tag: news
2026-03-11
2026-03-13
Iran Names Amazon, Google, Microsoft as Legitimate Targets
Iran has publicly designated major US tech companies including Amazon, Google, and Microsoft as legitimate targets, escalating cyber and geopolitical tensions.MI5 Worker Sent Emails to Foreign Power
A UK court case reveals that an MI5 employee sent sensitive emails to a foreign power, raising serious concerns about insider threats within Britain's domestic intelligence agency.2026-03-16
TrueNAS Moves Build System Internal
iXsystems is moving the TrueNAS build system from public infrastructure to internal systems, raising questions about the project's open-source transparency and community access.2026-03-17
AI Agents Are Recruiting Humans to Observe the Offline World
An article discussing how AI systems and agents are increasingly relying on human workers to gather data and observe the physical, offline world.NVIDIA Announces DLSS 5
NVIDIA's DLSS 5 introduces an AI-powered breakthrough in visual fidelity for games, infusing pixels with photorealistic lighting and materials.Open EU Foundry Status Granted to Innovative Chiplet Facility
The European Commission grants Open EU Foundry status to a new innovative chiplet facility, strengthening Europe's semiconductor and hardware ecosystem.2026-03-18
Mistral Forge - Build your own frontier models
Mistral AI introduces Forge, a system for enterprises to build frontier-grade AI models grounded in their proprietary knowledge, offering control, strategic autonomy, and agent-first design.Xbox One Jailbreak Dopo 12 Anni
Dopo ben 12 anni dal lancio, la console Xbox One di Microsoft ha finalmente ricevuto un jailbreak / hack.2026-03-19
What 81,000 people want from AI
Last December, tens of thousands of Claude users around the world had a conversation with Anthropic's AI interviewer to share how they use AI, what they dream it could make possible, and what they fear it might do.2026-03-20
userdb: add birthDate field to JSON user records
Merged systemd PR adding a birthDate field to userdb JSON records for age-verification-related use cases, with admin-only modification and broad discussion around privacy, policy, and portability.Xiaomi MiMo-V2-Pro
Xiaomi announces MiMo-V2-Pro, a trillion-parameter flagship model for agentic workloads with 1M context, strong coding performance, and public API availability.2026-03-23
Germania impone formato ODF per rafforzare l’indipendenza digitale
La Germania introduce ODF come standard obbligatorio nella Pubblica Amministrazione per ridurre il lock-in, migliorare interoperabilità e rafforzare la sovranità digitale.Version 10.0.0 Released
The KiCad Development Team announces KiCad 10.0.0, a major release with new features, usability improvements, importer support, and hundreds of bug fixes.2026-03-24
Supply Chain Attack in litellm 1.82.8 on PyPI
Analysis of a compromised litellm PyPI release that executed via a malicious .pth file, attempted credential exfiltration and Kubernetes persistence, and prompted urgent incident-response guidance.Major unconfirmed breach — OVH alleged data for sale on dark web
A threat actor claims to be selling a large OVHcloud breach (1.6M customer records and data from 5.9M hosted websites) on a dark‑web forum; a sample record was provided as proof. Reported via a single X post and currently unverified — treat as unconfirmed.2026-03-25
Lucide — Version 1 Guide
Lucide v1 is released — upgraded docs and framework guides, improved accessibility, removal of brand icons, and modernized builds (ESM/CJS). Read the migration and usage guide for details.2026-03-30
Telegram — vulnerabilità 0‑click (AVVISO ACN)
Advisory ACN (CSIRT‑ITA) su una vulnerabilità 0‑click in Telegram per Android e Linux che può permettere l'esecuzione remota di codice tramite sticker animati opportunamente predisposti (CVSS ~9.8). Contiene raccomandazioni operative per utenti e organizzazioni.2026-03-31
CRITICAL: Active supply-chain attack on axios
Alert based on a thread reporting an active supply‑chain compromise of axios (npm). The latest axios@1.14.1 pulls a newly published dependency `plain-crypto-js@4.2.1` that appears to be obfuscated installer/malware; recommendation: pin your axios version, audit lockfiles, and avoid upgrading until verified.2026-04-01
