All the News that Matters

• Fedora 42 curl Critical Authentication Fixes 2026-907bbf2a13
  fix bad reuse of HTTP Negotiate connection (CVE-2026-1965) fix token leak with redirect and netrc (CVE-2026-3783) fix wrong proxy connection reuse with credentials (CVE-2026-3784) fix use after free in SMB connection reuse (CVE-2026-3805)

• Fedora 43 python3.12 Critical Security Fixes CVE-2026-1502 2026-f684007460
  Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-6100, CVE-2026-2297, CVE-2026-3644, CVE-2026-4224

• Rocky Linux: RLSA-2026:8459 thunderbird security update Security Advisories Updates
  Important: thunderbird security update

• Rocky Linux: RLSA-2026:8471 .NET 10.0 security update Security Advisories Updates
  Important: .NET 10.0 security update

• Rocky Linux: RLSA-2026:8469 .NET 8.0 security update Security Advisories Updates
  Important: .NET 8.0 security update

• Rocky Linux: RLSA-2026:8510 libarchive security update Security Advisories Updates
  Important: libarchive security update

• GNOME's Maps, Graphs, RustConn & Other App Improvements
  For pairing nicely with the GNOME 50 desktop release last month, a number of GNOME-associated apps have been seeing new features and refinements...

• KDE Plasma 6.7 Will Add Per-Screen Virtual Desktops and Wayland Session Restore
  KDE Plasma 6.7 will enhance multi-monitor workflows by allowing each screen to switch between virtual desktops independently.

• WireGuard For Windows Reaches v1.0
  For those making use of the WireGuard open-source, secure VPN tunnel software, WireGuard For Windows 1.0 is finally available...

• KDE Gear 26.04 Software Suite Is Out with Many Improvements for KDE Apps
  KDE Gear 26.04 open-source software suite is now available with improvements for many of your favorite KDE applications. Here’s what’s new!

• Linux 7.1 Lands High Resolution Timer "HRTIMER" Overhaul
  Merged this week for Linux 7.1 was a rework of the high resolution timer "HRTIMER" subsystem for reducing the overhead of frequently-armed timers, such as the HRTICK scheduler timer. The HRTICK scheduler timer is useful for enhancing system responsiveness and fairness...

• openSUSE Tumbleweed Lands GNOME 50, systemd-boot on New UEFI Installs
  openSUSE Tumbleweed get the GNOME 50 desktop environment, systemd-boot as the default bootloader for new UEFI installs, and better Full Disk Encryption.

• Linux 7.1 Adds New AMD SMCA Bank Types, Presumably For Upcoming EPYC Venice
  The AMD Machine Check Exception "mce_amd" driver as part of the Error Detection And Correction (EDAC) subsystem is introducing support for new SMCA bank types on AMD platforms. Given the timing these new bank types are presumably for AMD's upcoming Zen 6 / EPYC Venice hardware...

• Fedora 44 Faces Second Release Delay, New Target Set for April 28
  Fedora 44 missed its second release target after April 21 was declared a no-go, and the distro is now officially aiming for April 28.

• Solus 4.9 “Serenity” Released with Linux 6.18 LTS, KDE Plasma 6.6, and More
  Today, the Solus team released Solus 4.9 (codename Serenity) as the latest stable snapshot of this independent Linux distro featuring Budgie, GNOME, KDE Plasma, and Xfce flavors.

• Glibc Lands A Big Optimization For LoongArch CPUs
  Loongson's LoongArch processors are running decent in our recent Loongson 3B6000 benchmarks but even better performance is on the way with the next GNU C Library "glibc" release...

• Remembering Zip Drives - the Trendy Storage Technology of the 1990s
  Back in the 1990s, floppy disks "had a mere capacity of 1.44MB," remembers XDA Developers, "which would soon become absolutely tiny for the increasingly large pieces of software that would come about."Floppy disks also felt quite fragile, and while we got "superfloppy" formats that were physically larger and had more capacity, those were pretty unwieldy as portable storage. Enter 1994, when a company called Iomega introduced its variant of a "superfloppy", the Zip drive... [T]he initial capacity introduced in 1994 reached a whopping 100MB, which was huge number when put up against the traditional floppy disk. Zip drives also had major performance benefits, with read speeds that could average 1.4MB/s, as opposed to the comparatively sluggish 16kB/s speeds of a traditional floppy disk, as well as a seek time of around 28ms seconds, whereas a floppy disk averaged 200ms. Zip drives weren't quite as fast as desktop HDDs, but for portable storage, this was a huge step forward... [I]n 1998, Iomega introduced the Zip 250 disks, which increased the capacity to 250MB, and, already in the new millennium, we got the Zip 750, which took that further to 750MB... It was an appealing enough proposition that big computer manufacturers like Dell started including a Zip drive in some of their PCs. Even Apple included Zip drives in some of its Power Macintosh models from the mid-to-late 90s. However, things started to shift towards the end of the decade as other portable formats rose to prominence, most notably CDs and USB flash drives. Despite their initial success, it didn't take long for users to start noticing a major drawback of Zip drives: many times, they would just fail. It wasn't necessarily related to age or any particular misuse of the disks, it just happened. It was a big enough phenomenon that it became known as the "click of death", and once it happened, your drive was gone. The problem was estimated by Iomega to affect around 0.5% of Zip drives, but while that sounds like a small number, when you sell products by the thousands, it becomes fairly widespread. It was a big enough issue that, in September 1998, a class action lawsuit was filed against Iomega for the common problems. Some of the complaints in that lawsuit were eventually dismissed by the court of Delaware, but others were not, and once the public became aware of the problems with Zip drives, it was hard for the brand to make a comeback. It didn't help that this happened around the same time as formats such as CDs were becoming more popular... And eventually, USB flash drives became the most popular way to carry data around since they were smaller and offered much faster speeds... Eventually, after seeing its profits plummet by the mid-2000s, Iomega was sold to a company called EMC in 2008, and in 2013, EMC and Lenovo formed a joint venture that took over Iomega's business and removed all of the Iomega branding from its products. The article does note that "as late as 2014, some aviation companies were still using Zip drives to distribute updates for navigation databases." Are there any Slashdot readers who still remember their own Zip drive experiences? Share your memories in the comments of that once-so-trendy storage technology from the 1990s...
  
  
  Read more of this story at Slashdot.
  

