The engineering internet, daily.
A short scroll of what's worth your attention across blogs, github, AI labs, and the wider tech world. New batch every morning.
subscribe via rssrunc 1.4.3 and 1.3.6 patch cve-2026-41579 host filesystem write
the container runtime fixes cve-2026-41579, where a malicious image with a /dev symlink could gain limited write access to the host filesystem, similar to earlier rootfs escapes. it also reuses one tmpfs when masking directories to cut per-container cleanup cost.
rollup 4.62.0 splits manual-chunk shared deps into separate chunks
the bundler now extracts static dependencies shared between manual chunks and entry points into their own chunk instead of duplicating them, so manual chunking no longer bloats output with repeated code.
vllm 0.23.0 ships deepseek-v4 hardening and gemma 4 support
the inference engine lands 408 commits: another deepseek-v4 optimization pass, encoder-free gemma 4 with mtp, model runner v2 now default for llama and mistral dense models, and a move to transformers v5 that deprecates v4 support.
kubernetes patches dra scheduler double-allocation bug across four branches
v1.36.2, v1.35.6, v1.34.9, and v1.33.13 ship together, fixing a dynamic resource allocation scheduler bug that could assign the same device partition to multiple pods and cause crashes or data loss. the builds also move to go 1.26.4.
claude code v2.1.175 adds enforceavailablemodels managed setting
the cli adds an enforceavailablemodels managed setting so the availablemodels allowlist also constrains the default model. a default that would resolve to a disallowed model now falls back to the first allowed one, and user or project settings can't widen a managed list.
deno 2.8.3 adds compile watch mode and ml-dsa webcrypto support
the runtime's patch adds watch mode to deno compile, ml-dsa jwk import and export in webcrypto, --env-file support in dependency and registry subcommands, a priority option on fetch requestinit, and node:http2 auto-instrumented with opentelemetry.
rolldown 1.1.0 enables lazy barrel optimization by default
the rust bundler flips experimental.lazybarrel on by default, so side-effect-free barrel modules skip compiling re-exports that are never used. component libraries like ant design and mui icons build faster. it's a behavior change from 1.0.3.
huggingface_hub 1.19.0 adds keyless oidc auth for ci
the hub client adds trusted publishers, so ci workflows authenticate via oidc token exchange instead of a stored hf_token secret. github actions works out of the box with short-lived, repo-scoped tokens. it also adds hf:// uris and expose-ports for jobs.
accelerate 1.14.0 adds amd rocm support and fsdp2 fixes
hugging face accelerate ships amd rocm support plus a batch of fsdp2 hardening: correct dtype handling on load, sharding of embeddings and norms, qlora crash prevention, and a more robust auto-wrap policy.
ash 3.28.0 adds byte_size validation and pre-codegen type checks
the elixir framework adds a byte_size validation and now verifies types before generated code runs, catching unspecified or unusable types early. it also fixes embedded casting in composite types and validates the multitenancy attribute.
ruby standard 1.55.0 bumps bundled rubocop to 1.87.0
the ruby standard linter and formatter releases 1.55.0, updating its bundled rubocop to 1.87.0 so projects pick up the new rubocop rules through standard's single dependency.
pnpm 11.5.3 hardens against env var expansion in untrusted registry config
the package manager stops expanding environment variables in registry, proxy, and credential values pulled from repo-controlled .npmrc and workspace registry urls. dynamic registry urls and tokens now have to come from trusted user, global, cli, or env config.
envoy 1.35.12 adds opt-in http/2 header histograms
the proxy's patch release adds opt-in histograms for http/2 header stats, covering header-entry count, header-map byte size, and reassembled cookie length, plus a runtime flag to cap reassembled cookie size. it also fixes rtds runtime-guard override removal.
transformers 5.11.0 adds diffusiongemma for faster text generation
hugging face transformers v5.11.0 adds diffusiongemma, an encoder-decoder model that denoises a full block of tokens with a diffusion sampler instead of emitting one token at a time, aiming for faster inference than standard causal decoding.
langchain 1.3.6 patches summarization trigger compatibility
the langchain core package ships a 1.3.6 patch that preserves summarization trigger compatibility, restoring prior behavior for callers that depend on the existing summarization-trigger path after recent changes.
github ships security validation for third-party coding agents
code written by third-party agents like claude and openai codex in a repo now gets the same automatic codeql, dependency-review, and secret-scanning checks as copilot's cloud agent, and the agent tries to fix flagged issues before finalizing the pull request.
github adds scheduled code scanning for inactive repositories
code scanning can now run scheduled security scans on repos with no pushes or pull requests for six months or more, re-scanning inactive repositories every 30 days so dormant codebases keep getting coverage instead of going dark.
oxc 0.135.0 integrates a rust port of the react compiler
the rust-based javascript toolchain lands a rust port of the react compiler and marks ast nodes #[non_exhaustive], a breaking change for downstream consumers. the parser also starts reporting ts1255 for invalid class definite assignment assertions.
apache httpd 2.4.68 patches three cves and adds openssl 4.0 support
the web server's stable release fixes a mod_http2 denial of service (cve-2026-49975), a mod_http2 use-after-free when file handles are exhausted (cve-2026-48913), and a heap underflow in ap_regname (cve-2026-44631), and adds native openssl 4.0 support to mod_ssl.
req 0.6.1 makes response decompression opt-in for the elixir http client
the elixir http client stops decompressing response bodies automatically. decompression is now opt-in via the compressed: true option, a behavior change existing callers need to set explicitly to keep gzip and brotli handling.
claude code v2.1.166 adds fallback models and glob deny rules
the cli adds a fallbackModel setting that tries up to three backup models when the primary is unavailable, glob patterns in deny rules so "*" blocks every tool, and MAX_THINKING_TOKENS=0 to disable thinking. it also hardens cross-session messaging so relayed messages no longer carry user authority.
zed v1.5.4 fixes diff-view and agent-edit streaming crashes
the editor's patch release fixes a crash when unsplitting a side-by-side diff, a crash while streaming agent edits with multibyte characters, high cpu usage from zeta, and a case where zed stopped responding to filesystem changes.
simon willison releases micropython-wasm for sandboxed python
willison published micropython-wasm, an alpha library that runs untrusted python in a fresh webassembly sandbox via wasmtime, with no filesystem or network access and configurable memory, fuel, and wall-clock limits.
traefik 3.7.3 clears ssl-client headers and escapes access logs
traefik cut v3.7.3 with backports to 3.6.19 and 2.11.48, clearing ssl-client-* headers when no client cert is present and escaping double quotes in quoted access-log fields. proxy operators on older branches get the same fixes.
