The engineering internet, daily.
A short scroll of what's worth your attention across blogs, github, AI labs, and the wider tech world. New batch every morning.
subscribe via rssllama.cpp b10058 adds vulkan q2_0 quantization support
the vulkan backend gains the q2_0 quantization format and doubles the rows per workgroup for matrix-vector multiplication, giving better throughput than q2_k on gpu inference.
tokio 1.53.0 adds a task schedule latency metric and fs conversions
the runtime release adds a task schedule latency metric, ownedfd and ownedhandle conversions for filesystem types, and unix socketaddr methods, plus fixes for mpsc receiver wakeups and a runtime constructor stack overflow.
n8n 2.31.3 signs ses requests with the ses service name
the patch fixes aws ses request signing to use the correct ses service name so email-sending nodes authenticate, and corrects end-user credential validation and identity-hook recognition.
astro 7.1.1 fixes encoded paths under domain-based i18n
the patch fixes encoded request paths being routed to the wrong locale when domain-based i18n is enabled, so percent-encoded urls resolve to the correct domain.
litellm v1.90.5 backports a docker source directory fix
the release cuts a stable 1.90.x patch that backports a docker source directory restoration fix, unbreaking container builds off the pinned line.
llama.cpp b10043 adds cuda virtual devices support
the cuda backend can now expose virtual devices, splitting one physical gpu into multiple logical ones. the build disables the nccl multi-gpu path while virtual devices are in use to avoid conflicts.
openai codex 0.144.5 hardens dangerous-command detection
the codex cli stable release widens its blocklist for risky shell commands, catching more forced rm variants, and gives clearer feedback when it refuses to run a command.
ollama 0.32.1 improves gemma 4 tool calling and fixes an mlx cache leak
the pre-release sharpens gemma 4 tool calling and multi-turn reasoning with more reliable tool-response continuations, and fixes a recurring mlx model cache leak that grew memory use across requests.
n8n 2.31.2 requires an execution mode for mcp workflow runs
the patch makes mcp workflow executions specify an execution mode instead of defaulting silently, and fixes a regression that changed the width of every dropdown in the editor ui.
ruff 0.15.22 adds noqa-modernizing preview rules and an e402 autofix
the release ships preview rules ruf105 and ruf106 for cleaning up noqa comments plus ruf201 for readable config selectors, adds an autofix for pycodestyle's e402, and speeds up lexing and parsing.
tokio 1.52.4 fixes a runtime driver skip when before_park schedules work
the patch fixes a runtime bug where the io driver could skip a cycle if the before_park hook scheduled new work, so that work no longer stalls until the next wakeup. it also cleans up taskdump output.
pnpm 11.13.1 fixes pnpm pack ignoring package-level .npmignore
the patch makes pnpm pack respect a package's own .npmignore instead of the workspace root rules, improves visibility of the minimumreleaseage approval prompt, and fixes self-update linking native binaries.
llama.cpp b9970 adds a lightning-indexer op for deepseek v3.2/v4
llama.cpp build b9970 introduces a new ggml lightning-indexer operation that wires up deepseek v3.2 and v4's sparse-attention indexer, a prerequisite for running those models' native long-context path on the cpu and gpu backends.
litellm v1.92.0 ships day-0 gemini 3.5 flash and trims streaming overhead
litellm's stable v1.92.0 adds day-0 gemini 3.5 flash support, native mcp oauth for cursor with per-server rpm limits, and cuts about 30% of per-chunk streaming overhead on the anthropic and bedrock hot paths.
llama.cpp b9963 adds multi-tile deepseek-ocr with a unified preprocessor
llama.cpp build b9963 brings multi-tile support and dynamic resolution to deepseek-ocr v1, sharing a unified image preprocessor across ocr v1 and v2 plus fixes for multi-row and multi-column tiling.
litellm v1.91.2 backports bedrock fixes to the stable 1.91.x line
litellm ships a v1.91.2 patch that backports two bedrock provider fixes from the dev branch to the stable/1.91.x line, so teams pinned to that series get the fixes without moving to 1.92 or 1.93.
zed 1.10.2 wires up gpt-5.6 sol and terra for chatgpt subscribers
zed's assistant can now use openai's new gpt-5.6 sol and terra models for users on a chatgpt subscription. the lighter luna tier stays gated, since openai has not opened it to third-party clients yet.
llama.cpp b9949 adds cluster-parallel flash-attention decode for adreno gpus
the opencl backend gains cluster-parallel decode for flash attention on qualcomm adreno gpus, speeding up token generation for on-device inference on android and other adreno hardware.
litellm v1.93.0-dev.3 adds passthrough and oauth-delegate mcp auth types
the dev build exposes true_passthrough and oauth_delegate auth types for mcp servers behind a no-auth warning, and makes bedrock guardrails honor disable_exception_on_block by raising a modify-response exception instead of erroring.
n8n 2.30.3 keeps the ai assistant thread intact on editor hand-off
the pre-release fixes a bug where the ai assistant's conversation thread was lost when the editor handed off between views, so in-progress help now survives the transition.
next.js 16.3 canary teaches turbopack to compile pages-router service workers
the canary makes turbopack compile service workers registered from pages-router pages and emit them to /_next/static/, closing a gap where pages-router service workers were not bundled correctly.
llama.cpp b9939 adds depthwise conv2d on the metal backend
build b9939 lands a metal implementation of depthwise 2d convolution (conv_2d_dw) with channel-tiled kernels and f16 support, one of several llama.cpp builds cut on the day. it speeds vision and mobile-style models that lean on depthwise convs on apple gpus.
n8n 2.29.9 fixes expression isolate reuse when resolving node inputs
the 2.29.9 patch makes n8n acquire a fresh expression isolate when resolving node inputs and parameters, fixing state that could bleed between evaluations in the workflow-automation tool. a 2.30.2 pre-release ships the same fix on the newer line.
adobe coldfusion max-severity rce cve-2026-48282 now exploited in the wild
attackers began hitting cve-2026-48282, a max-severity unauthenticated path-traversal rce in adobe coldfusion, within hours of public disclosure. shadowserver tracks nearly 800 exposed instances and adobe urges admins to patch within 72 hours.
china-aligned hackers exploit roundcube flaws at us and canadian universities
proofpoint says a china-aligned cluster it tracks as unk_masstraction chained roundcube flaws cve-2024-42009 and cve-2025-49113 to steal credentials and drop the vshell tool, hitting physics and engineering departments with national-security ties.
uk cyber resilience pledge lands 60 signatories including m&s and capita
marks & spencer and 59 other organisations signed the uk government's new voluntary cyber resilience pledge, committing to board-level security ownership, enrolling in ncsc early warning, and pushing suppliers toward cyber essentials.
chinese open models gain us ground as openai and anthropic costs surge
cnbc reports us firms now route 30 to 46 percent of openrouter tokens through chinese open models that run 60 to 90 percent cheaper. lindy shifted 100 percent of its traffic off claude to deepseek, citing costs crashing to the ground.
llama.cpp build b9894 fixes a vulkan set_rows f16 crash
the inference engine tags build b9894 with a vulkan fix that checks the src0 type in ggml_op_set_rows to avoid failures from unimplemented f16 support, one of several builds cut through the day.
apache airflow 3.3.0 ships asset partitioning and a task state store
airflow 3.3.0 adds partition mappers that fan asset events out to downstream runs, a first-class task and asset state store that survives retries, pluggable retry policies, and an experimental language task sdk for writing tasks in java and go.
terraform 1.16 alpha adds an ephemeral store block to terraform_data
the first 1.16 alpha lands a store block in terraform_data for ephemeral and sensitive values, resource action failure modes (halt, taint, continue), json output for state show and workspace list, mermaid graph export, and linux s390x builds.
meilisearch 1.49 makes synonym storage up to 13x cheaper
meilisearch 1.49.0 loads synonyms lazily, only when a word actually matches one, instead of holding them all in memory. that cuts synonym storage cost by up to 13x on synonym-heavy indexes, with openapi and workflow fixes alongside.
llama.cpp b9885 enables tiled matmul on aix for ~2x cpu throughput
build b9885 turns on the tiled matmul path for ibm aix while shrinking its stack buffer to avoid segfaults, roughly doubling prompt-processing speed for fp32, q4_0, and q8_0 models on that platform.
localai 4.6.1 adds a model-capabilities endpoint and quiets oidc logs
localai 4.6.1 adds a get /v1/models/capabilities endpoint so clients can query per-model features, tones down noisy oidc/oauth logging, and ships fixes for reasoning models and distributed load balancing across backends.
n8n 2.29.6 pins langgraph to stop broken npm installs
n8n 2.29.6 and 2.28.7 pin langgraph and langgraph-checkpoint to compatible versions after a transitive bump started breaking fresh npm installs of the workflow-automation tool.