• Duolingo CEO Says They've Stopped Tracking Employees' AI Use for Performance Reviews
  Last May Duolingo's stock peaked at $529.05. But while the learning app passed $1 billion in revenue in 2025 and 50 million daily active users, today its stock price has dropped more than 81%, to $100.51. And there's been other changes, reports Entrepreneur:In April 2025, Duolingo CEO Luis von Ahn made headlines after writing a memo calling the company "AI-first." In the memo, von Ahn announced that the language-learning platform would track employees' AI use in performance reviews. Now, a year later, von Ahn is backtracking and rethinking how he measures employee performance. He told the Silicon Valley Girl podcast earlier this month that Duolingo no longer considers AI use in performance reviews. The change arose after employees started to ask, "Do you just want us to use AI for AI's sake?" von Ahn explained. "We said no, look — the most important thing in your performance is that you are doing whatever your job is as well as possible. A lot of times, AI can help you with that, but if it can't, I'm not going to force you to do that," von Ahn said on the podcast. He felt as though the company was "trying to push something that in some cases did not fit" instead of "being held accountable for the actual outcome." The CEO is, however, still sticking to other "constructive constraints" he introduced in the April 2025 memo, including stopping contractor hiring in cases where AI can assume their workload... Von Ahn also mentioned that a few months ago, Duolingo had a day dedicated to vibe coding, or prompting AI to create an app without manually writing a single line of code. Every single person at the company, from engineers to human resources professionals, had to vibe code an app. Vibe coding has made an impact at the company. One of Duolingo's latest offerings, a course teaching users how to play chess, arose when two people vibe-coded the first prototype of it, the CEO said. Neither of them knew how to play chess or program, but they managed to use AI to create the whole chess curriculum and a prototype of the app in about six months last year. Now chess is Duolingo's fastest-growing course, according to von Ahn. "At this point, we have seven million daily active users that are learning chess," the CEO said on the podcast.
  
  
  Read more of this story at Slashdot.
  

• SpaceX, Blue Origin Compete For 'Artemis III' Mission
  After Artemis II's astronauts returned to earth, "NASA has Artemis III in its sights," reports the Associated Press:In a mission recently added to the docket for next year, Artemis III's yet-to-be -named astronauts will practice docking their Orion capsule with a lunar lander or two in orbit around Earth. Elon Musk's SpaceX and Jeff Bezos' Blue Origin are racing to have their company's lander ready first. Musk's Starship and Bezos' Blue Moon are vying for the all-important Artemis IV moon landing in 2028. Two astronauts will aim for the south polar region, the preferred location for [NASA Administrator Jared] Isaacman's envisioned $20 billion to $30 billion moon base. Vast amounts of ice are almost certainly hidden in permanently shadowed craters there — ice that could provide water and rocket fuel. The docking mechanism for Artemis III's close-to-home trial run is already at Florida's Kennedy Space Center. The latest model Starship is close to launching on a test flight from South Texas, and a scaled-down version of Blue Moon will attempt a lunar landing later this year.
  
  
  Read more of this story at Slashdot.
  

• New Movie Trailer Shows First AI-Generated Performance By a Major Star: the Late Val Kilmer
  "A trailer has been released for the first film to star an authorised generative AI version of a major Hollywood actor," writes The Guardian:Val Kilmer was cast in western As Deep As the Grave before his death in April 2025. Production delays meant he never shot any scenes, but the creative team worked with UK-based company Sonantic to create an AI speaking voice based on his old recordings. His estate and daughter Mercedes collaborated with the film-makers on the visual deepfake of the actor. Kilmer, who was diagnosed with throat cancer, was also assisted by technology for his cameo in 2022's Top Gun: Maverick... Writer-director Coerte Voorhees confirmed that Kilmer is seen for around an hour of the film's running time... Voorhees has said that the production followed Sag-Aftra [union] guidelines, and that Kilmer's estate — which provided archival material for them to use — was compensated financially. "Kilmer's likeness can be seen portraying Father Fintan, a Catholic priest and Native American spiritualist," adds The Hollywood Reporter. But the AV Club calls it "ghoulish puppet show time." "Having your AI Val Kilmer puppet whisper 'Don't fear the dead, and don't fear me' in a movie trailer is a bold choice..."He is accompanied (per Variety) by a whole host of disclaimers, caveats, and explanations offered by writer-director Coerte Voorhees and his associates: Kilmer deeply wanted to be in the movie, but was too sick to do so. His family endorses and supports his inclusion. He was a big fan of technology, including, presumably, its use in turning his own image into a digital avatar to then shove into movies... The fact is, of course, that nobody would be paying a fraction of this attention to As Deep As The Grave — about early female archeologist Ann Axtell Morris — if it weren't now being used as the stage on which Voorhees was very publicly accepting the dare to go full-on ghoulish with AI tech. "The filmmakers said they hoped they were showing Hollywood how to use the technology in a positive way..." notes Australia's ABC News. But their articles add that "Some have called the trailer 'terrifying' and 'disgusting' on social media." Mashable writes:"Very fitting that this trailer includes a scene where a corpse is unceremoniously yanked out of the ground," read one of the top comments on As Deep as the Grave's trailer at time of writing... [O]nline commenters have labelled it disgusting and disrespectful, not only for digitally reanimating Kilmer but also for the damaging precedent As Deep as the Grave's use of AI could set for the film industry as a whole.
  
  
  Read more of this story at Slashdot.
  

• Old Cars 'Tell Tales' by Storing Data That's Never Wiped
  Slashdot reader Bismillah shared this report from ITNews:Research and development engineer Romain Marchand of Paris headquartered Quarkslab obtained a telematic control unit (TCU) from a salvage yard in Poland... Marchand tore down the TCU, which is based on a Qualcomm system on a chip, and extracted the Linux-based file system from the Micron multi-chip package (MCP) which contained NAND-based non-volatile storage memory. The non-volatile storage contained sensitive information, including system configuration data and more importantly, logs that revealed the vehicle's GPS positions over time. None of that information was encrypted, Marchand told iTnews, which made it possible to collect and retrieve sensitive data of interest. What's more, the global navigation satellite system (GNSS) logs with GPS positions covered the BYD's full journey from the factory in China to its operational life in the United Kingdom, and to its final wrecking in Poland, Marchand explained in an analysis... The issue is not restricted to BYD, and Marchand added that the hardware architecture of the Chinese car maker's TCU is broadly similar to what can be found in other brands.
  
  
  Read more of this story at Slashdot.
  

• Fewer US College Students Major in CS. More Choose Data Science, Engineering
  "From 2008 to 2024, the number of four-year computer science degrees granted rose about fivefold..." reports the Washington Post. Then in 2025 CS suddenly dropped from the fourth-largest undergraduate major to sixth, they report (citing data from the nonprofit National Student Clearinghouse, which compiles numbers from 97% of U.S. universities. The 54,000-student drop was "the biggest one-year drop of any major discipline going back to at least 2020." But what major are they choosing instead?Sarah Karamarkovich, a research associate with the National Student Clearinghouse, pointed to an explanation from the data that we had overlooked. Enrollments in two interdisciplinary majors, data analytics and data science, topped a combined 35,000 in the fall of 2025. That was up from a few hundred when those disciplines were broken out into their own majors in 2020. Those relatively new categories reflect colleges' zeal to create specialized majors, including in AI, data science, robotics and cybersecurity. Some of those disciplines may be counted in the national enrollment data as computer science. Others are not. The numbers suggest that some of the disappearing computer science majors didn't flee so much as they splintered into related disciplines.... The 8 percent decline in computer science majors last fall was nearly mirrored by a 7.3 percent increase in engineering majors, according to the National Student Clearinghouse data. Within engineering, mechanical and electrical engineering major enrollments increased by the largest absolute amounts — a jump of 11 percent and 14 percent, respectively.
  