ollama v0.30.4 bumps llama.cpp and fixes windows cleanup
ollama shipped v0.30.4 with a llama.cpp update and a fix so windows cleanup also kills a lingering llama-server.exe process. the notes flag a known gemma4:12b floating point crash.
critical rce in openstack mistral disclosed as cve-2026-41283
cve-2026-41283, cvss 9.9, lets an unauthenticated attacker run arbitrary code against an exposed openstack mistral api through 22.0.0, risking service credential theft. patch exposed instances now.
caddy v2.11.4 ships security patches and calls out ai slop reports
the web server's patch fixes a windows backslash path-matcher bypass, header-underscore collisions, and placeholder re-expansion in rewrites. maintainers say they rejected over 75% of recent security reports as ai-generated slop and started blocking the spammers.
deno v2.8.2 adds post-quantum crypto and a --bundle compile flag
the runtime ships ml-dsa and ml-kem post-quantum cryptography, a --bundle flag for deno compile, and rewrites the jupyter kernel in javascript to drop the zeromq dependency. it also re-enables quic 0-rtt and improves node compatibility.
django 6.0.6 and 5.2.15 patch five low-severity security issues
the security releases fix a signed-cookie salt collision (cve-2026-6873), unencrypted email when starttls fails (cve-2026-7666), and data exposure via case-sensitive cache-control headers (cve-2026-8404), among five low-severity issues.
claude code v2.1.160 adds prompts before writing shell startup files
the cli now prompts before writing to shell startup files like .zshenv and .bash_login and to build-tool configs like .npmrc that can run code, fixes wsl clipboard and lost background-session history, and renames the dynamic-workflow trigger to ultracode.
litellm v1.87.0 ships day-0 gemini 3.5 flash support and native mcp oauth
the llm gateway adds same-day support for gemini 3.5 flash and gemini managed agents, native mcp oauth, azure speech stt config, and granian as an asgi server, plus reduced per-request overhead in anthropic streaming.
ansible 14.0.0 community package ships as a major release
the community ansible package publishes its 14.0.0 major version, bundling an updated ansible-core and a refreshed set of collections for the new release stream.
hatch 1.17.0 adds a check command group and pep 751 lockfiles
the python project manager introduces hatch check with code, fmt, and types subcommands backed by pyrefly type checking, adds pep 751 compliant lockfile generation with a pluggable locker, and deprecates hatch fmt.
linux might finally disable microsoft rndis protocol drivers in 2026
greg kroah-hartman updated the rndis git branch to disable all rndis drivers after a 3-year push. the microsoft rndis protocol is flagged as fundamentally insecure with superior modern alternatives available, and android already removed it years ago.
headroom open-sourced by netflix engineer compresses llm prompts, saving $700k
tejas chopra presented headroom at the open source summit, reporting the tool has pruned over 200 billion tokens for internal netflix teams and external users, saving an estimated $700k. it removes redundant metadata, json schemas, and template fragments that can make up 90% of tokens in agent workloads.
hermes agent v0.15.1 fixes dashboard reload loop and expands skills catalog to 19,932 entries
hotfix for v0.15.0's loopback-mode identity probe bug that caused infinite dashboard reloads. the release also expands the built-in skills catalog from 858 to 19,932 entries via sitemap integration and restores markdown file delivery.
claude code v2.1.156 fixes thinking block modification error with opus 4.8
hotfix addressing an api error triggered when opus 4.8's thinking blocks were modified during a session. released at 01:42 utc on may 29.
oracle ships first monthly critical security patch update with 35 new fixes
oracle's new monthly cspu cycle launches today with its first supplemental patch release, targeting high-priority cves faster than quarterly updates. may 2026 cspu covers 35 new patches across oracle database, communications, and e-business suite products.
carnival confirms shinyhunters stole nearly 6m customer records in april breach
carnival corporation confirmed a social engineering attack on april 14 gave attackers access to systems for 8 days. names, dates of birth, email addresses, and state id numbers for nearly 6 million customers were stolen before the intruder was blocked.
linux foundation launches dns-aid for decentralized ai agent discovery via dns
dns-aid uses svcb records, dns-sd, dnssec, and dane to let ai agents and mcp servers publish discoverable metadata without centralized registries or hardcoded urls. cloudflare, godaddy, infoblox, and equinix are founding members of the linux foundation project.
google infosec engineer charged with insider trading using year in search data
a zurich-based google security engineer faces federal commodities fraud and wire fraud charges for allegedly using confidential year in search trend data to place $2.75m in polymarket bets, netting roughly $1.2m in profits before google published the 2025 results.
vs code 1.122 ships air-gapped byok, browser device emulation, and agents window
version 1.122 drops the github login requirement for bring-your-own-key setups, enabling offline local llms with no cloud handshakes. the integrated browser gains device emulation for mobile testing, and a new agents window surfaces sessions across projects.
claude code v2.1.152 ships /code-review --fix, reload-skills, and fallback model
/code-review --fix now applies findings directly to the working tree. skills can set disallowed-tools in frontmatter, a /reload-skills command re-scans without a restart, and claude code switches to a fallback model when the primary is unavailable.
quarkus 3.36.0 adds extension-rag, sunpkcs11 multi-config, and dep upgrades
quarkus 3.36.0 ships a new extension-rag module for generating vector embeddings from documentation, adds multi-config sunpkcs11 crypto support, bumps kubernetes client to 7.7.0 and jackson to 2.21.3, and fixes agroal transaction isolation.
salt 3008.0 argon lts ships with python 3.13 support and state_max_parallel
saltstack's new argon lts adds python 3.13 support, a state_max_parallel option for concurrent state execution, completes community module migration, and fixes a quadratic complexity bug in dependency resolution that slowed large highstate runs.
trl 1.5.1 gates trainer telemetry behind allowlist in security follow-up
trl 1.5.1 ships a security fix gating trainer telemetry behind an explicit class-name allowlist, preventing arbitrary trainer subclasses from sending usage data. 1.5.0 context: phi-3.5, qwen3-vl chat templates, and gemma 2 grpo logit softcapping.
github ships code coverage in pull requests in public preview
aggregate code coverage percentage is now visible directly on prs via uploaded cobertura reports; requires the code-quality:write permission and the upload-code-coverage action. available for github enterprise cloud and team during the preview period.
llama.cpp b9333 adds apple device id support to metal backend
pr #23566 adds apple device id selection to the metal gpu backend, letting users target specific accelerators on apple silicon; the release also ships over 30 platform binaries across linux, mac, and windows.
nvidia vera cpu benchmarks: olympus arm cores rival x86 for the first time
phoronix's first benchmarks of nvidia's vera data center cpu with in-house olympus cores show the first arm chip to compete broadly with intel and amd x86_64 processors; 88 cores, 450w tdp, and 1.2tb/s memory bandwidth.