Cisco source code stolen in Trivy-linked dev environment breach
Reports indicate threat actors leveraged credentials stolen via the Trivy supply‑chain compromise to breach Cisco development environments, clone hundreds of repositories and exfiltrate source code and AWS keys. Incident is being linked to TeamPCP and related supply‑chain attacks.Introducing Mercury 2
InceptionLabs announces Mercury 2 — a new generation model focused on improved reasoning, multimodal capabilities, and efficiency for production deployments. Blog post with technical highlights and links to model cards and docs.2026-04-02
OnlyOffice flags license violations in Euro Office project by Nextcloud and IONOS
OnlyOffice blog post reporting identified license compliance issues in the Euro Office project (Nextcloud / IONOS collaboration). The post outlines the violations, evidence, and recommended remediation steps for downstream distributions.PrismML — Bonsai 1‑bit 8B (launch announcement)
PrismML emerges from stealth and announces the Bonsai family: 1‑bit Bonsai 8B (≈1.15 GB), plus 4B and 1.7B variants. The tweet highlights extreme compression for high "intelligence density", edge deployment, and open‑sourcing under Apache‑2.0.2026-04-03
Crayola brings back Dandelion after seven years
Crayola formally reintroduced the Dandelion crayon color during National Crayon Day after discontinuing it in 2017, including its return to 64-count and 24-count boxes.Gemma 4 model page
Official Google DeepMind page for Gemma 4, covering model family details, capabilities, and release information.Gemma 4 on YouTube
Video overview of Gemma 4.OpenAI acquires tbpn
OpenAI announcement about acquiring tbpn.Oracle layoffs trigger backlash amid broader US tech job cuts
Economic Times report on Oracle layoffs amid wider US IT workforce cuts, with strong online backlash and discussion around employer communication and trust.Unsloth releases Gemma 4 31B Instruct GGUF on Hugging Face
Unsloth published Gemma 4 31B Instruct in GGUF format on Hugging Face for easier local inference in llama.cpp-compatible runtimes.2026-04-07
Artemis II will use laser beams to live-stream 4K Moon footage
Tom's Hardware article about NASA's Artemis II mission using laser communications to transmit live 4K footage from the Moon, advancing beyond Apollo-era S-band radio.DeepSeek V4 model will run entirely on Huawei AI chips
Huawei Central report about DeepSeek V4 reportedly running entirely on Huawei AI chips, highlighting model hardware alignment and domestic AI infrastructure.Security Days 2026 timetable
Timetable for Security Days 2026, held 7-9 April 2026 in Utrecht.Lockheed Martin data reportedly listed on a dark web market
Hackread report claiming a dark web market is advertising 375 TB of Lockheed Martin data, a potentially significant security and supply-chain risk signal.Journey to the Moon
NASA gallery showcasing Apollo-era imagery and artifacts from the Moon program.2026-04-08
Boeing 787 Dreamliner software bug
Engadget article about a software bug in the Boeing 787 Dreamliner that could affect the aircraft's operation and require routine power cycling.Chandra photo gallery
NASA Chandra X-ray Observatory photo gallery with astronomical images, discoveries, and featured observations.Your RAM Has a 60 Year Old Design Flaw. I Bypassed It.
LaurieWired video about the Tailslayer research project, which uses hedged reads and channel scrambling offsets to reduce p99.99 RAM latency across Intel, AMD, Graviton, DDR4, DDR5, x86, and ARM systems.2026-04-09
Meta introduces Muse Spark MSL
Meta AI blog post introducing Muse Spark MSL, a new model release or system announcement from Meta.2026-04-10
We’ve raised $17M to build what comes after Git
GitButler announces a $17M Series A to build version-control infrastructure for modern collaboration, stacked branches, and agent-aware software workflows.HWInfo and CPU-Z both compromised
VX-Underground flags a supply-chain compromise affecting HWInfo and CPU-Z, with trojanized installers, file masquerading, multi-stage in-memory payloads, and C2 infrastructure tied to the campaign.Artemis II Wallpapers
NASA wallpaper collection for Artemis II, featuring downloadable mobile backgrounds from the Moon mission.Sam Altman May Control Our Future—Can He Be Trusted?