  
  Read more of this story at Slashdot.
  

• US Congress Fails to Pass Long-Term FISA Extension, Authorizes It Through April 30
  Yesterday the U.S. Congress approved "a short-term extension" of a FISA law that allows wiretaps without a warrant for surveilling foreign targets, reports CNN — but only until April 30. Republican congressional leaders had sought an 18-month extension, but "failed to secure" the votes after "clamoring from some of their members for reforms to protect Americans' privacy."The warrantless surveillance law, known as Section 702 of the Foreign Intelligence Surveillance Act, was set to expire on Monday night. Members are hoping the additional time will allow them to come to agreement without ending authorization for the intelligence gathering program, which permits US officials to monitor phone calls and text messages from foreign targets... There was an hour of suspense in the Senate Friday morning when it appeared possible that Democratic Sen. Ron Wyden, a longtime critic of FISA 702, might block the House-passed extension. But ultimately, he said his House colleagues had assured him "this short-term extension makes reform more likely, and expiration makes reform less likely," and so he chose not to object.... House Republican leaders believed Thursday night they had struck a deal with conservative holdouts who harbor deep and longstanding concerns that a key piece of the law infringes on Americans' privacy rights. But in a pair of after-midnight votes, more than a dozen rank-and-file Republicans rejected the long-term reauthorization plan on the floor, which was the result of days of tense negotiations among leadership, lawmakers and the White House. The law allows authorized US officials to gather phone calls and text messages of foreign targets, but they can also incidentally collect the data of Americans in the process. Senior national security officials have for years said the law is critical for thwarting terror attacks, stemming the flow of fentanyl into the US and stopping ransomware attacks on critical infrastructure. Civil liberties groups on the left and the right, meanwhile, argue the surveillance authority risks infringing on Americans' privacy.
  
  
  Read more of this story at Slashdot.
  

• 30 WordPress Plugins Turned Into Malware After Ownership Change
  Wednesday BleepingComputer reported that more than 30 WordPress plugins "have been compromised with malicious code that allows unauthorized access to websites running them."A malicious actor planted the backdoor code last year but only recently started pushing it to users via updates, generating spam pages and causing redirects, as per the instructions received from the command-and-control (C2) server. The compromise affects plugins with hundreds of thousands of active installations and was spotted by Austin Ginder, the founder of managed WordPress hosting provider Anchor Hosting, after receiving a tip about one add-on containing code that allowed third-party access. Further investigation by Ginder revealed that a backdoor had been present in all plugins within the EssentialPlugin package since August 2025, after the project was acquired in a six-figure deal by a new owner.... "The injected code was sophisticated. It fetched spam links, redirects, and fake pages from a command-and-control server. It only showed the spam to Googlebot, making it invisible to site owners," explained Ginder. "WordPress.org's v2.6.9.1 update neutralized the phone-home mechanism in the plugin," Ginder writes in a blog post. "But it did not touch wp-config.php. The SEO spam injection was still actively serving hidden content to Googlebot. "And here is the wildest part. It resolved its C2 domain through an Ethereum smart contract, querying public blockchain RPC endpoints. Traditional domain takedowns would not work because the attacker could update the smart contract to point to a new domain at any time."This has happened before. In 2017, a buyer using the alias "Daley Tias" purchased the Display Widgets plugin (200,000 installs) for $15,000 and injected payday loan spam. That buyer went on to compromise at least 9 plugins the same way.... The WordPress plugin marketplace has a trust problem... The Flippa listing for Essential Plugin was public. The buyer's background in SEO and gambling marketing was public. And yet the acquisition sailed through without any review from WordPress.org. WordPress.org has no mechanism to flag or review plugin ownership transfers. There is no "change of control" notification to users. No additional code review triggered by a new committer. The Plugins Team responded quickly once the attack was discovered. But 8 months passed between the backdoor being planted and being caught. Thanks to Slashdot reader axettone for sharing the news.
  
  
  Read more of this story at Slashdot.
  

• Fructose Isn't Just Sugar. It Acts More Like a Hormone
  Slashdot reader smazsyr writes: A new review says we've had fructose wrong for decades. The nine authors, led by Richard Johnson at the University of Colorado Anschutz, argue that fructose "is not just another calorie." It is a signal. It tells the liver to make fat and brace for a famine that never comes. That made sense for a bear fattening up on autumn berries. It makes less sense for a person drinking soda in March. The review reframes the WHO's sugar guideline, argues ScienceBlog.com, as "less a recommendation about calories and more a warning about a signalling molecule we have been dosing ourselves with, several times a day, for most of a century."
  
  
  Read more of this story at Slashdot.
  

• 20-Year-Old Enters Prison for Historic Breach, Ransoming of Massive Student Database
  20-year-old Matthew Lane sent a text message to ABC News as his parents drove him to federal prison in Connecticut. "I'm just scared," he said, calling the whole situation "extremely sad."Barely a year earlier, while still a teenager, he helped launch what's been described as the biggest cyberattack in U.S. education history — a data breach that concerned authorities so much, it prompted briefings with senior government officials inside the White House Situation Room. The breach pierced the education technology company PowerSchool — used by 80% of school districts in North America... [and operating in about 90 countries around the world]. With threats to expose social security numbers, dates of birth, family information, grades, and even confidential medical information, the breach cornered PowerSchool into paying millions of dollars in ransom. "I think I need to go to prison for what I did," Lane told ABC News in an exclusive interview, speaking publicly for the first time about the headline-grabbing heist and his life as a cybercriminal. "It was disgusting, it was greedy, it was rooted in my own insecurities, it was wrong in every aspect," he said in the interview, two days before reporting to prison... At about 6:30 on a Tuesday morning last April, FBI agents started banging on the door of Lane's second-floor dorm room. "FBI! We have a search warrant," Lane recalled them shouting. They seized his devices and many of the luxury items he bought with "dirty" money, as he put it. He said he felt a "wave of relief.... I'm honestly thankful for the FBI," he said. "After they left, I was like, 'It's over ... I'm done with this'..." A federal judge in Massachusetts sentenced him to four years in federal prison and ordered him to pay more than $14 million in restitution. "In the wake of the breach, PowerSchool offered two years' worth of credit-monitoring and identity protection services to concerned customer," the article points out. But it also notes two other arrests in September of teenaged cybercriminals: - A 15-year-old boy in Illinois who allegedly attacked Las Vegas casinos, reportedly costing MGM Resorts alone more than $100 million - A British national who when he was 16 helped breach over 110 companies around the world and extort $115 million. But ironically, Lane tells ABC News it all started on Roblox, where he'd met cheaters, password-stealers, and cybercriminals sharing photos of their stacks of money, creating a "sense of camaraderie"Lane and others warn that online forums also attract criminal groups seeking to recruit potential hackers. "The bad guys are on all the platforms watching the kids playing," Hay said. "And when they see an elite-level performer, they go approach that kid, masquerading as another kid, and they go, 'Hey, you want to earn some [money]? ... Here are the tools, here are the techniques'...." According to Lane, he spent his "ill-gotten gains" on designer clothes, diamond jewelry, DoorDash deliveries, Airbnb rentals for him and his friends, and drugs — "lots of drugs." He said he would numb ever-present feelings of guilt with drugs — from high-potency marijuana to acid. But it was hacking that gave him the strongest high. "It's indescribable the adrenaline you get when you do something like that," he said. "It's way more than driving 120 miles per hour. ... Incomparable to any drug at all, as well." "On Monday, Roblox announced that, starting in June, it will offer age-checked accounts for younger users that limit what games they can play, and add 'more closely align content access, communication settings, and parental controls with a user's age.'"
  