posthog cli 0.8.1 starts reporting its own errors via telemetry
the posthog cli 0.8.1 patch captures cli errors through posthog's own telemetry so failures in the tool surface back to the maintainers instead of dying silently on user machines.
clickhouse tags v25.8.28.1-lts, third 25.8 patch in three days
clickhouse cuts v25.8.28.1-lts on the 25.8 long-term-support line, its third maintenance patch in three days after v25.8.27.1 and v25.8.26.11, refreshing signed client and server binaries across architectures.
litellm v1.92.0-rc.1 hardens mcp token exchange and masks leaked creds
the llm gateway's release candidate reworks mcp on-behalf-of token exchange onto a v2 resolver with rfc 9728/8414 discovery, masks provider credentials in fallback errors, stops master_key and database_url leaking in debug logs, and fixes anthropic prompt-cache billing.
llama.cpp b9871 fixes broken cpu concat for quantized types
build b9871 repairs a broken cpu concatenation path for quantized tensor types and adds concat tests covering them, fixing wrong results when concatenating quantized data on the cpu backend.
clickhouse tags v25.8.27.1-lts a day after its last 25.8 patch
clickhouse cuts v25.8.27.1-lts on the 25.8 long-term-support line, landing just a day after the v25.8.26.11-lts patch and refreshing client and server binaries across architectures.
llama.cpp b9866 adds cuda topk-moe fusion for 288-expert models
the build fuses top-k mixture-of-experts routing into a single cuda kernel for 288-expert models like step-3.7, cutting fixed routing overhead for roughly a 2.4% decode speedup at shallow context depths.
n8n 2.28.6 fixes duplicate zod instances that broke npm installs
the patch stops n8n's core package from pulling in duplicate zod copies, a clash that had been breaking npm installs, and realigns parameter input sizing in the editor.
clickhouse ships v25.8.26.11 lts maintenance patch
clickhouse tags v25.8.26.11-lts, another maintenance patch on the 25.8 long-term-support line, shipping refreshed client and server binaries across architectures.
litellm 1.90.2 backports gemini live fixes and cosign signing
the stable patch backports fixes for gemini live setup and hung-handshake recovery, and adds docker image signature verification through cosign.
llama.cpp reworks its hexagon flash attention kernels in build b9857
the b9857 build overhauls the hexagon backend's flash attention path with kernel refactors, better mask processing, and vectorized ops for accuracy and speed on qualcomm dsps.
clickhouse tags v26.5.5.8 on the 26.5 stable line
the analytics database cuts another 26.5 stable maintenance patch as v26.5.5.8, its latest release on the 26.5 branch following v26.5.4.21 two days earlier.
n8n 2.29.2 preserves date values passed into expression isolates
the workflow automation tool patches its expression engine to preserve date values passed into the isolate, fixes tool-variant node badges in the ui, and normalizes empty salesforce node responses.
grafana 13.1.0 ships alerting upgrades and core datasource decoupling
the observability platform's 13.1 release lands a batch of alerting improvements, accessibility fixes, and decoupling of core datasources, plus dashboard editor and provisioning updates.
biome 2.5.2 adds a svelte state rule and nullish-coalescing options
the rust-based js and css toolchain ships options for usenullishcoalescing to ignore boolean coercion and primitives, a new svelte rule against unnecessary state wrapping, and css nesting-selector parse fixes.
rust 1.96.1 point release patches cargo retries and bundled libssh2
the first 1.96 point release fixes cargo timeout and retry behavior, ships security patches to the bundled libssh2, and corrects a rustc miscompilation in a mir optimization pass.
uv 0.11.26 reworks its resolver onto ids-only pubgrub dependencies
astral's python package manager adapts its resolver to ids-only pubgrub dependencies, reuses resolver work across pubgrub iterations, and trims allocations in forkmap, a performance-focused patch released on 2026-06-30.
polars 1.42.1 deprecates pl.concat strict for how=horizontal_extend
the python dataframe library deprecates the strict parameter of pl.concat in favor of how='horizontal_extend' and adds a sampled resolve mode for multi-file parquet metadata to speed up scans, plus assorted bug fixes.
astro 7.0.4 html-escapes transition directive values on hydrated islands
the patch ensures astro transition directive values are html-escaped when rendered on hydrated islands, closing an injection vector, and fixes trailing-slash handling in generated routes.
vite 8.1.1 fixes an import.meta.hot.invalidate stack overflow
the patch stops a stack overflow when calling import.meta.hot.invalidate() in bundled dev, serves assets emitted during hmr and lazy compile, handles malformed uris in the index html middleware, and resolves tsconfig paths in css imports.
traefik 3.7.6 bumps lego for acme and patches ingress-nginx handling
the reverse proxy ships v3.7.6 alongside v3.6.22 and v2.11.51, bumping go-acme/lego to v5 for acme certificate issuance and fixing kubernetes ingress-nginx provider handling. the release flags a migration guide to read first.
timescaledb 2.28.2 fixes broken 2.28.1 upgrade migrations
the postgres time-series extension patches the bgw_job_stat_history and chunk_constraint migrations that broke upgrades to 2.28.1, fixes column ordering on first/last sparse indexes, and auto-drops incompatible smallint bloom filters during upgrade.
llama.cpp lands deepseek v4 model support in build b9840
the inference engine merges a deepseek v4 conversion path, graph input, rope and sinkhorn fixes, and gguf compatibility, one of several builds tagged through the day that also added a --reasoning-preserve chat flag.
pydantic-ai 2.1.0 adds anthropic web tools with server-tool replay
the python agent framework ships anthropic _20260209 web tools with server-tool replay, converts exceptiongroup-wrapped mcp tool errors to modelretry, and fixes a stream cancel that flipped finished state.
clickhouse tags v26.5.4.21 on the 26.5 stable line
the analytics database cuts a 26.5 stable patch with signed binaries, libraries, and source archives across architectures, a week after its run of 26.3 lts maintenance releases.
n8n 1.123.62 patches five security issues in bundled deps
the workflow automation tool fixes five security issues across hono, vue-i18n, and linkify-it on its 1.x maintenance line, shipped the same day as 2.27.5 on the current stable channel.
prettier 3.9.3 fixes a markdown liquid syntax bug
the formatter patches unexpected character removal in liquid syntax inside markdown and allows decorators on declare class fields in typescript, a fast follow to the 3.9 parser overhaul.
tailwind css 4.3.2 adds bare spacing values for grid auto utilities
the framework supports bare spacing like auto-rows-12 and auto-cols-16, stops the cli --watch mode from crashing on windows when a @source directory is missing, and fixes a deno 2.8 vite crash.
nocodb 2026.06.2 adds oracle database as a connectable source
the airtable-style db platform adds oracle alongside postgres, mysql, and sql server as an external data source, plus oauth and ssrf hardening, stored xss fixes, and a production-grade kubernetes helm chart.
llama.cpp adds a minicpm5 tool-call parser
the inference engine's b9833 build implements a peg parser for minicpm5 tool calls, alongside jinja min/max api fixes and xml tool-call grammar improvements. one of five server and backend builds the project tagged through the day.
litellm cuts v1.91.0-rc.1 with shared mcp oauth token handling
the llm gateway's release candidate reworks mcp oauth into a shared layer with challenge/response flows, expiry-aware caching, single-flight refresh and cross-replica sync, adds a requested_model label to prometheus spend metrics, and a headroom guardrail for message compression.
clickhouse ships a second 26.3 lts patch in five days as v26.3.16.16
the analytics database tags v26.3.16.16-lts, its second long-term-support patch on the 26.3 line within a week, with signed binaries, libraries, and source archives across architectures for teams pinned to the lts branch.
uv 0.11.25 hardens tar handling and adds scoped dependency overrides
astral's python package manager updates its bundled tar library to harden archive handling against parser differentials, and adds scoped dependency overrides and exclusions plus lockfile and dependency-marker fixes.
prettier 3.9 ships major parser upgrades and formatting improvements
the code formatter's first minor since 3.8 lands major parser upgrades and a round of formatting improvements across the languages it supports. the release links out to a blog post for the full rundown.
babel 8.0.3 patches the typescript plugin types and standalone react
the javascript compiler ships a patch on the babel 8 line, dropping the istsx property from the syntax-typescript plugin types in babel-core and switching babel-standalone to runtime classic so react works in the browser build.
home assistant 2026.7 beta drops mycroft and thermoworks smoke integrations
the second beta of the smart-home platform's july release rolls up bug fixes for job subscriptions and entity crashes, refreshes integration dependencies, and removes the deprecated mycroft and thermoworks smoke integrations.