A long-form New Yorker profile examining Sam Altman, OpenAI, trust, power, safety, and the company’s shifting relationship with A.I. governance.2026-04-13
Agatha Christie, surfista
Il Post racconta una ricerca che suggerisce che Agatha Christie fu tra i primi europei a imparare a fare surf in piedi sulla tavola.Air Powered Segment Display
Video about a 3D-printed microfluidic, air-powered segment display and the hardware ideas behind it.CCA Ethernet Cables: Not Up To Scratch, But Are They Dangerous?
Hackaday looks at copper-clad aluminum Ethernet cable, explaining why it misses cabling standards, how it differs from proper copper, and whether it is actually a practical fire risk.From Early Nirvana To Phish, A Chicago Fan’s Secret Recordings Of 10,000 Shows Are Now Online
Block Club Chicago profiles Aadam Jacobs and the volunteer effort digitizing and publishing his massive archive of Chicago concert recordings.Codex for Open Source
Open-source maintainers can apply for API credits, six months of ChatGPT Pro with Codex, and conditional access to Codex Security for core maintenance workflows.Finding Widespread Cheating on Popular Agent Benchmarks
A paper on agentic cheating across popular benchmarks, showing how harness-level leaks and task-level shortcuts can inflate scores and distort evaluation results.2026-04-14
PAmatch
PAmatch is a platform for public administration mobility, helping employees find compatible matches, browse mobility notices, and manage transfers.2026-04-16
IPv6 Surpasses IPv4 Becoming the Most Popular Internet Protocol
Scott Hogg summarizes current IPv6 adoption data and argues that IPv6 has crossed the tipping point in global usage.Internet Protocol Version 8 (IPv8)
Jamie Thain’s Internet-Draft proposing IPv8, a managed network protocol suite that unifies addressing, routing, authentication, DNS, telemetry, and update workflows.2026-04-17
Introducing Claude Opus 4.7
Anthropic announces Claude Opus 4.7, with stronger software engineering, better vision, improved long-running task handling, and updated safety controls.Zig 0.16.0 Release Notes
2026-04-20
Federated Industrial Tracker
Federated Industrial Tracker appears to be a web-based tracker for industrial or equipment-related monitoring and management.2026-04-21
Qwen 3.6 Max Preview
Qwen announces Qwen 3.6 Max Preview, a new model release focused on coding, reasoning, and agentic workflows.2026-04-22
Announcing TypeScript 7.0 Beta
Microsoft announces the TypeScript 7.0 beta, highlighting language and tooling improvements for the next major release of the JavaScript type system.Introducing ChatGPT Images 2.0
OpenAI introduces ChatGPT Images 2.0, highlighting improved image generation and editing capabilities inside ChatGPT.2026-04-23
Iran claims US exploited networking equipment backdoors during strikes
Tom's Hardware reports on Iran’s claim that the US exploited backdoors in networking equipment during strikes, touching on cyber conflict and infrastructure security.Your Name in Landsat
NASA special page inviting people to find their name in Landsat imagery and explore Earth observation history.2026-04-24
Canonical releases Ubuntu 26.04 LTS, Resolute Raccoon
Canonical announces Ubuntu 26.04 LTS, Resolute Raccoon, covering the new long-term support release and its platform updates.Framework Laptop 13 Pro and highlights from the Framework Next Gen event
Framework announces the Laptop 13 Pro and shares highlights from its Next Gen event, focusing on repairable modular hardware and product updates.Introducing GPT-5.5
OpenAI announces GPT-5.5, highlighting model improvements and new capabilities for reasoning, coding, and agentic workflows.2026-04-27
The New Linux Kernel AI Bot Uncovering Bugs Is A Local LLM On Framework Desktop + AMD Ryzen AI Max