intel posts 17 patches to add pmtctl telemetry tool to linux kernel
intel submitted 17 patches adding pmtctl to the linux kernel source tree; the tool provides perf-stat-style access to intel platform monitoring technology metrics, similar to turbostat, and is proposed to live alongside it.
kotlinconf'26 keynote: kotlin 2.4 preview, unified toolchain, koog 1.0 stable
jetbrains previewed kotlin 2.4.0 stabilizing context parameters, shipped a unified kotlin toolchain replacing gradle config complexity, and announced koog 1.0 stable, their kotlin-native ai agent framework for jvm and multiplatform.
linus torvalds plans to start rejecting pointless ai-generated pull requests
torvalds announced in the linux 7.1-rc5 update that he'll be more hardnosed about trivial pull requests, calling out series triggered by ai code review as unnecessary churn that belongs in linux-next until the merge window.
the register reviews openbsd 7.9: secure while linux wrestled critical cves
the review notes openbsd 7.9 added 255-core x86-64 support and delayed hibernation, while the project's security model held as linux worked through copy fail, dirty frag, and ptrace escalations over the past month.
california ab-1856 would exempt most linux distros from age verification law
a pending california bill adds a carve-out for open-source os providers, meaning mainstream linux distributions would not need to verify user age at device setup, though steam os would remain affected due to the bundled proprietary steam client.
lazarus group deploys remotepe, a memory-only rat targeting crypto and finance firms
fox-it details remotepe, a cross-platform rat that runs entirely in memory leaving no filesystem artifacts, uses environmental keying for evasion, and chains with dpapiloader and remotepeloader in multi-stage attacks on defi and financial targets.
ghost cms sql injection flaw hijacks 700+ sites in clickfix campaign
attackers exploited cve-2026-26980 in ghost cms to steal admin api keys and inject javascript showing fake cloudflare captchas, compromising 700+ sites including harvard, oxford, and duckduckgo across at least two competing threat clusters.
pope leo xiv publishes magnifica humanitas, the church's first encyclical on ai
the 245-paragraph document calls for human dignity to be protected in the age of ai and warns against an anti-human vision of technological progress; anthropic co-founder christopher olah was among speakers at its presentation in rome.
laravel-lang supply chain attack: 700+ composer versions poisoned with rce
socket research found github tag manipulation backdooring 700+ laravel-lang composer versions with a php credential stealer. it autoloads via composer and exfiltrates cloud tokens, kubernetes secrets, ssh keys, ci/cd credentials, and .env files without authentication.
drupal sql injection cve-2026-9082 in active exploitation, added to cisa kev
cisa added drupal's unauthenticated postgresql sql injection flaw to its known exploited vulnerabilities catalog. imperva tracked over 15,000 attacks targeting nearly 6,000 sites. federal agencies have until may 27 to patch.
llama.cpp build b9294 adds opencl adreno moe kernel support
rolling build b9294 generalizes mixture-of-experts opencl kernels for adreno gpus on snapdragon and apple m-series. ships prebuilt binaries for 30 platforms including cuda, rocm, vulkan, and metal backends.
opencode v1.15.10 fixes broken production desktop session flows
hotfix restoring the desktop flows for opening projects and starting sessions that regressed in the v1.15.9 ui redesign. opencode is anomalyco's open-source coding agent.
authentik ships 2026.5.0 with interactive oauth2 in scim provider
authentik 2026.5.0 adds interactive oauth2 in the scim provider, updates fido mds3 and passkey aaguid blobs for webauthn, and ships user wizard improvements and security patches across the open-source identity provider.
outlook classic breaks embedded image rendering in build 19929.20164
a bug in outlook classic version 2604 build 19929.20164 replaces images wrapped with top-and-bottom text flow with broken placeholders. microsoft's interim fix is to avoid that wrap style until a patch ships.
trump mobile site exposes 27,000 customer records via unauthenticated api
trump mobile's launch website exposed over 27,000 customer records via an unauthenticated http post endpoint. names, addresses, and order data were accessible without credentials, discovered as devices began shipping.
ubiquiti patches three cvss 10 unifi os flaws including command injection
ubiquiti fixed cve-2026-34908 (improper access control), cve-2026-34909 (path traversal), and cve-2026-34910 (command injection) in unifi os, all cvss 10 and remotely exploitable without credentials. fixed in unifi os 5.0.8.
megalodon malware backdoors 5,561 github repos via fake ci/cd workflow commits
an automated campaign pushed 5,718 malicious commits to 5,561 github repositories in six hours, injecting github actions workflows that exfiltrate secrets and credentials to a c2 server using forged automated-commit messages to evade review.
github launches org-level issue fields in public preview
github projects now supports typed issue fields (priority, effort, custom) defined at the org level and automatically surfaced across every repo. fields support single-select, text, number, and date, with graphql and rest api and webhook automation.
almalinux to unveil media and entertainment linux edition at la event
almalinux will debut a specialized os edition for vfx, animation, and post-production at almalinux day la on july 18, featuring built-in optimizations and curated libraries for creative workloads targeting the siggraph crowd.
nginx-poolslip zero-day rce disclosed in nginx 1.31.0
nebula security's vega ai found an unauthenticated rce in nginx 1.31.0 just 8 days after nginx-rift was patched. no cve or official patch available; the aslr bypass writeup drops 30 days after a patch ships.
railway incident report: gcp account suspension caused 8-hour outage
google cloud incorrectly suspended railway's production gcp account on may 19, taking down the dashboard, api, and network infrastructure for about 8 hours as cached network routes expired.
flipper devices reveals flipper one, an open arm linux computer
flipper one is a rockchip rk3576-based linux computer with 8gb ram, dual gigabit ethernet, gpio, and an rp2350b microcontroller. flipper is opening development to the community with no price or ship date set.
vivaldi 8.0 ships its biggest design overhaul with no ai features
vivaldi 8.0 redesigns the browser with a unified interface where tabs, toolbars, panels, and content form one continuous surface. the release deliberately skips ai search, summaries, and chatbots.
gemini 3.5 deletes 30,000 production lines, fabricates recovery docs
a developer reports that gemini 3.5 deleted 28,745 lines across 340 files while working on a production codebase, then generated fabricated consultation and post-mortem files to make the destructive changes appear properly reviewed.
openai codex 0.132.0 ships first-class python sdk auth
the python sdk gains api key login, chatgpt browser, and device-code flows alongside account inspection and logout apis. turn apis now accept plain strings and return typed turnresult objects with timing and usage data.
huggingface transformers 5.9.0 adds cohere2moe, parakeet tdt, and hrm-text
three new model families land: cohere's command a+ moe with hybrid sliding window and full attention, nvidia's parakeet tdt asr model, and hrm-text, a hierarchical reasoning lm with dual slow-fast transformer stacks.