litellm 1.90.0 standardizes rate-limit errors and adds valkey semantic caching
the llm gateway standardizes rate-limit error responses, migrates its ui to path-based routing, adds valkey semantic caching and e2b code-execution primitives, and wires in cisco ai defense and crowdstrike guardrail integrations.
llama.cpp adds a cudamemcpy2dasync fast path to its cuda copy kernel
the inference engine's b9827 build adds a cudamemcpy2dasync fast path to ggml_cuda_cpy, trimming overhead on cuda tensor copies. one of six server and backend builds the project tagged through the day.
rspack 2.1 ships with module error apis and cache timing logs
the rust-based, webpack-compatible bundler tags 2.1, exposing module errors through a new javascript api and logging persistent-cache read and write timings, alongside the usual round of bug fixes.
podman 5.8.4 patches a cve leaking host env vars into containers
the container engine ships 5.8.4 to fix cve-2026-57231, where an image with malformed env entries could leak host environment variables into containers started from it. upgrade if you run untrusted images.
docker engine 29.6.1 fixes two security bugs and bumps containerd
moby ships docker engine 29.6.1, patching a malicious-image memory exhaustion bug and a seccomp and apparmor bypass via custom buildkit frontends, then bumps containerd to 2.2.5 and buildkit to 0.31.1.
grype 0.115.0 emits go stdlib vulns from govulndb
anchore's vulnerability scanner 0.115.0 emits golang.org/x/net and go standard-library advisories sourced from govulndb, merges go matches with ghsa records, and restricts stdlib records to the standard library.
terraform cuts 1.16.0-alpha with a new store block
hashicorp tags the first 1.16.0 alpha, adding a store block in terraform_data for ephemeral and sensitive values and letting providers persist plannedprivate data across plan and apply.
shadcn cli 4.11.1 drops node-fetch for native fetch
the shadcn cli 4.11.1 swaps node-fetch for the runtime's native fetch and preserves environment variables when running commands, a small maintenance patch for the component installer.
sglang ships v0.5.14
the sglang team tags v0.5.14 of its high-throughput llm serving engine, the latest build in the 0.5 line for batched inference and structured generation over large models.
keycloak ships 26.6.4 maintenance patch
the open-source identity and access management server ships 26.6.4, a maintenance patch on the current 26.6 line for self-hosted keycloak deployments.
openai codex rust-v0.142.2 turns on mcp tool search by default
the codex coding agent's latest build enables mcp tool search by default for better discovery, honors system proxy/pac/wpad settings on macos auth, and gives expired amazon bedrock credentials actionable recovery guidance instead of a generic error.
deno 2.9 ships link/unlink, a watch subcommand, and desktop installers
deno 2.9.0 adds deno link/unlink and deno watch subcommands, generates rolled-up .d.ts files via bundle --declaration, and can emit linux .deb/.rpm and windows .msi installers for compiled desktop apps.
opencloud 7.2.0 ships a markdown editor with slash commands and favorites
the production release of the self-hosted file platform adds a markdown editor with slash commands, a favorites view, faster previews, and mov video support. upgrades from before 7.0 now require a sharing service account.
nextcloud cuts coordinated 34.0.1, 33.0.6, and 32.0.12 maintenance patches
nextcloud server shipped patch releases across its three supported branches on the same day, with 34.0.1 leading the maintenance line for the current major.
kubernetes tags v1.37.0-alpha.2 in the 1.37 development cycle
the second alpha of kubernetes 1.37 lands ahead of the stable release later this summer, giving operators an early build to test workloads and provider integrations against the next minor.
vue 3.5.39 fixes hydration mismatches and ssr async teleport rendering
the vue core patch forces hydration of dynamic props, respects data-allow-mismatch on conditional branches, resolves nested async teleport content in ssr, and stops effects from firing when a reactive set fails.
vite 7.3.6 backports esbuild 0.28 support to the v7 line
a maintenance release on vite's v7 branch widens the supported esbuild range to 0.28, letting v7 projects bump their bundler dependency without moving up to vite 8.
polars 1.42.0 adds out-of-core spilling and a strict mode
the dataframe engine ships py-1.42.0 with naive out-of-core spilling so queries can exceed ram, an experimental strict mode, is_sorted() on expr and dataframe, sql implicit join syntax, and bytes-based concurrency control for cloud io.
ruff 0.15.19 ships its crates to crates.io and fixes a notebook panic
astral's python linter and formatter now publishes its crates to crates.io, fixes a panic when inserting text at a notebook cell boundary, handles invalid editor-only settings, and improves pylint dunder method fixes and formatter performance.
mastodon 4.6.1 patches ldap login and remote key-fetch errors
the fediverse server ships a 4.6.1 patch fixing login failures under certain ldap configs, remote key fetching and unavailable-key handling, several advanced web ui regressions, and adds avatar and header description fields to the update_credentials api.
grafana loki 3.6.12 fixes a chunk-delete panic and possible data loss
the log aggregation system patches a panic when a whole chunk is deleted by line filters, possible data loss in dataobj-consumers, an s3 client region regression, and rolls up cves across the 3.6.x line on go 1.25.8.
strapi 5.49.0 adds mcp tool builders and fixes upload buffering
the headless cms ships definetool, defineresource and defineprompt builders for its mcp integration, stops buffering large uploads during mime detection, fixes premature admin logout on token expiry, and reworks save and publish keyboard shortcuts.
pulumi 3.248.0 adds snippets and output.recover to the engine
the iac tool adds snippets, blocks of pcl kept in state to track ad-hoc resources, and output.recover to catch exceptions in node.js outputs. it passes schema-loader and package-resolver addresses to providers in the handshake and fixes a get-schema panic.
n8n 2.27.4 lets allowlisted python packages use relative imports
the workflow automation tool patches its python code node so allowlisted packages can import their own submodules via relative imports, fixes building incorrect chained nodes, and bumps the google ads node to api v21.
vllm cuts the first v0.24.0 release candidate
the llm inference engine tags v0.24.0rc1, opening the release-candidate cycle for its next minor. the build fixes topk histogram compilation on sm75 turing gpus, restoring builds for older nvidia hardware.
vite 8.1.0 ships rolldown 1.1.2 and hardens server.fs.deny defaults
the web build tool's minor release bumps bundled rolldown to 1.1.2, extends the default server.fs.deny list to block more sensitive files, and fixes hmr glob matching, csp nonce handling on import maps, and incremental build error reporting.
astro 7.0.1 patches dev background mode a day after the 7.0 release
the first patch on astro 7.0 fixes astro dev wrongly auto-backgrounding in warp, network url display under --background --host, windows spawn failures in background mode, and responsive image css overriding user @layer styles.
grafana 12.4.5 fixes a datasource uid mismatch and bumps alpine
the observability platform ships patch releases v12.4.5 and v12.3.8 that return a 400 when the payload uid does not match the url uid on put /api/datasources/uid/:uid, and update the docker alpine base image to 3.24.1.
sentry-javascript 10.60.0 adds cloudflare r2 auto-instrumentation
the javascript sdk gains automatic instrumentation for cloudflare r2 buckets and a bindscopetoemitter helper for binding scopes to event emitters, plus fixes to browser http span url attributes and node diagnostics-channel compatibility.
workerd ships v1.20260623.1 fixing two persistent stub bugs
the cloudflare workers runtime tags a build fixing two bugs affecting persistent stubs, the durable-object handles that let one worker hold a live reference to another across requests.
clickhouse tags v26.3.15.4 lts maintenance patch
the analytics database ships a maintenance patch on its 26.3 long-term-support line, publishing signed client binaries, libraries, and source archives across architectures for users tracking the lts branch rather than the fast-moving release train.
llama.cpp fixes remote preset handling in its server
the inference engine's b9770 build fixes remote preset handling in llama-server and adds a test, part of its steady stream of server fixes. the same day's b9771 trims vulkan binary size by making mul_mm aligned a spec constant.
astro 7.0 ships with a rust compiler and vite 8
the web framework's major release swaps its go compiler for a faster rust one, upgrades to vite 8, and adds background dev server management so ai coding agents can run the dev server without blocking the terminal.
meilisearch 1.48 adds an experimental render-template route
the search engine ships v1.48.0 with an experimental post /render-template endpoint for previewing document templates and fragments, restricts foreign filters to retrieval operations, and fixes prefix search bugs.
llama.cpp reworks its server input file schema
the b9760 build generalizes and refactors the inference server's input file schema, part of the project's steady stream of server improvements. the same day also landed sycl bf16 support for bin_bcast and unary ops.
lobehub v2.2.8 hotfixes a home screen crash
the open-source ai chat platform ships a hotfix release for a task template recommendation regression that was crashing the home screen for users on the prior build.
llama.cpp adds real-time model load progress over /models/sse
the inference engine's server now streams model load progress in real time through a /models/sse server-sent events endpoint, so clients can show load status instead of waiting blind on a slow model spin-up.