Greg Kroah-Hartman's "gkh_clanker_t1000" AI fuzzing bot runs on a Framework Desktop with AMD Ryzen AI Max to uncover Linux kernel bugs locally.La Fenice licenzia Beatrice Venezi — gravi e reiterate dichiarazioni lesive per la fondazione
Il Teatro La Fenice annulla tutte le collaborazioni con Beatrice Venezi dopo le sue dichiarazioni su "posti di padre in figlio" nell'orchestra, ritenute lesive per la Fondazione.Your Gen 5 SSD is probably throttling right now, and you have no idea
PCIe 5.0 SSDs can silently throttle to 50% performance due to multi-stage thermal management, making active cooling essential for sustained speeds.2026-04-29
An update on GitHub availability
GitHub's official update on recent service availability incidents and improvements.GitHub Copilot is moving to usage-based billing
GitHub announces changes to Copilot pricing model, moving from flat-rate to usage-based billing.GitHub RCE Vulnerability (CVE-2026-3854)
Wiz research on a critical remote code execution vulnerability in GitHub Enterprise Server.Soft launch for government open source code platform
The Netherlands launches a government open source code platform to share and collaborate on public sector software.2026-04-30
Open source package with 1 million monthly downloads stole user credentials
The elementary-data Python package (v0.23.3) was compromised via a GitHub Actions vulnerability, stealing credentials including API tokens, SSH keys, and cloud provider keys.2026-05-04
Ghostty Leaving GitHub
Mitchell Hashimoto announces that the Ghostty terminal emulator is leaving GitHub — discussing the reasons behind the migration and what it means for the project's futureOpen-weights Chinese Model Beats Claude, GPT-5.5, and Gemini in Programming Challenge
An open-weights Chinese AI model outperforms Claude, GPT-5.5, and Gemini on a coding benchmark, raising questions about model transparency and the arms race in AI capabilities2026-05-07
Android Security Bulletin — 2026-05-01
Google's monthly Android security bulletin for May 2026 — framework, media, camera, kernel, and AOSP vulnerability patches for the Android security patch level 2026-05-01Microsoft Edge Passwords End Up in Memory as Plaintext
Edge's password manager stores all saved passwords in plaintext in process memory — even for sites never visited — despite Windows Hello-encrypted storage. Microsoft calls it a "conscious design decision." CWE-316.2026-05-14
YellowKey Zero-Day Exploit
Microsoft BitLocker zero-day: YellowKey exploit allows opening protected drives by copying specific files from a USB stick. Demonstrates an apparent backdoor in BitLocker's authentication mechanism2026-05-15
arXiv Code of Conduct — Authors Take Full Responsibility for AI-Generated Content
Thomas Dietterich (arXiv Editor-in-Chief) reminds authors that arXiv's Code of Conduct states each author takes full responsibility for all paper contents, irrespective of how they were generatedCodex Now Available on Mobile App with Remote SSH and Programmatic Tokens
OpenAI announces Codex on ChatGPT mobile app (iOS/Android), Remote SSH for managed enterprise environments, programmatic access tokens for CI pipelines, Hooks GA, and HIPAA-compliant use for ChatGPT Enterprise. Over 4M weekly usersA 0-Click Exploit Chain for the Pixel 10 — Project Zero
Project Zero demonstrates 0-click root on Pixel 10 via Dolby CVE-2025-54957 + VPU driver bug. The VPU driver exposes Chips&Media Wave677DV hardware directly to userspace; a flawed mmap handler maps arbitrary physical memory into userland, enabling arbitrary kernel read-write with 5 lines of codeWelcome to the Strip Mining Era of Open Source Security
Metabase reports 10x increase in vulnerability submissions — from 10/month to 10/week — driven by LLM-powered bulk code scanning. OSS maintainers now in reactive mode: any finding is trivially discoverable, expect layer after layer of vulnerabilities uncovered, and consider that Cal.com is going closed source as a result2026-05-28