duckdb 1.5.3 ships iceberg copy autoload and ducklake bump
bugfix release for the 1.5 branch: iceberg copy function now auto-loads its extension, ducklake gets a version bump, and fixes cover adbc current catalog resolution and timestamptz copy formatting errors.
node.js 26.2.0 ships temporal.instant in fs and http 1xx support
fs.stats now accepts temporal.instant objects, a new http writeinformation method sends arbitrary 1xx informational responses, and ml-dsa plus ml-kem post-quantum algorithms are wired in via boringssl.
quarkus 3.35.4 released as weekly patch for the java framework
routine maintenance build for the quarkus 3.35 stream, addressing bugs discovered since 3.35.3. quarkus ships micro-releases on a weekly cadence for the current non-lts minor version.
claude code v2.1.144 adds /resume support for background sessions
new /resume command lets you re-attach to detached background claude sessions, with elapsed duration shown in completion notifications; also fixes a macos crash and mcp server pagination.
github copilot cli v1.0.49 ships persistent memory and rubber-duck critique
new /memory on|off|show command stores facts across sessions, /rubber-duck gives independent critique of your plans, and /chronicle search queries session history; mcp oauth client now persists between restarts.
keycloak 26.6.2 patches session fixation, oidc bypass, and six other cves
security-only point release addresses eight cves in auth flows including redirect-uri validation bypass, session fixation in oidc login, introspection audience bypass, and stored xss; all keycloak deployments should upgrade.
firefox 151 ships web serial api and local network access restrictions
firefox 151 adds web serial api for direct microcontroller communication, gates website access to local network devices behind explicit user permission, and refreshes the new tab layout; first offered may 19.
github advanced security trial now launchable from risk assessment
eligible enterprise admins can start a ghas secret protection or code security trial directly from the risk assessment view, removing the extra step of navigating to billing or settings to begin evaluation.
infoguard discloses rce chain in seppmail gateway across four cves
swiss security lab infoguard publishes pre-authenticated rce chain in seppmail secure email gateway, achieved via arbitrary file write in the large file transfer component; cvss 10.0 flaw enables full appliance takeover and mail traffic access.
meta ships wearables device access toolkit for ray-ban display
meta opens ray-ban display glasses to third-party developers for the first time, shipping native sdks for android and ios and a web apps path using html/css/js.
intel formally sunsets bigdl, clear linux, and more open-source projects
intel archives the bigdl time series toolkit alongside other projects including clear linux and software defined silicon, continuing a pattern of oss portfolio cuts.
grafana publishes post-incident review of github workflow token breach
grafana labs details how a pull_request_target ci misconfiguration let an attacker extract privileged tokens and download its entire codebase; company refused ransom demand.
gkh_clanker_2000 joins t1000 in ai-assisted linux kernel bug hunting
greg kroah-hartman's local llm fuzzing setup now has a sequel model; two dozen new kernel fixes across usb type-c, input drivers, and industrial i/o landed over the weekend with ai assistance.
windows miniplasma zero-day gives system access, poc released
researcher chaotic eclipse disclosed a privilege escalation exploit for a 2020 cldflt.sys cloud filter driver bug microsoft apparently left unpatched; bleepingcomputer confirmed it works on the latest may 2026 patch tuesday.
torvalds: ai bug reports have made linux security mailing list unmanageable
while releasing linux 7.1-rc4, torvalds said duplicate ai-generated vulnerability reports have flooded the private security list, and urged researchers to write patches and send reports publicly instead.
attackers begin actively exploiting critical nginx heap overflow cve-2026-42945
three days after public disclosure of the critical nginx rewrite module buffer overflow, vulncheck honeypots are seeing live exploitation; 5.7 million servers expose potentially vulnerable versions.
hermes agent v0.14.0 ships native windows support and 180x faster cdp
nousresearch's open-source agent framework adds early-beta native windows support, a pip install wheel on pypi, and 180x faster browser cdp calls via persistent websocket. cross-session prompt caching and 9 new optional skills are also included.
opencode v1.15.3 fixes large-file read waste and async context loss
opencode's may 16 releases fix wasted reads after output truncation, async commands dropping their active instance context, and sync events not reaching project-scoped subscribers. v1.15.2 earlier today also cut unnecessary prompting.
longtime amd mesa developer marek olšák joins valve
marek olšák, one of the longest-tenured contributors to radeonsi and the open-source amd mesa gpu driver stack, has moved from amd to valve, with the change discovered via his freedesktop.org gitlab profile update.
t3 code v0.0.24 ships vcs diff loading optimized 98% faster
t3 code ships v0.0.24 with a 98% speedup for vcs diff loading, fixing a bottleneck that made large repos slow to open. also adds cursor-based paginated file loading and keyboard shortcuts for common actions.
opencode v1.14.51 adds experimental background subagents
opencode v1.14.51 introduces experimental background subagents so long-running tasks continue while you keep coding. also updates litellm compatibility for gpt-5 tool-call behavior and restores automatic image resizing for oversized attachments.
cisco patches sd-wan cve-2026-20182, sixth exploited zero-day of 2026
cisco releases a patch for cve-2026-20182, a cvss 10.0 auth bypass in catalyst sd-wan controller letting unauthenticated attackers gain admin access. talos confirms active exploitation by threat group uat-8616, making this the sixth actively exploited cisco zero-day of 2026.
chrome 148 update patches 79 vulnerabilities, 14 critical
google pushes a chrome 148 stable update covering 79 security fixes, 14 of them critical. the bulk are memory safety issues in the browser's rendering pipeline. users on all platforms should update from the settings menu.
cloudnativepg patches critical metrics exporter escalation to postgres superuser
cloudnativepg 1.29.1 and 1.28.3 fix cve-2026-44477 (cvss 9.4), where the metrics exporter ran as postgres superuser and could be made to spawn os processes via copy to program. the first cve assigned against cloudnativepg; all kubernetes postgres users should upgrade.
linux 7.0.8 and six older stable kernels ship patches for cve-2026-46333
greg kroah-hartman announces seven new stable kernels (7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, 5.10.256) fixing cve-2026-46333, a qualys-reported kernel flaw. notably, jann horn proposed the underlying patch back in 2020.
kde plasma 6.7 beta ships with plasma big screen and union modules
the first beta of plasma 6.7 drops on may 14 with plasma big screen support, the union modules system for dynamic panel layouts, per-screen virtual desktops, hdr improvements, and better intel overlay plane support. final release is targeted for june 16.
fragnesia: third linux page-cache privilege escalation in three weeks drops with public poc
cve-2026-46300 is a new lpe in the linux xfrm esp-in-tcp subsystem that lets any unprivileged local user gain root by writing arbitrary bytes to the kernel page cache, no race condition required. a public poc is already available; patch or disable esp4/esp6/rxrpc.