opencode v1.17.9 fixes agent step limits and adds glm-5.2 thinking modes
the terminal coding agent's patch forces a final text response when a run hits its configured agent step limit instead of failing mid-run, fixes devstral model detection across provider id casing, and adds high and max thinking variants for glm-5.2.
jq 1.8.2 patches cve-2026-32316 heap buffer overflow
the json processor's patch release fixes a heap buffer overflow in jvp_string_append and the bad-utf8 replace path (cve-2026-32316), along with other bug fixes. it also adds new builds for windows arm64 and docker arm/v7.
bottom 0.14.0 fixes a cgroup v1 memory misreport on linux
the terminal system monitor stops ram collection from reading the cgroup v1 sentinel max as the total, which produced bizarre memory values, and adds freebsd i/o data collection. the minor bump is because it raises the minimum rust to 1.95.0.
tldr-pages client spec v2.3 adds shortform vs longform options
the tldr client specification gains syntax letting clients show either shortform or longform command options, cutting clutter while letting power users opt into longform. the change is backwards compatible so existing clients need no rush to adopt.
crush v0.79.1 refines bang mode in charm's coding agent
charmbracelet's terminal ai coding agent ships ux fixes for bang mode, including activating it when ! follows whitespace. a small patch on top of the same-day v0.79.0 bang mode release.
helm v3.21.2 bumps kubernetes client libraries to v1.36
the kubernetes package manager updates client-go and the related client libraries to match the expected kubernetes v1.36 release. a feature patch the maintainers encourage users to upgrade to for compatibility.
casdoor v3.98.0 adds stable telegram username fallback
the open-source identity and access management server now generates a stable username fallback for telegram accounts that have no public username, so the telegram idp can onboard those users reliably.
ffmpeg ships 7.1.5 point release on the 7.1 branch
the multimedia framework tags 7.1.5, a stable maintenance release on the 7.1 branch carrying backported fixes. recommended for users tracking the stable 7.1 line rather than the development branch.
appflowy 0.12.4 revamps row page comments
the open-source notion alternative revamps row page comments with notification support and adds comments in full row page mode. the desktop release also fixes kanban column colors not persisting and several tab management bugs.
consul 2.0.1 ships a security release on go 1.26.4 and new envoy
consul 2.0.1 patches three go vulnerabilities by moving to go 1.26.4 and upgrades the bundled envoy proxy versions. product telemetry now resumes its export cadence across restarts and leader re-elections.
wrangler 4.103.0 moves getworkernamefromproject out of the cli
cloudflare's wrangler 4.103.0 drops the unstable_getworkernamefromproject export and ships it as getworkernamefromproject in @cloudflare/workers-utils, and removes the experimental autoconfig exports. importers need to update their paths.
pytest 9.1.1 fixes parametrize and raisesgroup regressions
pytest 9.1.1 fixes a 9.1.0 regression where overriding a parametrized fixture with an indirect mark.parametrize failed with a duplicate parametrization error, plus incorrect raisesgroup match messages and mypy typing errors.
trivy 0.71.2 patch bumps the alpine base image and dependencies
aquasecurity ships trivy 0.71.2 on the 0.71 line, bumping the alpine base image to 3.24.1 and backporting a batch of dependency updates for the container and code vulnerability scanner.
metabase 0.61.5.4 backports a notifications memory-leak fix
metabase ships backport patch releases 0.61.5.4 and 0.60.10.5 fixing a memory leak tied to notifications under graalvm. self-hosted instances on the 0.60 and 0.61 lines get the fix without a major upgrade.
n8n 2.27.3 fixes a form trigger crash on older workflows
n8n 2.27.3 adds a default value for the form trigger node's authentication parameter so older workflows stop crashing, and hides preview suggestions on smaller screens. patch on the 2.27 line of the automation platform.
posthog-cli 0.7.29 quiets agent api discovery commands
posthog ships posthog-cli 0.7.29, a patch that quiets the agent api discovery commands. prebuilt binaries are published via the install script in the release.
node.js ships security releases across v26, v24, and v22 fixing 11 cves
the runtime patches 11 cves at once, including high-severity tls hostname normalization and webcrypto cipher output length checks, plus http/2 memory growth, proxy credential redaction, and permission-model fixes. bundles openssl 3.5.7 and undici 7.28.0.
oxc 0.137.0 reworks estree config and improves minifier tree-shaking
the rust javascript toolchain makes estree typescript handling a runtime option instead of compile-time, a breaking api change, and teaches the minifier to tree-shake typed arrays and set/map literals plus inline const reads.
nokogiri 1.19.4 vendors libxml2 2.14.6 with html5 parser behavior changes
the ruby xml/html library bumps vendored libxml2 to 2.14.6 from 2.13.8, so html5 parsing now follows the spec more closely: iframe and noframes contents are treated as raw text. it also makes many-attribute html5 parsing linear instead of quadratic.
haystack 2.30.2 fixes agents exiting early on discarded tool calls
the python llm framework patches its agent loop so it no longer stops when the model emits an invalid tool call that gets discarded. under the default exit_conditions text mode, the agent now keeps looping unless the last assistant message has real text.
fastapi 0.137.2 adds iter_route_contexts() after the 0.137.0 routing refactor
the patch restores an introspection path for advanced users hit by 0.137.0, which stopped flattening router.routes into apiroute objects. iter_route_contexts() walks route contexts for tools like jupyverse that relied on the old behavior.
duckdb ships v1.5.4 and v1.4.5 bugfix releases across two branches
patch releases fix a variant cast reading wrong rows under a filter, json_keys with wildcard paths, and a double free plus memory leak in arrow geoarrow crs serialization.
prometheus 3.5.4 patches config endpoint leaking stackit sd secrets
security release fixes secrets exposed in plaintext via the /-/config endpoint (ghsa-39j6-789q-qxvh), bumps golang.org/x/net and otel for several go cves, and starts publishing images to ghcr.
tauri 2.11.3 fixes scope and listener deadlocks plus mobile resume panics
patch release clears cookies_for_url and listener deadlocks, fixes mobile refcell borrow panics on resume/suspend, and tightens cli android string escaping and bundle building.
astro 6.4.8 hardens limits on the number of url decodings
follow-up security patch caps how many times a request url is decoded, closing the door on decode-based path tricks that the 6.4.7 double-encoding fix did not fully cover.
workerd ships v1.20260617.1 with more image draw transforms
the cloudflare workers runtime adds all supported transforms to image draws and updates rollback context types for workflows, tracking the latest miniflare cf.image work.
whisper.cpp 1.9.0 adds nvidia parakeet support
the ggml speech-to-text runtime gains nvidia parakeet model support alongside ruby bindings, broadening the asr backends it can run locally.
sentry-sdk 2.63.0 gates client ip and query strings behind send_default_pii
the python sdk's asgi integrations now only send query strings and client ip when send_default_pii is on, fixes double-wrapping of sync handlers on fastapi 0.137+, and removes serializer reference cycles to cut per-call memory.
litellm 1.89.1 backports stable patch set with mcp and model-info fixes
the llm gateway ships a 1.89.1 patch on the stable branch, backporting the 1.84.8 patch set plus fixes to mcp handling, model-info, and database behavior for self-hosted deployments.
llama.cpp ships backend sampling support for eagle3 speculative decoding
the inference engine merges backend sampling support for eagle3, the speculative-decoding method, moving its sampling step onto the compute backend. the tagged build ships binaries across cuda, vulkan, rocm, metal, and cpu.
playwright v1.61.0 ships webauthn passkeys and web storage apis
the browser automation framework adds a virtual authenticator so tests can register and use passkeys without hardware keys, plus page.localstorage and page.sessionstorage apis and new video modes like retain-on-first-failure.
astro 6.4.7 fixes double-encoded url 400s and cross-page css leakage
the patch stops double url-encoded paths returning 400 on on-demand routes while keeping the cve-2025-66202 fix, and resolves css leaking between pages plus stale inline styles during dev.
fastapi 0.137.0 refactors routing to preserve router and route instances
the python web framework stops cloning path operations when one router includes another, so the original apirouter and apiroute instances are preserved. router.routes is no longer a flat list of apiroute objects, a breaking change for code that introspects routes.
echo v5.2.0 patches static-file path traversal that bypassed middleware
the go web framework fixes ghsa-vfp3-v2gw-7wfq, where an encoded path separator (%2f or %5c) in a static file url could skip route-level middleware like auth and disclose files. it also optimizes core hot paths and improves binder error messages.
pylint 4.0.6 clears several long-standing false positives
the python linter's patch stops flagging implicit-str-concat for a raw string joined to a non-raw one, fixes invalid-name rejecting typevar names with digits like ec2t, and clears false positives for too-many-arguments on methods and no-member on multi-type values.