  
  Read more of this story at Slashdot.
  

• Open Source Powers the Planet — Get 35% Off Sitewide
  For a limited time, get 35% off sitewide with code EARTH26. Build in-demand skills, earn certifications, and grow your impact with training designed for real-world success. SAVE NOW
  
  The post Open Source Powers the Planet — Get 35% Off Sitewide appeared first on Linux.com.
  

• Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure
  By Juha Holkkola, FusionLayer Group How DHCP Changed Connectivity In the late 1990s, the DHCP (Dynamic Host Configuration Protocol) quietly catalyzed a revolution in digital connectivity. Before DHCP was introduced, connecting devices to a network involved manual entry of IP addresses, DNS servers, subnet masks, and gateways. Networks were fragile, prone to errors, and severely [0]
  
  The post Implementing Secure Zero-Touch Provisioning in AI and Edge Infrastructure appeared first on Linux.com.
  

• From DHCP to SZTP – The Trust Revolution
  By Juha Holkkola, FusionLayer Group The Dawn of Effortless Connectivity In the transformative years of the late 1990s, a quiet revolution took place, fundamentally altering how we connect to networks. The introduction of DHCP answered a crucial question, Where are you on the network?!, by automating IP address assignment. This innovation eradicated the manual configuration [0]
  
  The post From DHCP to SZTP – The Trust Revolution appeared first on Linux.com.
  

• Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship
  Sustaining a Core Part of the Linux Ecosystem The Linux Foundation has announced a second year of sponsorship for the ongoing maintenance of the Linux manual pages (man-pages) project, led by Alejandro (Alex) Colomar. This critical initiative is made possible through the continued support of Google, Hudson River Trading, and Meta, who have renewed their [0]
  
  The post Celebrating the Second Year of Linux Man-Pages Maintenance Sponsorship appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two
  In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.` We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn [0]
  
  The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights  Part Two appeared first on Linux.com.
  

• Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One
  The networking industry is undergoing a fundamental architectural transformation, driven by the relentless demands of cloud-scale data centers and the rise of software-defined infrastructure. At the heart of this evolution is the principle of disaggregation: the systematic unbundling of components that were once tightly integrated within proprietary, monolithic systems.` This movement began with the separation [0]
  
  The post Disaggregated Routing with SONiC and VPP: Architecture and Integration  Part One appeared first on Linux.com.
  

• Kubernetes on Bare Metal for Maximum Performance
  When teams consider deploying Kubernetes, one of the first questions that arises is: where should it run? The default answer is often the public cloud, thanks to its flexibility and ease of use. However, a growing number of organizations are revisiting the advantages of running Kubernetes directly on bare metal servers. For workloads that demand [0]
  
  The post Kubernetes on Bare Metal for Maximum Performance appeared first on Linux.com.
  

• How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM
  This article was contributed by Vedrana Vidulin, Head of Responsible AI Unit at Intellias (LinkedIn). As AI becomes central to smart devices, embedded systems, and edge computing, the ability to run language models locally — without relying on the cloud — is essential. Whether its for reducing latency, improving data privacy, or enabling offline functionality, local AI [0]
  
  The post How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM appeared first on Linux.com.
  

• Automating Compliance Management with UTMStacks Open Source SIEM 8 XDR
  Achieving and maintaining compliance with regulatory frameworks can be challenging for many organizations. Managing security controls manually often leads to excessive use of time and resources, leaving less available for strategic initiatives and business growth. Standards such as CMMC, HIPAA, PCI DSS, SOC2 and GDPR demand ongoing monitoring, detailed documentation, and rigorous evidence collection. Solutions [0]
  
  The post Automating Compliance Management with UTMStacks Open Source SIEM & XDR appeared first on Linux.com.
  

• A Simple Way to Install Talos Linux on Any Machine, with Any Provider
  Talos Linux is a specialized operating system designed for running Kubernetes. First and foremost it handles full lifecycle management for Kubernetes control-plane components. On the other hand, Talos Linux focuses on security, minimizing the user’s ability to influence the system. A distinctive feature of this OS is the near-complete absence of executables, including the absence [0]
  
  The post A Simple Way to Install Talos Linux on Any Machine, with Any Provider appeared first on Linux.com.
  

Engadget"Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics"

• SNK's Neo Geo console remake works with original cartridges and HDMI
  Not everyone had the money for the original Neo Geo Advanced Entertainment System when it released in the '90s, but there's still a chance to experience it as an adult with disposable income. SNK and Plaion Replai, who is also behind the all-black remake of the Commodore 64, announced a faithful remake of the high-end retro console, called the Neo Geo AES+.
  
  To bring the original console into the modern day, the collaborating companies added HDMI compatibility for resolutions up to 1080p and DIP switches on the bottom of the console to allow for language selection, overclocking and switching display modes. Rounding out the upgrades, SNK and Plaion Replai included a permanent way to retain high scores on a memory card and a low-power usage mode. For the purists out there, the Neo Geo AES+ still works on those chunky CRT displays since it has the original AV output.
  
  Preorders are currently open for two versions of the Neo Geo AES+, including an all-white 35th anniversary edition bundle that includes an Arcade Stick, a limited-edition Metal Slug game cartridge and a memory card, for $349.99. The standard edition in classic black will only come with an arcade stick, but will be available for $249.99. Coinciding with the console release, Replai Plaion will release 10 modernized game cartridges, including Metal Slug, The King of Fighters 2002 and other classics, for $89.99 each. If you think those prices are high, don't forget the original Neo Geo AES' release price was $649.99. The Neo Geo AES+ is set to start shipping on November 12.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/snks-neo-geo-console-remake-works-with-original-cartridges-and-hdmi-194509442.html?src=rss

• Judge sides with creators of banned ICE trackers who allege DHS and DOJ violated their First Amendment rights
  A judge has granted the makers of the "ICE Sightings - Chicagoland" Facebook group and the Eyes Up app a preliminary injunction to stop the Trump administration from coercing platforms to take these projects down. Judge Jorge L. Alonso of the United States District Court for the Northern District of Illinois found that the plaintiffs, Kassandra Rosado and Kreisau Group, are likely to succeed in their case, which alleges that the government suppressed protected speech under the First Amendment by strong-arming Facebook and Apple into removing ICE monitoring efforts. 
  
