Your source for technology insights, tutorials, and guides.
This week's security updates from AlmaLinux, Debian, Fedora, Red Hat, SUSE, and Ubuntu fix critical vulnerabilities in popular packages including browsers, Java, containers, and libraries.
Greg Kroah-Hartman announced seven new stable kernels including fixes for Xen and the AEAD socket vulnerability.
GCC 16.1 defaults to C++20, adds experimental C++26 features like reflection and contracts, an Algol68 frontend, and HTML diagnostic output. Migration tips included.
Hyrum's Law in action: Linux 6.19 kernel changes break Google's TCMalloc due to undocumented dependencies, forcing accommodations under no-regressions rule.
Explains Prolly trees (probabilistic B-trees) and how Dolt uses them for version-controlled databases, covering differences from B-trees, branching, merging, use cases, and trade-offs.
NHS plans to close most open-source repos due to LLM vulnerability scanning; Terence Eden argues decision is misguided and contradicts UK policy.
PEP 772 establishes a formal Packaging Council for Python, approved April 2026. Five members will be elected after PyCon US 2026 to oversee standards and tools.
An overview of key open source news from LWN.net's April 30, 2026 edition, including Famfs, Python packaging, Zig, Linux kernel changes, software releases, and tributes.
AlmaLinux, Debian, Fedora, Red Hat, SUSE, and Ubuntu released security updates for dozens of packages including firefox, sudo, and openjdk.
GCC 16.1 sets C++20 as default, adds experimental support for C++26 features (reflection, contracts, expansion, std::simd), introduces an Algol68 frontend, and enables HTML diagnostics for clearer compiler output.
Hyrum's Law struck the Linux kernel when TCMalloc's undocumented dependency on restartable sequences broke in 6.19. Maintainers compromised, adding compatibility code to preserve no-regressions.
Friday security updates from AlmaLinux, Debian, Fedora, Oracle, Red Hat, SUSE, and Ubuntu address vulnerabilities in numerous packages. Admins urged to patch promptly.
An exploration of Prolly trees, a variant of B-trees enabling efficient version control for databases, as used by Dolt.
NHS plans to close open-source repos due to LLM security scanning, sparking debate over policy contradiction with UK Tech Code of Practice.
EtherRAT malware campaign uses fake GitHub repositories and SEO poisoning to target IT professionals. Learn attack vectors, mitigation, and how to stay safe.
DEEP#DOOR is a Python backdoor using tunneling services to steal browser/cloud credentials, disable security controls, and establish persistence.
A roundup of major cybersecurity incidents: SMS blaster scams, OpenEMR vulnerabilities, 600K Roblox account breaches, supply chain attacks, and exposure of millions of unprotected servers.
Supply chain attacks on PyTorch Lightning (versions 2.6.2/2.6.3) and Intercom-client compromised credentials via malicious PyPI packages in April 2026.
A supply chain attack using sleeper Ruby gems and Go modules steals credentials, tampers with GitHub Actions, and installs SSH persistence, attributed to BufferZoneCorp.
Two cybersecurity pros sentenced to 4 years for aiding BlackCat ransomware attacks in 2023, highlighting insider threats and DOJ crackdown.