game focuses on a young, inexperienced and more reckless Bond, before he developed his trademark cool. The developer is also integrating the stealth mechanics it perfected in Hitman into the upcoming game.
  
  Del Rey9s personal gaming experience may begin and end with her hit "Video Games," which was apparently written about a former boyfriend9s love of World of Warcraft, but the artist does know how to write a song with Bond in mind. Lana Del Rey shared in 2024 that her song "24" from the album Honeymoon was originally written for 20179s Spectre, one of several songs that were cast aside in favor of Sam Smith9s "Writing9s on the Wall."
  
  007 First Light is coming to Xbox Series X/S, PlayStation 5 and PC on May 27, 2026. A Nintendo Switch 2 version of the game is now coming out this summer.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/15-years-after-video-games-lana-del-rey-has-an-actual-video-game-song-221925735.html?src=rss

• The PBS Artemis II documentary is streaming on YouTube
  
  The crew of NASA9s Artemis II mission have safely returned to Earth, but if your Moon fever has yet to break, or you9re curious to get a big picture view of how the second of a planned five Moon missions was pulled off, PBS has a new documentary you9ll want to watch. The hour-long on YouTube right now.
  
  Return to the Moon covers the history of NASA9s Artemis program, and specifically the planning and preparation that went into Artemis II. Per the documentary9s official description:
  
  Follow the four members of the Artemis II crew as they embark on a perilous 10-day journey to orbit the Moon, venturing beyond Earth orbit for the first time since Apollo and farther into the Solar System than any humans have gone before. And get an inside look at the preparations needed to overcome the extreme engineering challenges of human-crewed spaceflight, all the way from launch to splashdown.
  
  The last Apollo mission was in 1972, so Artemis II getting a group of four astronauts anywhere near the Moon has naturally generated a lot of excitement. The crew flew further away from Earth than anyone has gone so far, captured some stunning photos of both the Moon and our home planet and managed to make everyone feel better about their dislike of Microsoft Outlook. Few Moon missions have been as well-documented or relatable.
  This article originally appeared on Engadget at https://www.engadget.com/science/the-pbs-artemis-ii-documentary-is-streaming-on-youtube-210347406.html?src=rss

• A lot of you panic-bought PCs to avoid RAMaggedon 2026
  The specter of price hikes caused by the current AI-driven demand for memory and storage appears to have convinced a fair share of people to buy a new computer. According to data analyzed by Counterpoint Research, global PC shipments grew around 3.2 percent year-over-year in Q1 2026, "driven by pre-emptive buying before memory-led price increases hit the retail level" and Microsoft forcing some customers to upgrade by ending support for Windows 10 last year.
  
  Sales hit 63.3 million units during the first quarter, Counterpoint says, and were particularly concentrated in five high-end PC makers: Lenovo, ASUS, Apple, HP and Dell. Of the five, Lenovo commands the most PC market share at 26 percent, but sales increased for almost all of the companies, save for HP, whose year-over-year sales technically declined by 5 percent. Of particular note, Apple9s PC sales grew by 11 percent, likely on the strength of the M5 updates it made to the MacBook Pro and MacBook Air, and the introduction of the affordable $600 MacBook Neo. Counterpoint suggests the updates could drive even further sales growth next quarter. 
  
  Even with positive sales, the PC industry as a whole is by no means out of the woods. "The aggressive expansion in AI infrastructure investment is driving up overall component costs, which will likely impact the pricing of CPUs and other key components in [PCs]," Counterpoint Senior Analyst Minsoo Kang says. "Ultimately, the sustained upward pressure on costs and the resulting hike in retail prices are expected to have a significant negative impact on the PC market’s growth in 2026."
  