  Both Eyes Up and ICE Sightings - Chicagoland use publicly available information to keep tabs on ICE activity. But after pressure from Trump officials, they were removed from Apple9s App Store and Facebook, respectively. Similar apps including ICEBlock and Red Dot were also taken down from the App Store and Google Play. The lawsuit cites social media posts by former US Attorney General Pam Bondi and former Secretary of Homeland Security Kristi Noem that demanded and took credit for the removal of these apps. In a document filed on Friday, Alonso called these posts "thinly veiled threats."
  
  The Foundation for Individual Rights and Expression (FIRE), which is defending the plaintiffs, wrote in a post on X that it is "extremely encouraged by this ruling." It continued, "Even though it’s not the end of the case, it bodes well for the future of our legal fight to ensure that the First Amendment protects the right to discuss, record, and criticize what law enforcement does in public."
  This article originally appeared on Engadget at https://www.engadget.com/apps/judge-sides-with-creators-of-banned-ice-trackers-who-allege-dhs-and-doj-violated-their-first-amendment-rights-191701801.html?src=rss

• Apple avoids a second import ban for its redesigned smartwatches in latest court ruling
  Apple has secured a major victory for its redesigned smartwatches as per the latest decision from the US International Trade Commission. The federal agency ruled against reinstating an import ban on Apple Watches, allowing the tech giant to continue selling its devices with a reworked blood-oxygen monitoring technology.
  
  The ITC decided to terminate the case and refer to a preliminary ruling from one of its judges in March that claimed that Apple's redesigned smartwatches don't infringe on patents held by Masimo, the medical tech company that has long been embroiled in lawsuits surrounding the Apple Watch. Apple thanked the ITC in a statement, adding that "Masimo has waged a relentless legal campaign against Apple and nearly all of its claims have been rejected." We reached out to Masimo for comment and will update the story when we hear back.
  
  The latest decision could offer some closure to the longstanding legal feud between Masimo and Apple. The patent battle dates back to 2021 with Masimo's first filing against Apple that requested an import ban on Apple Watches. The ITC ended up ruling that Apple violated Masimo's patents, resulting in the previous import ban and the Apple Watch maker redesigning the blood-oxygen reading feature in certain models. However, Masimo wasn't satisfied with this conclusion and sought another import ban on the updated Apple Watch models. Now that the ITC has ruled against that, Masimo is left with the option to appeal the decision with the US Court of Appeals for the Federal Circuit.
  
  While Masimo may currently be on the losing side of this legal battle, it's confronting Apple on multiple fronts. In November, a federal jury sided with Masimo and ruled that Apple has to pay $634 million in a separate patent infringement case.
  This article originally appeared on Engadget at https://www.engadget.com/wearables/apple-avoids-a-second-import-ban-for-its-redesigned-smartwatches-in-latest-court-ruling-175600668.html?src=rss

• DOJ refuses to help French authorities in criminal probe of X
  The US Department of Justice is siding with X, as the social media platform owned by Elon Musk navigates a criminal investigation unfolding in France. As first reported by investigation into X in July, accusing the platform of manipulating its algorithm and "fraudulent data extraction." Months later, French authorities raided X's office in Paris and issued summonses to Musk and Linda Yaccarino, the former CEO of X, to appear for interviews on April 20 as part of the probe. According to WSJ, French officials are also investigating X for other charges, including disseminating CSAM and Holocaust denial. However, France's latest move to ask the Department of Justice for assistance has been stonewalled.
  
  “This investigation seeks to use the criminal legal system in France to regulate a public square for the free expression of ideas and opinions in a manner contrary to the First Amendment of the United States Constitution," the DOJ wrote in letter, as seen by WSJ.
  
  An xAI official told WSJ that it's "grateful to the Justice Department for rejecting this effort by a prosecutor in Paris to compel our CEO and several employees to sit for interviews." The company spokesperson also said there was "no wrongdoing" and that it was a "baseless investigation."
  This article originally appeared on Engadget at https://www.engadget.com/social-media/doj-refuses-to-help-french-authorities-in-criminal-probe-of-x-162654518.html?src=rss

• A comet gets destroyed by the sun, data centers endanger the Potomac River, and more science news
  The Artemis II astronauts are settling back into life on Earth, but we9re not quite tired yet of hearing about their amazing journey. There9s a new PBS documentary now streaming on YouTube that dives into the Artemis program and the latest efforts to send humans to the moon again. Also this week, NASA shared some awesome images of a comet flying into the sun, the nonprofit American Rivers released its annual report on the most endangered rivers in the US and ESA posted a throwback image of Mars to highlight some interesting changes down on the surface. Here are the science stories that caught our attention this week. 
  A comet grazes too close to the sun
  Earlier this month, a recently discovered comet made a close approach to the sun — but it couldn9t handle the heat. NASA has shared incredible images of the encounter that took place on April 4, showing the comet exploding into dust as it swings around our star. As NASA notes in a social media post, this was "its first and last observed flyby of the Sun."
  
  The comet, C/2026 A1 (also known as MAPS) was first spotted on January 13 of this year. As it neared the sun, it was observed by a slew of instruments: NASA and ESA9s SOHO (Solar and Heliospheric Observatory) spacecraft, NASA9s STEREO (Solar Terrestrial Relations Observatory) and NASA9s PUNCH (Polarimeter to Unify the Corona and Heliosphere). This allowed for views of its passage from multiple angles. Seen in a narrow-field coronagraph view captured by SOHO, the comet appears to plunge directly into the sun. But, the wide view from NASA9s STEREO shows it actually swinging closely around the sun before breaking apart. 
  🧵2/4
  
  This close-up coronagraph view from NASA/ESA’s SOHO spacecraft shows comet C/2026 A1 (MAPS) approaching the Sun on April 4.
  
  After the comet passes behind the disk, only a cloud of dust emerges. pic.twitter.com/PbkzqPnZ5F
  — NASA Solar System (@NASASolarSystem) April 16, 2026
  MAPS was one of a family of comets aptly called Kreutz sungrazing comets, and according to Karl Battams, the principal investigator for SOHO’s coronagraph, its destruction occurred likely several hours before what would have been its closest approach. 
  Potomac named most endangered river in the US
  The nonprofit conservation organization American Rivers has released its 2026 report on the most endangered rivers in the country, and data centers play a major role in the status of its top pick. According to American Rivers, the Potomac River is the most endangered in the US due both to the threat of sewage pollution from aging pipe systems and the "unprecedented surge in data center development" in its vicinity. 
  