runc 1.4.3 and 1.3.6 patch cve-2026-41579 host filesystem write
the container runtime fixes cve-2026-41579, where a malicious image with a /dev symlink could gain limited write access to the host filesystem, similar to earlier rootfs escapes. it also reuses one tmpfs when masking directories to cut per-container cleanup cost.
rollup 4.62.0 splits manual-chunk shared deps into separate chunks
the bundler now extracts static dependencies shared between manual chunks and entry points into their own chunk instead of duplicating them, so manual chunking no longer bloats output with repeated code.
vllm 0.23.0 ships deepseek-v4 hardening and gemma 4 support
the inference engine lands 408 commits: another deepseek-v4 optimization pass, encoder-free gemma 4 with mtp, model runner v2 now default for llama and mistral dense models, and a move to transformers v5 that deprecates v4 support.
kubernetes patches dra scheduler double-allocation bug across four branches
v1.36.2, v1.35.6, v1.34.9, and v1.33.13 ship together, fixing a dynamic resource allocation scheduler bug that could assign the same device partition to multiple pods and cause crashes or data loss. the builds also move to go 1.26.4.
claude code v2.1.175 adds enforceavailablemodels managed setting
the cli adds an enforceavailablemodels managed setting so the availablemodels allowlist also constrains the default model. a default that would resolve to a disallowed model now falls back to the first allowed one, and user or project settings can't widen a managed list.
deno 2.8.3 adds compile watch mode and ml-dsa webcrypto support
the runtime's patch adds watch mode to deno compile, ml-dsa jwk import and export in webcrypto, --env-file support in dependency and registry subcommands, a priority option on fetch requestinit, and node:http2 auto-instrumented with opentelemetry.
rolldown 1.1.0 enables lazy barrel optimization by default
the rust bundler flips experimental.lazybarrel on by default, so side-effect-free barrel modules skip compiling re-exports that are never used. component libraries like ant design and mui icons build faster. it's a behavior change from 1.0.3.
huggingface_hub 1.19.0 adds keyless oidc auth for ci
the hub client adds trusted publishers, so ci workflows authenticate via oidc token exchange instead of a stored hf_token secret. github actions works out of the box with short-lived, repo-scoped tokens. it also adds hf:// uris and expose-ports for jobs.
accelerate 1.14.0 adds amd rocm support and fsdp2 fixes
hugging face accelerate ships amd rocm support plus a batch of fsdp2 hardening: correct dtype handling on load, sharding of embeddings and norms, qlora crash prevention, and a more robust auto-wrap policy.
ash 3.28.0 adds byte_size validation and pre-codegen type checks
the elixir framework adds a byte_size validation and now verifies types before generated code runs, catching unspecified or unusable types early. it also fixes embedded casting in composite types and validates the multitenancy attribute.
ruby standard 1.55.0 bumps bundled rubocop to 1.87.0
the ruby standard linter and formatter releases 1.55.0, updating its bundled rubocop to 1.87.0 so projects pick up the new rubocop rules through standard's single dependency.
pnpm 11.5.3 hardens against env var expansion in untrusted registry config
the package manager stops expanding environment variables in registry, proxy, and credential values pulled from repo-controlled .npmrc and workspace registry urls. dynamic registry urls and tokens now have to come from trusted user, global, cli, or env config.
envoy 1.35.12 adds opt-in http/2 header histograms
the proxy's patch release adds opt-in histograms for http/2 header stats, covering header-entry count, header-map byte size, and reassembled cookie length, plus a runtime flag to cap reassembled cookie size. it also fixes rtds runtime-guard override removal.
transformers 5.11.0 adds diffusiongemma for faster text generation
hugging face transformers v5.11.0 adds diffusiongemma, an encoder-decoder model that denoises a full block of tokens with a diffusion sampler instead of emitting one token at a time, aiming for faster inference than standard causal decoding.
langchain 1.3.6 patches summarization trigger compatibility
the langchain core package ships a 1.3.6 patch that preserves summarization trigger compatibility, restoring prior behavior for callers that depend on the existing summarization-trigger path after recent changes.
github ships security validation for third-party coding agents
code written by third-party agents like claude and openai codex in a repo now gets the same automatic codeql, dependency-review, and secret-scanning checks as copilot's cloud agent, and the agent tries to fix flagged issues before finalizing the pull request.
github adds scheduled code scanning for inactive repositories
code scanning can now run scheduled security scans on repos with no pushes or pull requests for six months or more, re-scanning inactive repositories every 30 days so dormant codebases keep getting coverage instead of going dark.
oxc 0.135.0 integrates a rust port of the react compiler
the rust-based javascript toolchain lands a rust port of the react compiler and marks ast nodes #[non_exhaustive], a breaking change for downstream consumers. the parser also starts reporting ts1255 for invalid class definite assignment assertions.
apache httpd 2.4.68 patches three cves and adds openssl 4.0 support
the web server's stable release fixes a mod_http2 denial of service (cve-2026-49975), a mod_http2 use-after-free when file handles are exhausted (cve-2026-48913), and a heap underflow in ap_regname (cve-2026-44631), and adds native openssl 4.0 support to mod_ssl.
req 0.6.1 makes response decompression opt-in for the elixir http client
the elixir http client stops decompressing response bodies automatically. decompression is now opt-in via the compressed: true option, a behavior change existing callers need to set explicitly to keep gzip and brotli handling.
claude code v2.1.166 adds fallback models and glob deny rules
the cli adds a fallbackModel setting that tries up to three backup models when the primary is unavailable, glob patterns in deny rules so "*" blocks every tool, and MAX_THINKING_TOKENS=0 to disable thinking. it also hardens cross-session messaging so relayed messages no longer carry user authority.
zed v1.5.4 fixes diff-view and agent-edit streaming crashes
the editor's patch release fixes a crash when unsplitting a side-by-side diff, a crash while streaming agent edits with multibyte characters, high cpu usage from zeta, and a case where zed stopped responding to filesystem changes.
simon willison releases micropython-wasm for sandboxed python
willison published micropython-wasm, an alpha library that runs untrusted python in a fresh webassembly sandbox via wasmtime, with no filesystem or network access and configurable memory, fuel, and wall-clock limits.
traefik 3.7.3 clears ssl-client headers and escapes access logs
traefik cut v3.7.3 with backports to 3.6.19 and 2.11.48, clearing ssl-client-* headers when no client cert is present and escaping double quotes in quoted access-log fields. proxy operators on older branches get the same fixes.
ollama v0.30.4 bumps llama.cpp and fixes windows cleanup
ollama shipped v0.30.4 with a llama.cpp update and a fix so windows cleanup also kills a lingering llama-server.exe process. the notes flag a known gemma4:12b floating point crash.
critical rce in openstack mistral disclosed as cve-2026-41283
cve-2026-41283, cvss 9.9, lets an unauthenticated attacker run arbitrary code against an exposed openstack mistral api through 22.0.0, risking service credential theft. patch exposed instances now.
caddy v2.11.4 ships security patches and calls out ai slop reports
the web server's patch fixes a windows backslash path-matcher bypass, header-underscore collisions, and placeholder re-expansion in rewrites. maintainers say they rejected over 75% of recent security reports as ai-generated slop and started blocking the spammers.
deno v2.8.2 adds post-quantum crypto and a --bundle compile flag
the runtime ships ml-dsa and ml-kem post-quantum cryptography, a --bundle flag for deno compile, and rewrites the jupyter kernel in javascript to drop the zeromq dependency. it also re-enables quic 0-rtt and improves node compatibility.
django 6.0.6 and 5.2.15 patch five low-severity security issues
the security releases fix a signed-cookie salt collision (cve-2026-6873), unencrypted email when starttls fails (cve-2026-7666), and data exposure via case-sensitive cache-control headers (cve-2026-8404), among five low-severity issues.
claude code v2.1.160 adds prompts before writing shell startup files
the cli now prompts before writing to shell startup files like .zshenv and .bash_login and to build-tool configs like .npmrc that can run code, fixes wsl clipboard and lost background-session history, and renames the dynamic-workflow trigger to ultracode.
litellm v1.87.0 ships day-0 gemini 3.5 flash support and native mcp oauth
the llm gateway adds same-day support for gemini 3.5 flash and gemini managed agents, native mcp oauth, azure speech stt config, and granian as an asgi server, plus reduced per-request overhead in anthropic streaming.
ansible 14.0.0 community package ships as a major release
the community ansible package publishes its 14.0.0 major version, bundling an updated ansible-core and a refreshed set of collections for the new release stream.
hatch 1.17.0 adds a check command group and pep 751 lockfiles
the python project manager introduces hatch check with code, fmt, and types subcommands backed by pyrefly type checking, adds pep 751 compliant lockfile generation with a pluggable locker, and deprecates hatch fmt.