  A general sense that the worst is yet to come is consistent with what other analysts have warned about the current shortages of RAM and storage. In December 2025, IDC predicted that PC shipments could drop as much as 8.9 percent in 2026 in response to the price of RAM, and later revised its prediction to 11.6 percent this past March. Even if consumers aren9t feeling the worst of these price hikes just yet, new announcements of price increases seem to arrive like clockwork every few weeks — for example, this week, Meta raised the price of its Quest headsets — which means if they aren9t feeling them now, they will soon.
  This article originally appeared on Engadget at https://www.engadget.com/computing/a-lot-of-you-panic-bought-pcs-to-avoid-ramaggedon-2026-200237204.html?src=rss

• Sam Altman's 'human verification' company thinks its eye-scanning orbs could solve ticket scalping
  Sam Altman9s cryptocurrency turned identity verification startup Tools for Humanity is offering a new set of perks to people who scan their eyes at one of the company9s orbs. Among them, is a new tool called Concert Kit that could help bands and artists fight back against ticket scalping bots. 
  
  The new feature relies on the revamped World ID, the orb-based verification system that scans users eyeballs and faces to create a "proof of human" signature that lives on users9 mobile devices. "It9s basically like a little human passport for the internet that lets you prove on apps and websites that you are a real and unique human without revealing anything about yourself," Tools for Humanity Chief Product Officer Tiago Sada tells Engadget. 
  
  Now, as more apps and services are starting to support World ID, that "human passport" can unlock some new abilities. Coupled with Concert Kit, it allows artists to designate a specific pool of tickets for "verified" humans only. The concept is a bit like how pre-sales currently work, with artists (or their teams) setting aside a specific number of tickets for people who have set up a World ID. Those folks can then use their World ID to get ticket codes for Ticketmaster, Eventbrite, AXS or other major ticketing platforms. 
  
  Because World ID is limited to actual, "verified," humans the system won9t be susceptible to the same tactics that have enabled bots to ruin the ticket-buying process for so many, Tools for Humanity says. Artists are also in control of what level of verification they want to require from their fans. (The new World ID app will also allow people to set up an account with a selfie check if they don9t have ready access to an orb.) 
  
  Just how much of a dent Concert Kit will be able to make in the massive scalping bot problem that plagues the concert industry is less clear. So far, Bruno Mars is slated to use the solution on his upcoming world tour — no word on just how many of his tickets will be reserved for World ID-verified humans, though — and Concert Kit is available to other artists starting today.
  
  Concert Kit is one of several new integrations and updates to World ID that Tools for Humanity announced at an event in San Francisco Friday. Tinder, which earlier this year started testing World ID as an age verification solution in Japan, will be rolling out support worldwide. In the US, Tinder9s integration won9t be for age verification, though. Instead, it will indicate whether there is an actual "verified" human behind a given profile.
  Tinder profiles that verify with World ID will get a badge as an extra signal of authenticity.Tools for Humanity
  On the enterprise side, Zoom and DocuSign are also adding support for World ID to help businesses verify that there is an actual person (and not a deepfake or bot) joining their video calls or signing important documents. Tools for Humanity is also introducing a standalone app for World ID that separates its identity verification tools from its existing crypto wallet app.
  
  The updates are Tools for Humanity9s latest attempt to make their orb-based verification system, which has been widely mocked, more mainstream and perhaps a little less dystopian. (Elsewhere, orbs have begun appearing in some new places like a San Francisco Gap.) 
  
  On their part, Tools for Humanity seems aware that a lot of people aren9t ready to scan their faces at a bunch of orbs controlled by Altman just to "prove" they are humans. I asked Sada, Tools for Humanity9s Chief Product Officer, what he would say to people who think that the company is solving for the wrong problem: that really it should be up to ticketing platforms and dating apps and other services to strengthen their security and bot-fighting tools, rather than rely on their users to "prove" their humanness. 
  