  The Potomac River basin spans parts of Pennsylvania, Maryland, Virginia, West Virginia and Washington, DC. In January, the catastrophic failure of the Potomac Interceptor wastewater pipe in Montgomery County, Maryland dumped hundreds of millions of gallons of untreated sewage into the Potomac River and the Chesapeake and Ohio (C&O) Canal, causing bacteria levels to hit over 4,000 times the safe recreational limit at sites closest to the incident, according to the report. The Potomac Interceptor is over 60 years old, and is just one of many in the region that is at or past the 50-year service life, American Rivers notes. 
  
  On top of that, data center development in places like Virginia and Maryland has skyrocketed, which could put a strain on local water and energy sources. Data centers also have potential to cause further pollution to the river. 
  
  "The region currently has over 300 data centers and is on track to have a total of about 1,000 centers occupying roughly 200 million square feet of buildings — enough to cover 3,472 football fields — on an estimated 20,000 acres of land," the report explains. "These facilities pose a significant and growing threat to both water quality and water quantity, yet are being approved without meaningful transparency, regulatory review, and assessment of cumulative impacts."
  
  The organization is calling for Congress to reauthorize infrastructure funding bills so aging systems can be upgraded, and for regulators in these states to require transparency about data centers9 resource use, along with comprehensive environmental assessments before development plans are approved. 
  Mars ash: then vs nowESA/DLR/FU Berlin
  The European Space Agency this week shared a look at how a region on Mars has changed since it was observed by NASA’s Viking orbiters way back in 1976. New images captured by ESA9s Mars Express spacecraft show how dark volcanic ash has encroached upon a swath of land in an area known as the Utopia Planitia basin. If you visit the blog post, you9ll find a side by side comparison of images from the two time periods.
  
  It9s a rare example of an observable change on the surface of the red planet that9s occurred over such a short period of time, ESA notes. The agency explains, "The spread of the ash over the last 50 years has two possible explanations: either it has been picked up and moved about by martian winds, or the ochre dust that previously covered the dark ash has been blown away."
  
  Before you go, be sure to check these stories out too:
  The PBS Artemis II documentary is streaming on YouTube
  
  NAACP sues xAI over data center pollution
  
  There9s yet another study about how bad AI is for our brains
  
  
  This article originally appeared on Engadget at https://www.engadget.com/science/a-comet-gets-destroyed-by-the-sun-data-centers-endanger-the-potomac-river-and-more-science-news-160000714.html?src=rss

• Cyberpunk platformers, gallivanting geckos and other new indie games worth checking out
  Welcome to our latest roundup of what's going on in the indie game space. Once again, there are some neat new games for you to check out this weekend. We've got a bunch of updates and announcements for upcoming titles to tell you about too.
  
  There have been a bunch of solid indie showcases lately (and highlights from another one to tell you about below). If you want to learn about a ton of other games ASAP, you might want to set your alarm pretty early on April 25.
  
  Starting at 5AM ET that day, the latest edition of Indie Life Expo takes place on YouTube, Twitch, TikTok, Bilibili and elsewhere. This one will feature more than 200 games! A rapid-fire Indie Waves segment will power through 160 of them. Organizers received 1,100 submissions for this installment, so hats off to them for featuring a sizable percentage of those.
  
  Before that, you can check out another showcase on April 21. Top Hat Studios Presents: Spring Showcase 2026 will start at noon ET on the publisher's YouTube and Twitch channels.
  
  The stream will feature Motorslice, Well Dweller and survival horror game Becrowned, as well premieres and other Top Hat games. I've been looking forward to Motorslice, which has a May release window. I wager we'll get a precise release date for that during this stream.
  
  Meanwhile, there's an interesting Steam event taking place soon. InterfaceX26 will run from April 27 until May 4. This one is focused on games that deal with made-up operating systems and other custom interfaces. Organizers have brought together more than 150 developers and publishers, who are asking Valve to introduce an official "Fake OS" tag for games on Steam. 
  
  Some neat games will be included in a sale and a showcase on May 2, including very long time for Replaced. This cyberpunk adventure from Sad Cat Studios and publisher Thunderful finally landed this week on Steam, GOG, Xbox on PC and Xbox Series X/S. It's on Game Pass Ultimate and PC Game Pass. Otherwise, the base game costs $20. A supporter edition that includes the soundtrack is $25. It'll hit the Epic Games Store at a later date.
  
  The game was initially supposed to arrive in 2022. It certainly didn't help that Sad Cat Studios was forced to relocate from Belarus to Cyprus after Russia's invasion of Ukraine. But the game is finally here and it debuted to generally positive reviews.
  
  Replaced is a 2.5D action platformer set in an alternate version of 1980s America, in which you play as an AI trapped in a human body that may or may not dream of electric sheep. I haven't yet had a chance to properly jump into this gorgeous-looking game, but I'm hoping to do so this weekend.
  
  Speaking of games I've long had on my wishlist, Gecko Gods arrived this week. I think I first clapped eyes on this around 2022. Various trailers charmed me with the idea of a puzzle exploration platformer that casts you in the role of a gecko that's able to run along walls and ceilings. 
  
  I've played around 90 minutes of this one so far. I dig the look and the gecko is very cute (being able to customize its appearance is a nice touch). I love that you "collect" different types of bugs by eating them. It's a fairly relaxing game, which is broadly what I need at the minute.
  
  I think there are some issues here, though. I've explored two of the main five islands in the open world and it feels a bit sparse so far. The joy of being able to clamber up and around any object complicates things when it comes to more precise platforming sections. While the sailing sections are pretty, the boat is clunky to control on the choppy water. I ran into some mild technical issues as well on PS5 with occasional framerate dips and objects popping in. Hopefully, that's something the developers at Inresin are able to address.
  
  Gecko Gods — from publishers Super Rare Originals and Gamersky Games — is available now on Steam, PS5 and Nintendo Switch. It's normally $20, but there's a 10 percent launch discount until April 30 (on PS5, this only applies to PlayStation Plus members)
  
  Another highly anticipated game landed this week in the form of Mouse: PI for Hire. We've had our eyes on this first-person shooter/detective game with sumptuous rubberhose-style animation for quite some time. Reviews have been generally positive so far, and it seems that there's enough substance here to live up to those stellar visuals. 
  
  Mouse: PI for Hire — from Fumi Games and publisher PlaySide — is out now for $30. It's available on PC, Nintendo Switch 2, PS5 and Xbox Series X/S.
  
  lukewarm reviews of the game, and the consensus seems to be that the cooking mechanics and combat perhaps needed some more time to simmer. 
  