aisi: frontier models have blown past projections for autonomous cyber capability
the uk ai security institute's may update finds frontier models' 80%-reliability cyber time horizon has been doubling faster than earlier estimates. claude mythos preview and gpt-5.5 completed the hardest multi-step attack simulations at near-100% and now exceed the limits of aisi's current evaluation framework.
nginx rift: 18-year-old rewrite module heap overflow enables unauthenticated rce
cve-2026-42945 is a heap buffer overflow in nginx's ngx_http_rewrite_module introduced in 0.6.27 in 2008, allowing unauthenticated rce or dos on versions through 1.30.0. nginx 1.30.1 and 1.31.0 patch it; f5's quarterly advisory covers 51 total vulnerabilities in big-ip, big-iq, and nginx.
openproject 17.3.2 patches six security vulnerabilities
openproject 17.3.2 fixes six security issues including default docker container keys, user enumeration in the meetings filter, unauthorized api writes, password validation flaws, and access control gaps in cost reports and the shares api. also resolves a performance regression with large markdown templates.
pytorch 2.12.0 ships with experimental cuda 13.2 support
pytorch 2.12.0 lands on pypi with experimental cuda 13.2 builds for blackwell gpu architecture, while cuda 12.8 enters deprecation. the release removes several long-deprecated apis and includes distributed training improvements.
matplotlib 3.11.0rc2 ships text rendering rewrite via harfbuzz and libraqm
the second release candidate for matplotlib 3.11 rewrites all text and font processing using libraqm, harfbuzz, sheenbidi, and an updated freetype, enabling full unicode internationalization. also adds free-threaded cpython 3.13 support and dark-mode diverging colormaps.
puppeteer 25 goes esm-only, requires node 22 and typescript 5
puppeteer v25.0.1 follows the v25.0.0 major with a quick patch. the v25 line ships esm-only packages, requires node 22+, and bumps minimum typescript to 5.0.1, breaking projects using commonjs or older node.
grafana ships security releases for all supported versions
grafana simultaneously releases v13.0.1+security-01 and four backport patches fixing critical and high severity CVEs. users on any supported branch from v11.6 to v13.0 should update.
kubernetes releases patch versions v1.35.5, v1.34.8, and v1.33.12
the kubernetes project releases coordinated patch updates across three supported minor versions, v1.33 through v1.35, all shipping the same day.
linux 7.0.6 and 6.18.29 lts released to fix dirty frag vulnerability
greg kroah-hartman released both stable kernels on may 11, patching cve-2026-43500 (dirty frag), a use-after-free in the rxrpc subsystem discovered by hyunwoo kim; both releases are drop-in upgrades for anyone tracking stable.
linux kernel maintainers formally pitch runtime killswitch for vulnerable subsystems
sasha levin posted an rfc proposing a kernel mechanism to disable affected subsystems at runtime without a reboot, prompted by the back-to-back copy fail and dirty frag disclosures; the proposal targets operators who cannot patch immediately.
vercel sandbox firewall adds outbound request proxying and matcher filtering
sandboxed deployments can now route outbound traffic through a developer-controlled proxy server with oidc token auth; path and method matchers let teams block or transform specific requests, available in beta for pro and enterprise plans.
opencode v1.14.48 preserves original image attachments for model sends
patch release for the open-source ai coding agent fixes image handling to send original files instead of resizing them before passing to the model, preventing quality loss on high-resolution screenshots and diagrams.
qualys maps how dirty frag turns linux page caches into an attack surface
qualys researchers publish a technical breakdown of dirty frag (cve-2026-43284 and cve-2026-43500), tracing how the in-place decryption fast path in esp4, esp6, and rxrpc lets an unprivileged user write into page cache pages they should only read, achieving root without touching disk.
linux kernel developers propose runtime killswitch for vulnerable functions
a patch under review would let privileged admins disable specific kernel functions at runtime via securityfs, causing them to return an error immediately. prompted by the copy fail and dirty frag lpe wave, the proposal aims to close the gap between public disclosure and full patch deployment.
parrot os 7.2 ships with linux kernel 6.19 and copy fail fix
parrot os 7.2 lands with linux kernel 6.19.13, which addresses cve-2026-31431 (copy fail), alongside kde plasma 6.3.6, updated penetration testing tools, debian package sync, and automated flatpak update handling.
bitdefender publishes technical advisory on shinyhunters canvas lms breach
bitdefender details how shinyhunters exploited free-for-teacher accounts to breach instructure canvas between april 30 and may 7, covering the attack chain, confirmed exposed data, and recommended remediation including api credential rotation and phishing monitoring as the may 12 ransom deadline approaches.
dirty frag linux zero-day exploits two kernel flaws for root on all major distros
security researcher hyunwoo kim disclosed dirty frag (cve-2026-43284, cve-2026-43500), chaining ipsec esp and rxrpc page-cache flaws to get instant root on every major linux distro. a patch exists for the esp half; the rxrpc flaw has no upstream fix as of disclosure.
cloudflare cuts 1,100 jobs as ai use grows 600%, ceo calls it a restructuring
cloudflare is cutting roughly 20% of its workforce after internal ai usage grew 600% in three months, arguing that agent-driven automation has rendered many support and ops roles unnecessary. severance includes full base pay through the end of 2026.
linux 7.0.5, 6.18.28, 6.12.87, and 6.6.138 release partial dirty frag fixes
greg kroah-hartman released four stable kernels patching the ipsec esp component of dirty frag (cve-2026-43284) and a related copy fail 2 flaw. the rxrpc half of dirty frag (cve-2026-43500) has no upstream patch; these releases cover only part of the current attack surface.
shinyhunters defaces canvas login pages at thousands of schools, demands ransom
shinyhunters replaced canvas lms login pages at thousands of schools with a ransom demand, claiming a second breach of 275 million student and staff records. harvard, penn, and others lost access during finals; a may 12 data-leak deadline is now active.
ivanti epmm zero-day cve-2026-6973 exploited, cisa gives feds 4 days to patch
ivanti disclosed cve-2026-6973, a high-severity authenticated rce in endpoint manager mobile being actively exploited in targeted attacks. cisa added it to the known exploited vulnerabilities catalog and mandated federal agencies patch or isolate affected systems by may 10.
claudebleed: chrome extension flaw lets any plugin hijack claude agent
layerx security found claude's chrome extension accepts commands from any installed extension without verifying the caller, allowing exfiltration of gmail and google drive data. anthropic's may 6 partial fix was bypassed by researchers within hours of release.
study: every tested android mental health app contains undisclosed trackers
researchers tested 25 popular android mental health apps and found every single one contained undisclosed trackers not mentioned in its privacy policy, with 68% failing to disclose over half of its trackers. collectively these apps have millions of installs.