  He said it was a "completely understandable question" and compared it to some people9s initial discomfort with things like Apple9s TouchID or FaceID. "Not everyone has to do it upfront, and that9s important," he said. "It9s optional. If you want to have a World ID, you get access to that enhanced experience."
  This article originally appeared on Engadget at https://www.engadget.com/ai/sam-altmans-human-verification-company-thinks-its-eye-scanning-orbs-could-solve-ticket-scalping-171500555.html?src=rss

• Bluesky blames DDoS attack for server outages
  Bluesky is once again having a wobble. The platform said some of its systems are down and that it’s “investigating an incident with service in one of our reginos” (that’s Bluesky’s typo, not mine). The issue appears to have started at 1:42AM ET and was still persisting as of 11AM when this story was originally published. Since then, the site has been experiencing intermitent interuptions, including at times to its status page where users should be able to monitor outages.
  
  At 7:47PM ET, the platform explained that it’s been attempting to mitigate “a sophisticated Distributed Denial-of-Service (DDoS) attack, which intensified throughout the day.” It said the attack had caused interruptions to users’ feeds, notifications, threads and search, all of which the Engadget team experienced first-hand at various points through the day. While DDoS attacks are frequently used as virtual smokescreens for hacks, Bluesky says it has “not seen any evidence of unauthorized access to private user data.” The social media service had another brief outage earlier this month.
  
  In a later update on April 17, Bluesky noted that the DDoS attacks are “ongoing” but that the service has been stable since about 9PM PT last night. The company also reaffirmed that it hasn’t seen any evidence of access to user data. The next update is set to arrive by end of day Friday.
  
  Update, April 17, 12:47PM ET: This story was updated with Bluesky’s latest outage update.
  
  Update, April 16, 8PM ET: This story was updated after publish with an of the outage from Bluesky.
  
  
  This article originally appeared on Engadget at https://www.engadget.com/social-media/bluesky-blames-ddos-attack-for-server-outages-150515882.html?src=rss

• NASA restarts work to support Europe's uncrewed trip to Mars after years of setbacks
  NASA pic.twitter.com/zW3i3iFaEQ
  — Senator Mark Kelly (@SenMarkKelly) April 10, 2026
  However, the setbacks didn9t even end there. The Trump administration has repeatedly tried to end NASA9s involvement with the project, and many others, via stark budget cuts. The current proposal was made while the Artemis II crew was on their mission around the Moon, according to a report by The Register. Here9s hoping the launch actually happens in 2028.
  This article originally appeared on Engadget at https://www.engadget.com/science/space/nasa-restarts-work-to-support-europes-uncrewed-trip-to-mars-after-years-of-setbacks-161524488.html?src=rss

• Panic says the Playdate Catalog won't accept games made with generative AI
  Panic, the company behind the tiny and excellent Playdate console, is taking a stand on generative AI. The company has published an AI disclosure that says as of this month, the Playdate Catalog “will no longer accept titles that use ‘Generative AI’ for art, audio, music, text, or dialog.” Panic does allow for developers to use AI assistance for coding, but also says that “we will flag any title as such and specify the extent that it was used (for example, “Lua debugging”) so the customer can decide whether to support it or not.”
  
  This comes a day after Panic announced that Playdate season three was happening and would arrive later this year. For those who don’t recall, the Playdate includes a “season” worth of games when you buy it, 24 titles in total with two revealed every week. Season two came out last year with 12 games — but, as Game Developer notes, one of those games used generative AI for writing and coding. On Bluesky, someone asked Panic if it would disclose what games in season three used AI, and the company confirmed that it was a requirement for season three that developers not use AI for art, music, writing or coding.
  
  Specifically, Panic says you can’t use large language models like ChatGPT or Google Gemini, AI image generators like Stable Diffusion or audio generators like MuseNet and Suno. Previously-approved games with generative AI will be allowed to stay on the catalog with a disclosure that indicates what exactly AI was used for. The company says these guidelines are “under constant discussion and is subject to change at any time.”
  
  I recall seeing AI disclosures on games in the Playdate Catalog in the past, but it makes sense to be up-front and clear on exactly what Panic allows and what it will reject. That said, it’s fairly easy to sideload games onto a Playdate, so anyone who wants to use generative AI to make a game isn’t entirely out of luck — though distribution and discovery for Playdate owners will obviously be harder.
  