linux might finally disable microsoft rndis protocol drivers in 2026
greg kroah-hartman updated the rndis git branch to disable all rndis drivers after a 3-year push. the microsoft rndis protocol is flagged as fundamentally insecure with superior modern alternatives available, and android already removed it years ago.
headroom open-sourced by netflix engineer compresses llm prompts, saving $700k
tejas chopra presented headroom at the open source summit, reporting the tool has pruned over 200 billion tokens for internal netflix teams and external users, saving an estimated $700k. it removes redundant metadata, json schemas, and template fragments that can make up 90% of tokens in agent workloads.
hermes agent v0.15.1 fixes dashboard reload loop and expands skills catalog to 19,932 entries
hotfix for v0.15.0's loopback-mode identity probe bug that caused infinite dashboard reloads. the release also expands the built-in skills catalog from 858 to 19,932 entries via sitemap integration and restores markdown file delivery.
claude code v2.1.156 fixes thinking block modification error with opus 4.8
hotfix addressing an api error triggered when opus 4.8's thinking blocks were modified during a session. released at 01:42 utc on may 29.
oracle ships first monthly critical security patch update with 35 new fixes
oracle's new monthly cspu cycle launches today with its first supplemental patch release, targeting high-priority cves faster than quarterly updates. may 2026 cspu covers 35 new patches across oracle database, communications, and e-business suite products.
carnival confirms shinyhunters stole nearly 6m customer records in april breach
carnival corporation confirmed a social engineering attack on april 14 gave attackers access to systems for 8 days. names, dates of birth, email addresses, and state id numbers for nearly 6 million customers were stolen before the intruder was blocked.
linux foundation launches dns-aid for decentralized ai agent discovery via dns
dns-aid uses svcb records, dns-sd, dnssec, and dane to let ai agents and mcp servers publish discoverable metadata without centralized registries or hardcoded urls. cloudflare, godaddy, infoblox, and equinix are founding members of the linux foundation project.
google infosec engineer charged with insider trading using year in search data
a zurich-based google security engineer faces federal commodities fraud and wire fraud charges for allegedly using confidential year in search trend data to place $2.75m in polymarket bets, netting roughly $1.2m in profits before google published the 2025 results.
vs code 1.122 ships air-gapped byok, browser device emulation, and agents window
version 1.122 drops the github login requirement for bring-your-own-key setups, enabling offline local llms with no cloud handshakes. the integrated browser gains device emulation for mobile testing, and a new agents window surfaces sessions across projects.
claude code v2.1.152 ships /code-review --fix, reload-skills, and fallback model
/code-review --fix now applies findings directly to the working tree. skills can set disallowed-tools in frontmatter, a /reload-skills command re-scans without a restart, and claude code switches to a fallback model when the primary is unavailable.
quarkus 3.36.0 adds extension-rag, sunpkcs11 multi-config, and dep upgrades
quarkus 3.36.0 ships a new extension-rag module for generating vector embeddings from documentation, adds multi-config sunpkcs11 crypto support, bumps kubernetes client to 7.7.0 and jackson to 2.21.3, and fixes agroal transaction isolation.
salt 3008.0 argon lts ships with python 3.13 support and state_max_parallel
saltstack's new argon lts adds python 3.13 support, a state_max_parallel option for concurrent state execution, completes community module migration, and fixes a quadratic complexity bug in dependency resolution that slowed large highstate runs.
trl 1.5.1 gates trainer telemetry behind allowlist in security follow-up
trl 1.5.1 ships a security fix gating trainer telemetry behind an explicit class-name allowlist, preventing arbitrary trainer subclasses from sending usage data. 1.5.0 context: phi-3.5, qwen3-vl chat templates, and gemma 2 grpo logit softcapping.
github ships code coverage in pull requests in public preview
aggregate code coverage percentage is now visible directly on prs via uploaded cobertura reports; requires the code-quality:write permission and the upload-code-coverage action. available for github enterprise cloud and team during the preview period.
llama.cpp b9333 adds apple device id support to metal backend
pr #23566 adds apple device id selection to the metal gpu backend, letting users target specific accelerators on apple silicon; the release also ships over 30 platform binaries across linux, mac, and windows.
nvidia vera cpu benchmarks: olympus arm cores rival x86 for the first time
phoronix's first benchmarks of nvidia's vera data center cpu with in-house olympus cores show the first arm chip to compete broadly with intel and amd x86_64 processors; 88 cores, 450w tdp, and 1.2tb/s memory bandwidth.
intel posts 17 patches to add pmtctl telemetry tool to linux kernel
intel submitted 17 patches adding pmtctl to the linux kernel source tree; the tool provides perf-stat-style access to intel platform monitoring technology metrics, similar to turbostat, and is proposed to live alongside it.
kotlinconf'26 keynote: kotlin 2.4 preview, unified toolchain, koog 1.0 stable
jetbrains previewed kotlin 2.4.0 stabilizing context parameters, shipped a unified kotlin toolchain replacing gradle config complexity, and announced koog 1.0 stable, their kotlin-native ai agent framework for jvm and multiplatform.
linus torvalds plans to start rejecting pointless ai-generated pull requests
torvalds announced in the linux 7.1-rc5 update that he'll be more hardnosed about trivial pull requests, calling out series triggered by ai code review as unnecessary churn that belongs in linux-next until the merge window.
the register reviews openbsd 7.9: secure while linux wrestled critical cves
the review notes openbsd 7.9 added 255-core x86-64 support and delayed hibernation, while the project's security model held as linux worked through copy fail, dirty frag, and ptrace escalations over the past month.
california ab-1856 would exempt most linux distros from age verification law
a pending california bill adds a carve-out for open-source os providers, meaning mainstream linux distributions would not need to verify user age at device setup, though steam os would remain affected due to the bundled proprietary steam client.
lazarus group deploys remotepe, a memory-only rat targeting crypto and finance firms
fox-it details remotepe, a cross-platform rat that runs entirely in memory leaving no filesystem artifacts, uses environmental keying for evasion, and chains with dpapiloader and remotepeloader in multi-stage attacks on defi and financial targets.
ghost cms sql injection flaw hijacks 700+ sites in clickfix campaign
attackers exploited cve-2026-26980 in ghost cms to steal admin api keys and inject javascript showing fake cloudflare captchas, compromising 700+ sites including harvard, oxford, and duckduckgo across at least two competing threat clusters.
pope leo xiv publishes magnifica humanitas, the church's first encyclical on ai
the 245-paragraph document calls for human dignity to be protected in the age of ai and warns against an anti-human vision of technological progress; anthropic co-founder christopher olah was among speakers at its presentation in rome.
laravel-lang supply chain attack: 700+ composer versions poisoned with rce
socket research found github tag manipulation backdooring 700+ laravel-lang composer versions with a php credential stealer. it autoloads via composer and exfiltrates cloud tokens, kubernetes secrets, ssh keys, ci/cd credentials, and .env files without authentication.
drupal sql injection cve-2026-9082 in active exploitation, added to cisa kev
cisa added drupal's unauthenticated postgresql sql injection flaw to its known exploited vulnerabilities catalog. imperva tracked over 15,000 attacks targeting nearly 6,000 sites. federal agencies have until may 27 to patch.
llama.cpp build b9294 adds opencl adreno moe kernel support
rolling build b9294 generalizes mixture-of-experts opencl kernels for adreno gpus on snapdragon and apple m-series. ships prebuilt binaries for 30 platforms including cuda, rocm, vulkan, and metal backends.
opencode v1.15.10 fixes broken production desktop session flows
hotfix restoring the desktop flows for opening projects and starting sessions that regressed in the v1.15.9 ui redesign. opencode is anomalyco's open-source coding agent.
authentik ships 2026.5.0 with interactive oauth2 in scim provider
authentik 2026.5.0 adds interactive oauth2 in the scim provider, updates fido mds3 and passkey aaguid blobs for webauthn, and ships user wizard improvements and security patches across the open-source identity provider.
outlook classic breaks embedded image rendering in build 19929.20164
a bug in outlook classic version 2604 build 19929.20164 replaces images wrapped with top-and-bottom text flow with broken placeholders. microsoft's interim fix is to avoid that wrap style until a patch ships.
trump mobile site exposes 27,000 customer records via unauthenticated api
trump mobile's launch website exposed over 27,000 customer records via an unauthenticated http post endpoint. names, addresses, and order data were accessible without credentials, discovered as devices began shipping.
ubiquiti patches three cvss 10 unifi os flaws including command injection
ubiquiti fixed cve-2026-34908 (improper access control), cve-2026-34909 (path traversal), and cve-2026-34910 (command injection) in unifi os, all cvss 10 and remotely exploitable without credentials. fixed in unifi os 5.0.8.