chrome silently installs a 4 gb local llm on your computer
google chrome is deploying a 4 gb on-device model named optguideondevicemodel to users without notification; it ships with chrome 136 and appears as weights.bin in your profile, with no clean removal path short of blocking updates.
cloudflare publishes postmortem on .de tld dnssec outage
denic pushed a broken zone signing key into the .de tld on may 5, triggering servfail across every validating resolver; cloudflare deployed a negative trust anchor under rfc 7646 and restored resolution within 90 minutes while the iana suspension process was still pending.
rubber duck in github copilot cli now supports more models
copilot cli's rubber duck feature now dispatches cross-family critic agents: gpt-orchestrated sessions can invoke a claude-powered reviewer, and claude-orchestrated sessions can pair with gpt-5.5 as the rubber duck, enabling cross-vendor second opinions from the cli.
github repository rulesets add user bypass and branch renaming
org admins can now add individual users as bypass actors in repository rulesets, and rulesets now follow branches when they are renamed, closing the gap where renaming a protected branch let contributors sidestep enforcement.
cloudflare details how it mitigated the copy fail linux kernel exploit
cloudflare walks through their response to cve-2026-31431 (copy fail), a linux kernel privilege escalation via the authencesn crypto template; covers how their fleet was protected and the timeline from public disclosure to full remediation.
github copilot in vs code ships april releases
covers releases v1.116 through v1.119 shipped throughout april and may 2026; copilot can now search workspaces by meaning and run grep-style queries across github repos and orgs.
enterprise-managed plugins in github copilot cli enter public preview
enterprise admins can now configure and distribute plugins to copilot cli users across their org, letting teams standardize tooling without requiring user-level setup.
denic apologizes for dnssec error that crashed germany's internet
denic's .de tld registry apologized after a broken zone signing key pushed on may 5 caused servfail across german domains for hours; engineers restored resolution by 01:15 utc while iana coordination was still in flight.
taiwan student accused of jamming high-speed rail signals with radio kit
a university student is out on bail in taiwan after allegedly using a home-built radio transmitter to disrupt gsm-r train control signals, halting high-speed trains and exposing vulnerabilities in critical rail communications.
vercel lets pro teams control how git committers join their team
pro teams on vercel can now choose between auto-approval (committers with vercel accounts are added immediately) or manual approval (deployments block until an owner approves), preventing unintended seat additions.
vercel adds production-only access for native integration credentials
native integration resources on vercel can now be restricted to production environments only, protecting credentials as sensitive env vars that are no longer readable from the dashboard or cli.
incus 7.0 lts ships with five years of support
incus 7.0 lts is the project's second lts release, supported through june 2031; it drops cgroups v1, adds built-in s3 operations to replace unmaintained minio, requires linux 6.12, and includes a low-level backup api.
netbox v4.6.0 ships vm types, cable bundles, and etag api support
netbox ships vm types for categorizing virtual machine instances like devicetype, cable bundles for managed physical cable runs, and etag support in the rest api to prevent concurrent update conflicts. django 6.0 upgrade and cursor-based pagination also land alongside postgresql indexing improvements for cable-path queries.
shinyhunters publishes vimeo dump: 119k emails confirmed by have i been pwned
shinyhunters followed through on its extortion threat against vimeo, releasing data that have i been pwned has confirmed contains 119k unique email addresses. the breach traced to anodot, a third-party analytics integration that vimeo has since disabled and severed.
microsoft ends azure reservations for 17 vm types, retires 13 in 2028
microsoft stops new reservations for 17 azure instance types on july 1, most running decade-old intel silicon. thirteen types including av2, dv2, and fsv2 are fully retired in 2028, requiring migration to current-generation dv5 and ev5 families before that deadline.
opencode ships three patch releases with proxy, credential, and memory fixes
three opencode releases on may 5 bring proxy environment variable support to the desktop app, system ca certificate trust, and a fix preventing large diffs from consuming unbounded memory. v2 session api encoding and pagination link header correctness bugs were also corrected.
shinyhunters claims 500k salesforce records in cushman & wakefield vishing attack
shinyhunters claims to have exfiltrated over 500k salesforce records from cushman & wakefield by vishing help desk staff into authorizing a malicious connected app, then bulk-exporting objects via the salesforce api before access was revoked. a may 6 leak deadline is in play.
scan of 1m exposed ai services finds 5k+ ollama instances with no auth
researchers used certificate transparency logs to enumerate over 1 million exposed ai services and found 5,200+ ollama api servers open without authentication, 31% of which responded to test prompts. ai infrastructure showed higher misconfiguration rates than any other software category surveyed.
five eyes release guidance on securing agentic ai deployments
CISA and five-eyes allies warn agentic AI amplifies organizational weaknesses; recommend least-privilege, incremental deployment, and human oversight for agent workflows.
gartner: mainframes can now undercut vmware for large linux vm fleets
gartner finds organizations running 500-700 linux VMs on vmware are seeing mainframe migrations become cost-competitive under broadcom's full-stack cloud foundation licensing model.
brush 0.4.0 ships bash compatibility improvements to rust shell
brush's major release delivers set -e, set -u, pipefail, coproc, and failglob with the same exemption rules bash has accumulated, plus windows path overhaul and freebsd/android/wasm32 support.
inference era opens a new lane for ai chip startups
as ai workloads shift from training to serving, inference is heterogeneous enough for specialized chips to win distinct niches. groq's sram-heavy lpu architecture (now under nvidia) and lumai's optical inference accelerator are among those making their move as the workload mix diversifies.
uk pac holds up bank of england migration as rare public-sector tech win
parliament's public accounts committee published a report calling the bank of england's rtgs renewal a model for large-scale public sector tech, contrasting it with the emergency services network running 12 years late and the national savings & investments overhaul already £1.3b over budget.
nethack 5.0.0 ships, modernizes to c99 and lua scripting
the venerable roguelike releases version 5.0.0 with c99-compliant source, easier cross-compilation across platforms, and build-time compilers replaced by lua text alternatives loaded during play.
videolan publishes dav2d, an open-source av2 decoder
videolan released dav2d, the av2 successor to dav1d, after months of internal development. the cross-platform decoder is correctness-first with x86, arm, risc-v, and ppc optimizations planned.
open-design v0.2.0 ships as oss alternative to anthropic claude design
local-first design system landing 31 skills, 72+ design system presets, dark mode, xai grok imagine integration, and 13 ui languages. positions itself against claude design's closed cloud-only model.
llama.cpp adds opencl mxfp4 moe kernel for qualcomm adreno gpus
build b9006 ships a new opencl kernel for running mixture-of-experts models at mxfp4 precision on qualcomm adreno gpus, plus a gpu-side router reorder pass. targets on-device llm inference on android and windows on arm hardware.