  
  
  
  
  
  This article originally appeared on Engadget at https://www.engadget.com/gaming/panic-says-the-playdate-catalog-wont-accept-games-made-with-generative-ai-160615022.html?src=rss

• Exit 8 is cinema for the livestreaming era
  The rules of Exit 8, both the cult indie game and the recent film adaptation, are simple: You9re stuck in a subway station that loops around endlessly. If you notice any anomalies on your current loop, you turn around. If everything is the same, you keep going forward. Each successful guess takes you to a new entrance where the loop recurs, until you reach the end of the labyrinth, Exit 8 itself. 
  
  It9s a setup that perfectly suits a first-person video game, where you can fully control where your character looks and moves. And it9s also something director Genki Kawamura deftly replicates in the film through long tracking shots and sweeping camera movements. Even without a controller, or a keyboard and mouse, the viewer remains immersed, looking and listening for any minor changes. Within just a few minutes, the film makes it clear it9s not just another thoughtless video game adaptation like The Mario Galaxy Movie — it9s an attempt to translate the experience of the game to an entirely new medium.
  
  That9s a daunting challenge for most artists, but Kawamura is no stranger to jumping between formats. He9s known for producing popular anime films from the likes of Makoto Shinkai and Mamoru Hosoda, including Your Name and Belle. He9s also made a name for himself as a best-selling author, with books including the novelization of Exit 8.
  
  Kawamura9s perspective for the film came from a conversation with Nintendo9s legendary game designer Shigeru Miyamoto, who had mentioned that the greatest games are both fun for the players and people watching them. "So what I tried to do in the film is to really place the audience in the shoes of the player in certain shots... almost like they were watching a live stream of a video game in other scenes," he said in an interview with Engadget (via a translator). "That9s kind of structurally the through-line of the film."
  
  The Exit 8 adaptation balances that sense of immersion with a more traditional narrative structure, something the game lacked entirely. As the film begins, we9re introduced to a young man standing in a crowded train. A drunken businessman shouts at a mother to quiet crying baby down. Instead of telling the belligerent salaryman to fuck off, the young man plugs in his earbuds and tries to ignore the situation, just like everyone else. He eventually steps off, while the tearful mother suffers through the verbal assault.
  
  It9s a scene that anyone who9s lived in a crowded city can relate to — the moments where you know you should try to help a stranger, but fear, cowardice or embarrassment hold you back. 
  Exit 8NEON
  Shortly after receiving a call from his ex-girlfriend, who reveals that she9s pregnant, the young man stumbles into the Exit 8 loop. At first, it9s just a normal subway station, with large poster ads, a photo booth and random maintenance doors. But he quickly notices that the room repeats itself. Thanks to a helpful set of instructions on the wall, he learns that his only way out is to start tracking anomalies, like slight changes in text, or the way a robotic businessman walks past him. And yes, things get freaky quickly. 
  
  Kawamura points to his experience working in animation as a major influence for Exit 8. In particular, the works of Satoshi Kon and Katsuhiro Otomo influenced how he externalized what characters were thinking and feeling, as well as how he depicted the interaction of dream and real worlds. 
  
  " When we were filming, I told my DP [director of photography] that the main character of this film is the corridor," he said. "And all of our human characters, they have no names, so therefore they9re NPCs in this corridor, which is the main character. So I wanted the corridor to almost evoke this feeling in the audience that it has a will of its own. And this yellow Exit 8 sign is almost like this divine God-like being."
  
  Kawamura says he personally views it as the corridor challenging humans who have a guilty conscience, but you can easily read in other meanings. More importantly, Exit 8 isn9t merely a faithful recreation of the source material — it adds enough to make a case for existing a separate medium, a challenge many video game adaptations fumble.
  This article originally appeared on Engadget at https://www.engadget.com/entertainment/tv-movies/exit-8-is-cinema-for-the-livestreaming-era-151112907.html?src=rss

• Anthropic now has a design assistant too
  In hindsight, I suppose it was only a matter of time after Anthropic made Claude capable of generating charts and diagrams that the company would then begin offering a more robust image editor. Now, a little more than a month after that release, Anthropic has announced Claude Design, a new research preview that allows subscribers to use Claude to generate designs, prototypes, slides and more.  
  