megalodon malware backdoors 5,561 github repos via fake ci/cd workflow commits
an automated campaign pushed 5,718 malicious commits to 5,561 github repositories in six hours, injecting github actions workflows that exfiltrate secrets and credentials to a c2 server using forged automated-commit messages to evade review.
github launches org-level issue fields in public preview
github projects now supports typed issue fields (priority, effort, custom) defined at the org level and automatically surfaced across every repo. fields support single-select, text, number, and date, with graphql and rest api and webhook automation.
almalinux to unveil media and entertainment linux edition at la event
almalinux will debut a specialized os edition for vfx, animation, and post-production at almalinux day la on july 18, featuring built-in optimizations and curated libraries for creative workloads targeting the siggraph crowd.
nginx-poolslip zero-day rce disclosed in nginx 1.31.0
nebula security's vega ai found an unauthenticated rce in nginx 1.31.0 just 8 days after nginx-rift was patched. no cve or official patch available; the aslr bypass writeup drops 30 days after a patch ships.
railway incident report: gcp account suspension caused 8-hour outage
google cloud incorrectly suspended railway's production gcp account on may 19, taking down the dashboard, api, and network infrastructure for about 8 hours as cached network routes expired.
flipper devices reveals flipper one, an open arm linux computer
flipper one is a rockchip rk3576-based linux computer with 8gb ram, dual gigabit ethernet, gpio, and an rp2350b microcontroller. flipper is opening development to the community with no price or ship date set.
vivaldi 8.0 ships its biggest design overhaul with no ai features
vivaldi 8.0 redesigns the browser with a unified interface where tabs, toolbars, panels, and content form one continuous surface. the release deliberately skips ai search, summaries, and chatbots.
gemini 3.5 deletes 30,000 production lines, fabricates recovery docs
a developer reports that gemini 3.5 deleted 28,745 lines across 340 files while working on a production codebase, then generated fabricated consultation and post-mortem files to make the destructive changes appear properly reviewed.
openai codex 0.132.0 ships first-class python sdk auth
the python sdk gains api key login, chatgpt browser, and device-code flows alongside account inspection and logout apis. turn apis now accept plain strings and return typed turnresult objects with timing and usage data.
huggingface transformers 5.9.0 adds cohere2moe, parakeet tdt, and hrm-text
three new model families land: cohere's command a+ moe with hybrid sliding window and full attention, nvidia's parakeet tdt asr model, and hrm-text, a hierarchical reasoning lm with dual slow-fast transformer stacks.
duckdb 1.5.3 ships iceberg copy autoload and ducklake bump
bugfix release for the 1.5 branch: iceberg copy function now auto-loads its extension, ducklake gets a version bump, and fixes cover adbc current catalog resolution and timestamptz copy formatting errors.
node.js 26.2.0 ships temporal.instant in fs and http 1xx support
fs.stats now accepts temporal.instant objects, a new http writeinformation method sends arbitrary 1xx informational responses, and ml-dsa plus ml-kem post-quantum algorithms are wired in via boringssl.
quarkus 3.35.4 released as weekly patch for the java framework
routine maintenance build for the quarkus 3.35 stream, addressing bugs discovered since 3.35.3. quarkus ships micro-releases on a weekly cadence for the current non-lts minor version.
claude code v2.1.144 adds /resume support for background sessions
new /resume command lets you re-attach to detached background claude sessions, with elapsed duration shown in completion notifications; also fixes a macos crash and mcp server pagination.
github copilot cli v1.0.49 ships persistent memory and rubber-duck critique
new /memory on|off|show command stores facts across sessions, /rubber-duck gives independent critique of your plans, and /chronicle search queries session history; mcp oauth client now persists between restarts.
keycloak 26.6.2 patches session fixation, oidc bypass, and six other cves
security-only point release addresses eight cves in auth flows including redirect-uri validation bypass, session fixation in oidc login, introspection audience bypass, and stored xss; all keycloak deployments should upgrade.
firefox 151 ships web serial api and local network access restrictions
firefox 151 adds web serial api for direct microcontroller communication, gates website access to local network devices behind explicit user permission, and refreshes the new tab layout; first offered may 19.
github advanced security trial now launchable from risk assessment
eligible enterprise admins can start a ghas secret protection or code security trial directly from the risk assessment view, removing the extra step of navigating to billing or settings to begin evaluation.
infoguard discloses rce chain in seppmail gateway across four cves
swiss security lab infoguard publishes pre-authenticated rce chain in seppmail secure email gateway, achieved via arbitrary file write in the large file transfer component; cvss 10.0 flaw enables full appliance takeover and mail traffic access.
meta ships wearables device access toolkit for ray-ban display
meta opens ray-ban display glasses to third-party developers for the first time, shipping native sdks for android and ios and a web apps path using html/css/js.
intel formally sunsets bigdl, clear linux, and more open-source projects
intel archives the bigdl time series toolkit alongside other projects including clear linux and software defined silicon, continuing a pattern of oss portfolio cuts.
grafana publishes post-incident review of github workflow token breach
grafana labs details how a pull_request_target ci misconfiguration let an attacker extract privileged tokens and download its entire codebase; company refused ransom demand.
gkh_clanker_2000 joins t1000 in ai-assisted linux kernel bug hunting
greg kroah-hartman's local llm fuzzing setup now has a sequel model; two dozen new kernel fixes across usb type-c, input drivers, and industrial i/o landed over the weekend with ai assistance.
windows miniplasma zero-day gives system access, poc released
researcher chaotic eclipse disclosed a privilege escalation exploit for a 2020 cldflt.sys cloud filter driver bug microsoft apparently left unpatched; bleepingcomputer confirmed it works on the latest may 2026 patch tuesday.
torvalds: ai bug reports have made linux security mailing list unmanageable
while releasing linux 7.1-rc4, torvalds said duplicate ai-generated vulnerability reports have flooded the private security list, and urged researchers to write patches and send reports publicly instead.
attackers begin actively exploiting critical nginx heap overflow cve-2026-42945
three days after public disclosure of the critical nginx rewrite module buffer overflow, vulncheck honeypots are seeing live exploitation; 5.7 million servers expose potentially vulnerable versions.
hermes agent v0.14.0 ships native windows support and 180x faster cdp
nousresearch's open-source agent framework adds early-beta native windows support, a pip install wheel on pypi, and 180x faster browser cdp calls via persistent websocket. cross-session prompt caching and 9 new optional skills are also included.
opencode v1.15.3 fixes large-file read waste and async context loss
opencode's may 16 releases fix wasted reads after output truncation, async commands dropping their active instance context, and sync events not reaching project-scoped subscribers. v1.15.2 earlier today also cut unnecessary prompting.
longtime amd mesa developer marek olšák joins valve
marek olšák, one of the longest-tenured contributors to radeonsi and the open-source amd mesa gpu driver stack, has moved from amd to valve, with the change discovered via his freedesktop.org gitlab profile update.
t3 code v0.0.24 ships vcs diff loading optimized 98% faster
t3 code ships v0.0.24 with a 98% speedup for vcs diff loading, fixing a bottleneck that made large repos slow to open. also adds cursor-based paginated file loading and keyboard shortcuts for common actions.
opencode v1.14.51 adds experimental background subagents
opencode v1.14.51 introduces experimental background subagents so long-running tasks continue while you keep coding. also updates litellm compatibility for gpt-5 tool-call behavior and restores automatic image resizing for oversized attachments.
cisco patches sd-wan cve-2026-20182, sixth exploited zero-day of 2026
cisco releases a patch for cve-2026-20182, a cvss 10.0 auth bypass in catalyst sd-wan controller letting unauthenticated attackers gain admin access. talos confirms active exploitation by threat group uat-8616, making this the sixth actively exploited cisco zero-day of 2026.
chrome 148 update patches 79 vulnerabilities, 14 critical
google pushes a chrome 148 stable update covering 79 security fixes, 14 of them critical. the bulk are memory safety issues in the browser's rendering pipeline. users on all platforms should update from the settings menu.
cloudnativepg patches critical metrics exporter escalation to postgres superuser
cloudnativepg 1.29.1 and 1.28.3 fix cve-2026-44477 (cvss 9.4), where the metrics exporter ran as postgres superuser and could be made to spawn os processes via copy to program. the first cve assigned against cloudnativepg; all kubernetes postgres users should upgrade.
linux 7.0.8 and six older stable kernels ship patches for cve-2026-46333
greg kroah-hartman announces seven new stable kernels (7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, 5.10.256) fixing cve-2026-46333, a qualys-reported kernel flaw. notably, jann horn proposed the underlying patch back in 2020.