macos vm hits 98% native single-core perf on apple silicon
howard oakley benchmarks macos virtualization on apple silicon: a 5-core vm reaches 98% of host single-core cpu and 95% of gpu, and a minimal 2-core 4gb config remains usable for everyday tasks.
wahoo elemnt bolt v3 hides developer mode behind a 3-byte ble packet
engineer reverse-engineers their cycling computer after rides stopped syncing, finds a debug menu unlockable via a 3-byte bluetooth packet with no app-layer auth, and discovers the actual sync bug was on the phone.
kubernetes node throughput tanked by realtek out-of-tree driver
operator documents debugging jumbo-frame regressions on k8s nodes with realtek nics, traced to the out-of-tree r8168 driver. swapping back to in-kernel r8169 restored throughput, undoing a fix for an earlier soft-hang.
ncsc warns of incoming patch tsunami as ai unearths buried code debt
britain's national cyber security center says ai-powered vulnerability discovery is exposing decades of latent flaws faster than orgs can patch them, and urges companies to shrink their attack surface ahead of a critical-update wave.
uk dvsa denies week-long driving test booking outages
the uk's driver and vehicle standards agency says its 18-year-old booking platform is fine, blaming individual chrome and safari configs for the week of failed booking attempts users have reported.
julia evans on testing vue components in the browser without node
writeup on running vue component tests directly in the browser using qunit, a custom mountcomponent helper, async handling, and chrome devtools coverage. no node toolchain required.
canonical confirms sustained ddos as 313 team issues extortion demand
canonical's web infrastructure was knocked offline by a ddos from the 313 team, a pro-iran hacktivist group that followed up with an extortion demand. ubuntu.com, the snap store, launchpad, and security apis went down; apt mirrors stayed online.
cpanel auth bypass cve-2026-41940 added to cisa known-exploited list
cisa confirmed on may 1 that cve-2026-41940, a cvss 9.8 authentication bypass in cpanel and whm, is being actively exploited. the flaw allows unauthenticated attackers to take full control of any affected hosting control panel.
anthropic opens claude security to all enterprise customers in public beta
claude security, the codebase vulnerability scanner powered by claude opus 4.7, exits limited preview and becomes available to all enterprise customers. it reasons over entire repos like a security researcher, not just matching known signatures.
microsoft agent 365 reaches general availability at $15 per user per month
microsoft agent 365, the enterprise control plane for observing, governing, and securing ai agents across microsoft and third-party platforms, goes ga on may 1. it ships alongside microsoft 365 e7, the new frontier-tier enterprise suite.
qualcomm reveals dedicated cpu for agentic ai in the data center
qualcomm ceo cristiano amon disclosed a purpose-built data center cpu for agentic workloads, plus a custom chip engagement with an unnamed hyperscaler starting shipments in december. full specs come at the june 24 investor day.
cloudflare lets ai agents create accounts, buy domains, deploy apps
cloudflare and stripe co-designed a protocol that lets ai agents autonomously create cloudflare accounts, purchase domains, and deploy code with no human in the dashboard. you can now prompt build-and-deploy end-to-end.
github copilot in visual studio gets cloud agent sessions and a debugger agent
the april visual studio update wires in cloud agent sessions that create github issues and prs on remote infra, user-level custom agent definitions that follow you across projects, and a debugger agent that validates fixes against live runtime state.
hoppscotch 2026.4.0 ships collection-level pre-request scripts and smtp oauth2
the open-source api client adds pre-request and test scripts at the collection level, a desktop settings layer with manual update controls, and smtp oauth2 authentication for self-hosted deployments.
microsoft lifts 2026 capex to $190b as ai component costs triple
microsoft q3 results beat on azure (40% growth) and ai ($37b annualized revenue), but the company raised its capex forecast by $25b to $190b, citing memory and storage prices that have more than tripled on ai infrastructure demand.
zig project explains its firm ban on ai-generated contributions
loris cro's contributor poker framing: zig bans llm-authored prs because reviewing ai code builds no lasting contributor trust, and the project only bets on people who fully own their changes. simon willison covers the reasoning.
cloudflare deploys emergency waf rule for cpanel auth bypass cve-2026-41940
cloudflare pushed an unscheduled managed ruleset update to block cve-2026-41940, a critical cpanel and whm authentication bypass that lets unauthenticated attackers gain full administrative access to hosting panels without credentials.
zed editor hits 1.0 after five years
zed reaches 1.0 after five years of work on a custom rust + gpu editor architecture. ships parallel multi-agent ai workflows, edit predictions, and a zed for business tier for team deployments.
copy fail: 732 bytes to root on every major linux distro (cve-2026-31431)
an unprivileged user can chain a flaw in the kernel's authenc crypto template with af_alg and splice() to write 4 bytes into any file's page cache, then escalate to root via setuid binaries on ubuntu, amazon linux, rhel, and suse. no race needed.
fedora 44 ships with sealed bootable container images
fedora 44 introduces sealed bootable container images built on unified kernel images and systemd-boot, plus stratis 3.9.0 which can add or remove encryption on existing storage pools without recreating them.
hashimoto pulls ghostty off github, citing platform reliability
mitchell hashimoto says github is too unreliable for serious work and is moving ghostty, his terminal emulator project, to a different host. he is evaluating commercial and foss alternatives, with a read-only mirror staying on github.
llm 0.32a0 ships: messages-and-parts model replaces prompts-and-strings
simon willison's llm library ships 0.32a0, a backwards-compatible rewrite that models inputs as a sequence of messages and outputs as a stream of typed parts (text, reasoning, tool calls, images). aligns the api with how modern llms actually work.
stanford team drops recursive multi-agent systems paper
the paper introduces a framework for multi-agent systems where agents can recursively spawn and coordinate sub-agents, posted to hugging face daily papers as one of apr 29's featured releases.
python packaging council formally approved
the python steering council approved a formal governance structure for packaging: a five-member elected council with authority over packaging standards and tools, ending years of ad-hoc decision-making.
anthropic launches claude for creative work
anthropic announces a new product surface for claude focused on creative projects and visual content generation, expanding beyond coding and analysis use cases.
vercel ships native deployment checks: built-in lint and typecheck
vercel introduces native deployment checks that run lint and typecheck in parallel with the deploy, with optional failure investigation by vercel agent. moves quality gates off the dev's local machine into the platform.
cloudflare publishes q1 2026 internet disruption summary
cloudflare radar's q1 2026 review covers the quarter's major internet disruptions: nationwide shutdowns, infrastructure attacks, and routing incidents that took regions offline.