  If you'd like to try Dosa Divas yourself, you can pick it up on Steam, Xbox Series X/S, PS5, Nintendo Switch and Switch 2. It'll usually run you $20, but there's a 10 percent launch discount until April 28.
  
  If you're looking for a puzzle game that can be relaxing or rather dark, depending on your mood, it might be worth checking out A Storied Life: Tabitha. As you pack up the home of a late loved one, you'll need to decide which items to keep in the limited storage space you have and discard the rest. You'll need to wrap fragile items in bubble wrap and vacuum pack soft items to save room in the boxes.
  
  As you save items, you'll unlock words that you can use to fill in the blanks of your loved one's life and tell their story, Mad Libs-style. Given that you'll find items like a blackmail letter and a shirt with lipstick on the collar, it seems like there's a lot of variety to the kinds of stories you can tell.
  
  A Storied Life: Tabitha is available on Steam now. It'll normally run you $15, but you can save 10 percent if you buy it before April 28.
  
  To round out this section, I’ll quickly note that PS5 and Xbox Series X/S for  $30, with a 20 percent launch discount. It's on Game Pass Ultimate, Game Pass Premium and PC Game Pass too.
  
  I bought Hades 2 when Supergiant Games brought it to Steam early access two years ago, telling myself I'd wait until the full game was out. But I still haven't gotten around to it yet. There are always too many games tugging at my fragile attention span and Hades 2 faded into the background for me. I really ought to play it, I know!
  Upcoming 
  I'm keeping an eye out for Agefield High: Rock the School from Refugium Games. This spiritual successor to Rockstar's Bully is set to arrive this summer on Steam. It emerged this week that it will hit PS5 and Xbox Series X/S later in the year.
  
  It's a coming-of-age adventure in which you play as Sam, a young lad who has moved to a new school in the early 2000s. He wants to make his last few months of high school a time to remember.
  
  There's a branching narrative with multiple endings here — you can opt to go to classes and be a good student, or skip school and cause trouble. As a mostly rule-abiding student way back when, I'd be tempted to go for the latter. This seems like a bit of a life sim with a broad array of activities and ways to get into bother. I’m looking forward to it.
  
  The latest edition of the Galaxies Showcase — yet another indie spotlight event — took place this week and The Backworld caught my attention. This is a Steam.
  
  A Study in Blue, from Relate Games, was another highlight of the Galaxies Showcase, thanks in large part to that impressive animation. This is a point-and-click adventure in which you play as two characters with complex pasts: private detective Kenneth and runaway Blue. 
  
  You'll explore a semi-open world and solve crimes by collecting clues and calling out characters' lies. There are three intertwined story acts and multiple endings. A Steam demo featuring a side quest from the main game that'll take around two hours to complete is available now.
  
  I'm always going to be interested in any game that riffs on The Legend of Zelda: A Link to the Past. On the face of this trailer, Elementallis developer AnKae Games seems to borrow quite a bit of the design language and other ideas from the SNES classic. Still, if you're going to crib from anything, it may as well be the best game of all time.
  
  This 2D action RPG, which is also published by Top Hat and has a heavier focus on elemental powers than A Link to the Past, looks very much like my kind of jam. It's coming to Steam, GOG, Switch, PS4, PS5, Xbox Series X/S and Xbox One on April 28. Per the eShop listing, it'll cost $18.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/cyberpunk-platformers-gallivanting-geckos-and-other-new-indie-games-worth-checking-out-110000924.html?src=rss

• 15 years after 'Video Games,' Lana Del Rey has an actual video game song
  
  The James Bond franchise has a long history of getting pop stars to record its theme songs (perhaps most memorably with IO Interactive has announced that Lana Del Rey co-wrote and performed the theme for the moody and abstract opening credits released alongside the song, could vaguely gesture at the themes of the game. IO Interactive has previously said that its game focuses on a young, inexperienced and more reckless Bond, before he developed his trademark cool. The developer is also integrating the stealth mechanics it perfected in Hitman into the upcoming game.
  
  Del Rey9s personal gaming experience may begin and end with her hit "Video Games," which was apparently written about a former boyfriend9s love of World of Warcraft, but the artist does know how to write a song with Bond in mind. Lana Del Rey shared in 2024 that her song "24" from the album Honeymoon was originally written for 20179s Spectre, one of several songs that were cast aside in favor of Sam Smith9s "Writing9s on the Wall."
  
  007 First Light is coming to Xbox Series X/S, PlayStation 5 and PC on May 27, 2026. A Nintendo Switch 2 version of the game is now coming out this summer.
  This article originally appeared on Engadget at https://www.engadget.com/gaming/15-years-after-video-games-lana-del-rey-has-an-actual-video-game-song-221925735.html?src=rss

• The PBS Artemis II documentary is streaming on YouTube
  
  The crew of NASA9s Artemis II mission have safely returned to Earth, but if your Moon fever has yet to break, or you9re curious to get a big picture view of how the second of a planned five Moon missions was pulled off, PBS has a new documentary you9ll want to watch. The hour-long on YouTube right now.
  
  Return to the Moon covers the history of NASA9s Artemis program, and specifically the planning and preparation that went into Artemis II. Per the documentary9s official description:
  
  Follow the four members of the Artemis II crew as they embark on a perilous 10-day journey to orbit the Moon, venturing beyond Earth orbit for the first time since Apollo and farther into the Solar System than any humans have gone before. And get an inside look at the preparations needed to overcome the extreme engineering challenges of human-crewed spaceflight, all the way from launch to splashdown.
  
  The last Apollo mission was in 1972, so Artemis II getting a group of four astronauts anywhere near the Moon has naturally generated a lot of excitement. The crew flew further away from Earth than anyone has gone so far, captured some stunning photos of both the Moon and our home planet and managed to make everyone feel better about their dislike of Microsoft Outlook. Few Moon missions have been as well-documented or relatable.
  This article originally appeared on Engadget at https://www.engadget.com/science/the-pbs-artemis-ii-documentary-is-streaming-on-youtube-210347406.html?src=rss

• A lot of you panic-bought PCs to avoid RAMaggedon 2026
  The specter of price hikes caused by the current AI-driven demand for memory and storage appears to have convinced a fair share of people to buy a new computer. According to data analyzed by Counterpoint Research, global PC shipments grew around 3.2 percent year-over-year in Q1 2026, "driven by pre-emptive buying before memory-led price increases hit the retail level" and Microsoft forcing some customers to upgrade by ending support for Windows 10 last year.
  
  Sales hit 63.3 million units during the first quarter, Counterpoint says, and were particularly concentrated in five high-end PC makers: Lenovo, ASUS, Apple, HP and Dell. Of the five, Lenovo commands the most PC market share at 26 percent, but sales increased for almost all of the companies, save for HP, whose year-over-year sales technically declined by 5 percent. Of particular note, Apple9s PC sales grew by 11 percent, likely on the strength of the M5 updates it made to the MacBook Pro and MacBook Air, and the introduction of the affordable $600 MacBook Neo. Counterpoint suggests the updates could drive even further sales growth next quarter. 
  