  "Claude Design gives designers room to explore widely and everyone else a way to produce visual work," Anthropic says of its newest product. As with its previous forays into image generation, the company isn9t calling this, well, an image generator. Instead, Anthropic describes Opus 4.7, the system powering the app, as its most capable vision model to date. In other words, you won9t be using Claude Design to whip up a picture of a cat in space eating a lasagna.  
  
  As you might expect, every project in Claude Design starts with a prompt. From there, Anthropic notes users can refine Claude9s outputs through conversation, inline comments and direct edits. Like Adobe9s recently announced AI assistant, Claude will also generate custom sliders that correspond to specific elements in a design, which the user can push and pull to modify those elements. For instance, in the screenshot below, you can see how Claude has tweaked the interface to allow the user to adjust the glow and density of arcs it used to illustrate a connected network.
  Claude Design will generate custom sliders you can use to adjust specific visual elements. Anthropic
  Anthropic has also built an onboarding process that allows Claude to build an internal visual language after reading your organization9s codebase and existing design documents. "Every project after that uses your colors, typography, and comments automatically," according to the company. Outside of text prompts, there9s also support for image and document uploads, and Anthropic has even included a web capture tool so enterprise customers can snapshot elements from their company9s website. There9s also built-in sharing, and you can export a design directly to Claude Code. In the coming weeks, Anthropic has promised to make it easier to build integrations with its new app. 
  
  Claude Design arrives in the same week that both Adobe and Canva released their own visual AI assistants. If Anthropic is preparing to eat Canva’s lunch, it9s doing so in a strange way given that you can export your Claude Design projects to Canva. If you want to try the new app for yourself, it9s available as part of Anthropic9s Pro, Max, Team and Enterprise subscriptions, with usage running up against your usage limits.
  This article originally appeared on Engadget at https://www.engadget.com/ai/anthropic-now-has-a-design-assistant-too-150000903.html?src=rss

• Roblox agrees to a $12 million settlement with Nevada
  Amidst ongoing legal trouble with several states and more than 100 pending lawsuits, this week Roblox announced a $12 million settlement with Nevada, allowing the company to avoid going to trial in this case.
  
  Following the agreement, Nevada Attorney General Aaron Ford said "this settlement will create a safer environment for our children online, and I hope that it will serve as a bellwether for how online interactive platforms allow our state9s youth to use their products." As part of the deal, Roblox has agreed to give $10 million over three years to local children9s support programs like the Boys and Girls Club and other nondigital groups while spending another $2.5 million to fund a law enforcement liaison position and awareness campaigns regarding online safety.
  
  Additionally, Roblox will also implement more rigorous safety protocols including an age verification system that combines a facial age estimation system with government-issued IDs that will only allow children to talk with other players of a similar age. Furthermore, users under 16 will not be allowed to message adults unless they have been designated as a "trusted friend," which can be assigned via QR code. This is intended to ensure that any adults who talk to minors on the platform have an existing relationship with the child.
  
  Parental controls will be available for accounts of users up to 16 years old (previously the limit was 13). The company says it will also create children9s accounts for anyone under 16 that will restrict access to adult content and provide a list of games that have been vetted to be appropriate for younger players. These changes come after a recent update that established new guidelines for Roblox Kids accounts (for children between five and eight years old) and Roblox Select accounts (for children between nine and 15), which come with varying content and chat restrictions. 
  
  However, while Roblox has settled with Nevada, the company is still facing a number of lawsuits from other parties and states including Kentucky, Iowa, Louisiana, Texas and more, regarding claims that the platform has knowingly facilitated child sexual exploitation.
  
  
  This article originally appeared on Engadget at https://www.engadget.com/gaming/roblox-agrees-to-a-12-million-settlement-with-nevada-142842421.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice