may 19, 2026
6 links from the engineering internet.
claude code v2.1.144 adds /resume support for background sessions
new /resume command lets you re-attach to detached background claude sessions, with elapsed duration shown in completion notifications; also fixes a macos crash and mcp server pagination.
github copilot cli v1.0.49 ships persistent memory and rubber-duck critique
new /memory on|off|show command stores facts across sessions, /rubber-duck gives independent critique of your plans, and /chronicle search queries session history; mcp oauth client now persists between restarts.
keycloak 26.6.2 patches session fixation, oidc bypass, and six other cves
security-only point release addresses eight cves in auth flows including redirect-uri validation bypass, session fixation in oidc login, introspection audience bypass, and stored xss; all keycloak deployments should upgrade.
firefox 151 ships web serial api and local network access restrictions
firefox 151 adds web serial api for direct microcontroller communication, gates website access to local network devices behind explicit user permission, and refreshes the new tab layout; first offered may 19.
github advanced security trial now launchable from risk assessment
eligible enterprise admins can start a ghas secret protection or code security trial directly from the risk assessment view, removing the extra step of navigating to billing or settings to begin evaluation.
infoguard discloses rce chain in seppmail gateway across four cves
swiss security lab infoguard publishes pre-authenticated rce chain in seppmail secure email gateway, achieved via arbitrary file write in the large file transfer component; cvss 10.0 flaw enables full appliance takeover and mail traffic access.