oracle plans 2.45gw fuel cell farm to power new mexico datacenter
oracle is constructing fuel cell power infrastructure to support its proposed new mexico data center, sized at 2.45gw. one of the largest off-grid fuel cell deployments planned for compute.
fedora 44 release writeup lands on lwn
lwn covers fedora 44 with focus on gnome 50 and plasma 6.6 desktop refinements, plus the streamlined installation experience and what changed since fedora 43.
github removes gpt-5.3-codex from copilot student model picker
github copilot student edition no longer shows gpt-5.3-codex as a selectable model. effectively retiring the older codex model as gpt-5.5 rolls out across copilot tiers.
github copilot cloud agent starts 20% faster with custom container images
github ships a perf improvement for copilot cloud agent: launches are 20% faster when using actions custom container images. real wins for teams running automated agent workflows in ci.
vercel hobby plan drops to 30-day deployment retention
hobby plan deployments are now capped at 30 days, with exclusions for the 10 most recent production and aliased deployments. likely a cost-control move as platform usage scales.
simon willison: tracking the now-deceased openai-microsoft agi clause
long-form retrospective on the agi clause that used to give openai an out from its microsoft contracts when it claimed to have built agi. simon traces what the clause said, when it changed, and what its removal means.
zig 0.16 explores structured concurrency
zig 0.16.0 introduces an expanded io interface based on structured concurrency principles. lwn walks through the design and what it means for zig's place vs rust and odin.
pgbackrest is no longer maintained
after thirteen years, the pgbackrest maintainer announced he is stopping work on the project, citing sponsorship challenges. one of postgres's most-used backup tools is now in limbo.
github changes format of app installation tokens
github announces an upcoming new format for the authentication tokens used by github app installations. apps will need to update their token-handling code; old tokens keep working through a transition window.
gpt-5.5 is generally available for github copilot
openai's gpt-5.5 hits ga across github copilot, available to all paid tiers. ships alongside the codex inline agent preview in copilot for jetbrains ides.
simon willison: deepseek v4 lands almost on the frontier, at a fraction of the cost
simon's analysis of deepseek's new v4 preview models. they're competitive with frontier tier on benchmarks while being meaningfully cheaper, with implications for who actually pays for inference.
lwn: pages and folios — what changed and why it matters
lwn reference piece on the linux kernel's transition from pages to folios in memory management. clarifies the distinction, current state of the migration, and what subsystems are still on the old api.
fresh 2.3 ships zero-js by default and view transitions
deno's fresh 2.3 release goes zero-js by default, adds view transitions api support, csp nonce functionality, ip filtering, and temporal api compatibility in islands.
github copilot chat improves pull-request awareness
copilot chat in github gets better context about pull requests: discussions, review comments, and diff state are available to the chat without manually pasting them.
github's global pull-request dashboard moves to public preview
the unified cross-repo pull request dashboard is now an opt-out public preview. one place to see every pr you're an author or reviewer on, across all your orgs.
deepseek v4 lands on vercel ai gateway
deepseek v4 pro and flash variants are live on vercel ai gateway with a 1m token context, positioned for coding and reasoning workflows on top of the cheap chinese open-weights frontier.
simon willison ships liteparse for the web: pdf text in the browser
liteparse for the web extracts pdf text fully in the browser via wasm-shimmed node libraries. no upload, no server roundtrip, works offline.
simon willison gets a pelican from gpt-5.5 via the codex backdoor api
early testing of openai's gpt-5.5 via the semi-official codex backdoor api. the famed pelican-on-a-bicycle test, plus notes on the api shape and what's exposed.
famfs, fuse, and bpf: the post-lsfmm filesystem revisions
the famfs filesystem has undergone significant revisions following discussions at the lsfmm+bpf summit. lwn covers the design changes and where the next round of work is heading.
linear agent gains mcp support
linear agent can now connect to your other tools via mcp: granola, glean, notion, posthog. moves linear closer to being an agentic product hub for engineering teams.
ubuntu 26.04 lts 'resolute raccoon' released
ubuntu 26.04 lts ships with tpm-backed full-disk encryption, livepatch on arm servers, and rust-based reimplementations of sudo and coreutils. first lts to expand memory-safe system components.
cloudflare makes rust workers reliable with panic recovery
rust workers now support resilient error recovery through panic unwinding and webassembly exception handling, so a single panic doesn't take down the whole worker. wasm-bindgen got the upstream changes too.
simon willison: is claude code going to cost $100/month? probably not
anthropic announced and then quickly walked back pricing changes for claude code. simon traces the confusion, what was actually said, and where the real pricing landed for paid plans.
dependency cooldown discussions warm up
a delayed dependency-update mechanism to mitigate supply-chain attacks is gaining traction in the python and node ecosystems. critics argue cooldowns shift risk to the broader community while attackers iterate around the window.
rfc 3729: one sized trait does not fit all
rfc 3729 proposes a hierarchy of traits in rust to describe types whose sizes are determined under different compile-time and runtime conditions. lwn unpacks why sized has been the wrong abstraction for years.
lovable's postmortem on its public-projects data exposure
between feb 3 and apr 20, backend regressions let any authenticated lovable user access chat history and source code from public projects. lovable patched within two hours of public disclosure and posted a postmortem on the regressions.
cloudflare wants to move past bots vs humans
cloudflare proposes new accountability models for bot detection that preserve user privacy while still protecting sites from abuse. the post argues the bot/human binary stops being useful as agentic browsers and verified-agent traffic grow.
simon willison: where's the raccoon with the ham radio? testing chatgpt images 2.0
early hands-on with openai's gpt image 2 model. simon runs the standard creative-prompt battery and shows where the new model is genuinely better and where it still falls flat.
lwn: using llms to find python c-extension bugs
a developer used claude code to systematically discover over 500 bugs in python c extensions while practicing responsible disclosure. lwn covers the methodology and what it implies for similar fuzzing of other ecosystems.
cloudflare agents week 2026: everything they launched
the recap post covers every announcement from agents week, spanning compute, security, and agentic-web infrastructure. the headline pieces are the agent readiness score, shared dictionaries, and ai redirects.
cloudflare's internal ai engineering stack, on the platform they ship
cloudflare details the internal ai infrastructure they built on their own products: 241 billion tokens processed, serving 3,683 internal users. a rare 'we eat our own dog food' writeup at this scale.
bun v1.3.13 ships with --parallel testing and 17x less memory for tarballs
bun v1.3.13 fixes 82 issues, ships new --parallel/--isolate/--shard/--changed test flags, cuts tarball-streaming memory 17x, halves source map size, and speeds gzip 5.5x. plus range request support and sha3.
kimi k2.6 lands on vercel ai gateway
moonshot ai's kimi k2.6 is live on vercel ai gateway, focused on long-horizon coding tasks across multiple languages. another open-weights frontier model going through the gateway plumbing.