  Even with positive sales, the PC industry as a whole is by no means out of the woods. "The aggressive expansion in AI infrastructure investment is driving up overall component costs, which will likely impact the pricing of CPUs and other key components in [PCs]," Counterpoint Senior Analyst Minsoo Kang says. "Ultimately, the sustained upward pressure on costs and the resulting hike in retail prices are expected to have a significant negative impact on the PC market’s growth in 2026."
  
  A general sense that the worst is yet to come is consistent with what other analysts have warned about the current shortages of RAM and storage. In December 2025, IDC predicted that PC shipments could drop as much as 8.9 percent in 2026 in response to the price of RAM, and later revised its prediction to 11.6 percent this past March. Even if consumers aren9t feeling the worst of these price hikes just yet, new announcements of price increases seem to arrive like clockwork every few weeks — for example, this week, Meta raised the price of its Quest headsets — which means if they aren9t feeling them now, they will soon.
  This article originally appeared on Engadget at https://www.engadget.com/computing/a-lot-of-you-panic-bought-pcs-to-avoid-ramaggedon-2026-200237204.html?src=rss

• Sam Altman's 'human verification' company thinks its eye-scanning orbs could solve ticket scalping
  Sam Altman9s cryptocurrency turned identity verification startup Tools for Humanity is offering a new set of perks to people who scan their eyes at one of the company9s orbs. Among them, is a new tool called Concert Kit that could help bands and artists fight back against ticket scalping bots. 
  
  The new feature relies on the revamped World ID, the orb-based verification system that scans users eyeballs and faces to create a "proof of human" signature that lives on users9 mobile devices. "It9s basically like a little human passport for the internet that lets you prove on apps and websites that you are a real and unique human without revealing anything about yourself," Tools for Humanity Chief Product Officer Tiago Sada tells Engadget. 
  
  Now, as more apps and services are starting to support World ID, that "human passport" can unlock some new abilities. Coupled with Concert Kit, it allows artists to designate a specific pool of tickets for "verified" humans only. The concept is a bit like how pre-sales currently work, with artists (or their teams) setting aside a specific number of tickets for people who have set up a World ID. Those folks can then use their World ID to get ticket codes for Ticketmaster, Eventbrite, AXS or other major ticketing platforms. 
  
  Because World ID is limited to actual, "verified," humans the system won9t be susceptible to the same tactics that have enabled bots to ruin the ticket-buying process for so many, Tools for Humanity says. Artists are also in control of what level of verification they want to require from their fans. (The new World ID app will also allow people to set up an account with a selfie check if they don9t have ready access to an orb.) 
  
  Just how much of a dent Concert Kit will be able to make in the massive scalping bot problem that plagues the concert industry is less clear. So far, Bruno Mars is slated to use the solution on his upcoming world tour — no word on just how many of his tickets will be reserved for World ID-verified humans, though — and Concert Kit is available to other artists starting today.
  
  Concert Kit is one of several new integrations and updates to World ID that Tools for Humanity announced at an event in San Francisco Friday. Tinder, which earlier this year started testing World ID as an age verification solution in Japan, will be rolling out support worldwide. In the US, Tinder9s integration won9t be for age verification, though. Instead, it will indicate whether there is an actual "verified" human behind a given profile.
  Tinder profiles that verify with World ID will get a badge as an extra signal of authenticity.Tools for Humanity
  On the enterprise side, Zoom and DocuSign are also adding support for World ID to help businesses verify that there is an actual person (and not a deepfake or bot) joining their video calls or signing important documents. Tools for Humanity is also introducing a standalone app for World ID that separates its identity verification tools from its existing crypto wallet app.
  
  The updates are Tools for Humanity9s latest attempt to make their orb-based verification system, which has been widely mocked, more mainstream and perhaps a little less dystopian. (Elsewhere, orbs have begun appearing in some new places like a San Francisco Gap.) 
  
  On their part, Tools for Humanity seems aware that a lot of people aren9t ready to scan their faces at a bunch of orbs controlled by Altman just to "prove" they are humans. I asked Sada, Tools for Humanity9s Chief Product Officer, what he would say to people who think that the company is solving for the wrong problem: that really it should be up to ticketing platforms and dating apps and other services to strengthen their security and bot-fighting tools, rather than rely on their users to "prove" their humanness. 
  
  He said it was a "completely understandable question" and compared it to some people9s initial discomfort with things like Apple9s TouchID or FaceID. "Not everyone has to do it upfront, and that9s important," he said. "It9s optional. If you want to have a World ID, you get access to that enhanced experience."
  This article originally appeared on Engadget at https://www.engadget.com/ai/sam-altmans-human-verification-company-thinks-its-eye-scanning-orbs-could-solve-ticket-scalping-171500555.html?src=rss

• EU OS: A Bold Step Toward Digital Sovereignty for Europe
  Image
  A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
  What Is EU OS?
  EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
  
  Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
  The Vision Behind EU OS
  The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
  
  Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
  
  However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
  Conclusion
  EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
  
  Source: It's FOSS
  European Union

• Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
  
  Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
  
  In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
  
  On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
  
  Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
  
  The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
  
  Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
  
  You can download the latest kernel here.
  Linus Torvalds kernel

• AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
  Image
  AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
  
  This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
  
  Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
  
  Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
  
  Source: 9to5Linux
  AerynOS

• Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
  Image
  Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
  
  Here’s a quick overview of what’s new in Xojo 2025r1:
  1. Linux ARM IDE Support
  Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
  2. Web Drag and Drop
  One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
  3. Direct App Store Publishing
  Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
  4. New Desktop and Mobile Features
  This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
  5. Performance and IDE Enhancements
  Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
  What Does This Mean for Developers?
  Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
  How to Get Started
  Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
  
  Download Xojo 2025r1 today at xojo.com.
  Final Thoughts
  With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
  Xojo ARM

• New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
  
  Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
  
  Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
  
  Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest. 
  
  Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
  
  Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
  
  Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
  
  By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
  Windows

• Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
  
  The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally. 
  
  As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
  
  In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions. 
  
  After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
  
  The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
  
  At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
  
  The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
  Security

• Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
  
  The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
  
  A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
  
  This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem. 
  
  The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
  
  On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
  
  In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
  kernel

• Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
  
  Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
  
  The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
  
  Here is what Linus Torvalds had to say in today's announcement:
  Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds

• Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
  
  Want to interact with ChatGPT from your Linux desktop without using a web browser?
  
  Bavarder, a new app, allows you to do just that.
  
  Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
  
  With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
  
  During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
  
  At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
  
  As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
  
  Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
  ChatGPT AI

• LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
  
  Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
  
  Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
  
  LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
  
  You can download LibreOffice 7.5.3 directly from the LibreOffice website��or from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
  
  All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
  
  In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
  
  Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
  
  The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
  LibreOffice