System76 boss reckons he can liberate the entire PC stack... just give him another 15 years
Bootstrapped Linux box-botherer flogs new Thelio kit, talks up COSMIC, and politely declines to bolt AI onto everything
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Oracle’s Second Monthly Security Updates Deliver 245 Patches
Oracle has released its June 2026 Critical Security Patch Update to fix vulnerabilities in Communications, EBS, Enterprise Manager and other products. The post Oracle’s Second Mont…
HPE Discover: Neri outlines an AI architecture built for agents
HPE is all in on AI, according to the message coming from CEO Antonio Neri. AI agents are now running alongside end users in enterprise infrastructure, changing how workloads mo…
Microsoft working on Defender patch for RoguePlanet zero-day
Microsoft confirmed that it's working on a security patch for a Defender zero-day vulnerability named "RoguePlanet," disclosed one week ago. [...]
Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities
The browser updates address multiple memory safety bugs that could potentially lead to remote code execution. The post Chrome and Firefox Updated to Patch Critical, High-Severity V…
UK Social Media Ban for Minors Has Privacy Experts Worried
The UK will ban adolescents under 16 years old from user-to-user social media platforms, despite age verification issues and privacy concerns.
145 Mastra npm Packages Compromised via Hijacked Contributor Account
As many as 145 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) …
Tesco is sprinting to quit VMware and Broadcom despite rapid migration risks
Supermarket giant has turned to third-party support as court sets date to hear licensing dispute
Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared…
Kodak confirms data breach claimed by ShinyHunters extortion gang
Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. [...]
3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs
SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking. The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs…
Developers build the best tools for developers – and are now defanging the AI menace
Fear and even grief are natural reactions to machines that do your job. The next reactions – acceptance and innovation – are more useful
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known…
Cyberattack sees crops kept in the ground
Bitter harvest for Australia's Mackay Sugar, attacked in peak cane crushing season
Fileless Phantom Stealer Targets Browser Credentials
In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques designed to evade detection.
AMD's Mext buy shows how AI could solve the RAM shortage it created
Running low on memory, can't afford more? The House of Zen's latest acquisition puts an AI spin on flash-based memory expansion
Security Community Slams US Ban on Exporting Mythos, Fable
An open letter signed by dozens of security experts asked the government to reverse export restrictions on Anthropic's Claude Fable 5 and Mythos 5 models.
Malicious JetBrains Marketplace plugins steal AI API keys from developers
At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. [...]
The new Siri makes one of Apple's most convenient OS features a cumbersome mess
Goodbye, useful Spotlight; hello force-fed Apple intelligence bloatware that feels distressingly like Google AI Overviews
Python dev saved from disaster by intuition... and AI
I'm sorry, Dave. I can't install that repo that will totally hose your system
New Rokarolla Android malware targets 217 banking, crypto apps
A new Android banking trojan named Rokarolla is targeting 217 banking and cryptocurrency applications using an extensive set of 137 commands. [...]
Intel-born networking tech resurfaces as InfiniBand alternative for DoE supers
Omni-Path lights up Lawrence Livermore system at 400 Gbps
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Googl…
AI and brain-computer interface allow speechless ALS patient to work a full-time job
The hardware isn't new, but a UC Davis research team's machine learning-powered method of translating brain activity in an ALS patient into sentences with 92% accuracy is
Steam Workshop abused to spread malware via Wallpaper Engine app
Threat actors are abusing Steam Workshop, Valve's community hub for downloading game-related content, to push various malware hidden in wallpaper packages. [...]
Three critical Fortinet sandbox bugs splattered by unknown attackers
All have patches, so make sure you upgrade to a fixed version
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.
Commodore gets into the phone biz with Sailfish-powered retro 'Callback'
Ships sans email, web, or socials, but with plenty of beige plastic
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalys…
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent repo…