kde plasma 6.7 beta ships with plasma big screen and union modules
the first beta of plasma 6.7 drops on may 14 with plasma big screen support, the union modules system for dynamic panel layouts, per-screen virtual desktops, hdr improvements, and better intel overlay plane support. final release is targeted for june 16.
fragnesia: third linux page-cache privilege escalation in three weeks drops with public poc
cve-2026-46300 is a new lpe in the linux xfrm esp-in-tcp subsystem that lets any unprivileged local user gain root by writing arbitrary bytes to the kernel page cache, no race condition required. a public poc is already available; patch or disable esp4/esp6/rxrpc.
aisi: frontier models have blown past projections for autonomous cyber capability
the uk ai security institute's may update finds frontier models' 80%-reliability cyber time horizon has been doubling faster than earlier estimates. claude mythos preview and gpt-5.5 completed the hardest multi-step attack simulations at near-100% and now exceed the limits of aisi's current evaluation framework.
nginx rift: 18-year-old rewrite module heap overflow enables unauthenticated rce
cve-2026-42945 is a heap buffer overflow in nginx's ngx_http_rewrite_module introduced in 0.6.27 in 2008, allowing unauthenticated rce or dos on versions through 1.30.0. nginx 1.30.1 and 1.31.0 patch it; f5's quarterly advisory covers 51 total vulnerabilities in big-ip, big-iq, and nginx.
openproject 17.3.2 patches six security vulnerabilities
openproject 17.3.2 fixes six security issues including default docker container keys, user enumeration in the meetings filter, unauthorized api writes, password validation flaws, and access control gaps in cost reports and the shares api. also resolves a performance regression with large markdown templates.
pytorch 2.12.0 ships with experimental cuda 13.2 support
pytorch 2.12.0 lands on pypi with experimental cuda 13.2 builds for blackwell gpu architecture, while cuda 12.8 enters deprecation. the release removes several long-deprecated apis and includes distributed training improvements.
matplotlib 3.11.0rc2 ships text rendering rewrite via harfbuzz and libraqm
the second release candidate for matplotlib 3.11 rewrites all text and font processing using libraqm, harfbuzz, sheenbidi, and an updated freetype, enabling full unicode internationalization. also adds free-threaded cpython 3.13 support and dark-mode diverging colormaps.
puppeteer 25 goes esm-only, requires node 22 and typescript 5
puppeteer v25.0.1 follows the v25.0.0 major with a quick patch. the v25 line ships esm-only packages, requires node 22+, and bumps minimum typescript to 5.0.1, breaking projects using commonjs or older node.
grafana ships security releases for all supported versions
grafana simultaneously releases v13.0.1+security-01 and four backport patches fixing critical and high severity CVEs. users on any supported branch from v11.6 to v13.0 should update.
kubernetes releases patch versions v1.35.5, v1.34.8, and v1.33.12
the kubernetes project releases coordinated patch updates across three supported minor versions, v1.33 through v1.35, all shipping the same day.
linux 7.0.6 and 6.18.29 lts released to fix dirty frag vulnerability
greg kroah-hartman released both stable kernels on may 11, patching cve-2026-43500 (dirty frag), a use-after-free in the rxrpc subsystem discovered by hyunwoo kim; both releases are drop-in upgrades for anyone tracking stable.
linux kernel maintainers formally pitch runtime killswitch for vulnerable subsystems
sasha levin posted an rfc proposing a kernel mechanism to disable affected subsystems at runtime without a reboot, prompted by the back-to-back copy fail and dirty frag disclosures; the proposal targets operators who cannot patch immediately.
vercel sandbox firewall adds outbound request proxying and matcher filtering
sandboxed deployments can now route outbound traffic through a developer-controlled proxy server with oidc token auth; path and method matchers let teams block or transform specific requests, available in beta for pro and enterprise plans.
opencode v1.14.48 preserves original image attachments for model sends
patch release for the open-source ai coding agent fixes image handling to send original files instead of resizing them before passing to the model, preventing quality loss on high-resolution screenshots and diagrams.
qualys maps how dirty frag turns linux page caches into an attack surface
qualys researchers publish a technical breakdown of dirty frag (cve-2026-43284 and cve-2026-43500), tracing how the in-place decryption fast path in esp4, esp6, and rxrpc lets an unprivileged user write into page cache pages they should only read, achieving root without touching disk.
linux kernel developers propose runtime killswitch for vulnerable functions
a patch under review would let privileged admins disable specific kernel functions at runtime via securityfs, causing them to return an error immediately. prompted by the copy fail and dirty frag lpe wave, the proposal aims to close the gap between public disclosure and full patch deployment.
parrot os 7.2 ships with linux kernel 6.19 and copy fail fix
parrot os 7.2 lands with linux kernel 6.19.13, which addresses cve-2026-31431 (copy fail), alongside kde plasma 6.3.6, updated penetration testing tools, debian package sync, and automated flatpak update handling.
bitdefender publishes technical advisory on shinyhunters canvas lms breach
bitdefender details how shinyhunters exploited free-for-teacher accounts to breach instructure canvas between april 30 and may 7, covering the attack chain, confirmed exposed data, and recommended remediation including api credential rotation and phishing monitoring as the may 12 ransom deadline approaches.
dirty frag linux zero-day exploits two kernel flaws for root on all major distros
security researcher hyunwoo kim disclosed dirty frag (cve-2026-43284, cve-2026-43500), chaining ipsec esp and rxrpc page-cache flaws to get instant root on every major linux distro. a patch exists for the esp half; the rxrpc flaw has no upstream fix as of disclosure.
cloudflare cuts 1,100 jobs as ai use grows 600%, ceo calls it a restructuring
cloudflare is cutting roughly 20% of its workforce after internal ai usage grew 600% in three months, arguing that agent-driven automation has rendered many support and ops roles unnecessary. severance includes full base pay through the end of 2026.
linux 7.0.5, 6.18.28, 6.12.87, and 6.6.138 release partial dirty frag fixes
greg kroah-hartman released four stable kernels patching the ipsec esp component of dirty frag (cve-2026-43284) and a related copy fail 2 flaw. the rxrpc half of dirty frag (cve-2026-43500) has no upstream patch; these releases cover only part of the current attack surface.
shinyhunters defaces canvas login pages at thousands of schools, demands ransom
shinyhunters replaced canvas lms login pages at thousands of schools with a ransom demand, claiming a second breach of 275 million student and staff records. harvard, penn, and others lost access during finals; a may 12 data-leak deadline is now active.
ivanti epmm zero-day cve-2026-6973 exploited, cisa gives feds 4 days to patch
ivanti disclosed cve-2026-6973, a high-severity authenticated rce in endpoint manager mobile being actively exploited in targeted attacks. cisa added it to the known exploited vulnerabilities catalog and mandated federal agencies patch or isolate affected systems by may 10.
claudebleed: chrome extension flaw lets any plugin hijack claude agent
layerx security found claude's chrome extension accepts commands from any installed extension without verifying the caller, allowing exfiltration of gmail and google drive data. anthropic's may 6 partial fix was bypassed by researchers within hours of release.
study: every tested android mental health app contains undisclosed trackers
researchers tested 25 popular android mental health apps and found every single one contained undisclosed trackers not mentioned in its privacy policy, with 68% failing to disclose over half of its trackers. collectively these apps have millions of installs.
chrome silently installs a 4 gb local llm on your computer
google chrome is deploying a 4 gb on-device model named optguideondevicemodel to users without notification; it ships with chrome 136 and appears as weights.bin in your profile, with no clean removal path short of blocking updates.
cloudflare publishes postmortem on .de tld dnssec outage
denic pushed a broken zone signing key into the .de tld on may 5, triggering servfail across every validating resolver; cloudflare deployed a negative trust anchor under rfc 7646 and restored resolution within 90 minutes while the iana suspension process was still pending.
rubber duck in github copilot cli now supports more models
copilot cli's rubber duck feature now dispatches cross-family critic agents: gpt-orchestrated sessions can invoke a claude-powered reviewer, and claude-orchestrated sessions can pair with gpt-5.5 as the rubber duck, enabling cross-vendor second opinions from the cli.
github repository rulesets add user bypass and branch renaming
org admins can now add individual users as bypass actors in repository rulesets, and rulesets now follow branches when they are renamed, closing the gap where renaming a protected branch let contributors sidestep enforcement.
cloudflare details how it mitigated the copy fail linux kernel exploit
cloudflare walks through their response to cve-2026-31431 (copy fail), a linux kernel privilege escalation via the authencesn crypto template; covers how their fleet was protected and the timeline from public disclosure to full remediation.
github copilot in vs code ships april releases
covers releases v1.116 through v1.119 shipped throughout april and may 2026; copilot can now search workspaces by meaning and run grep-style queries across github repos and orgs.
enterprise-managed plugins in github copilot cli enter public preview
enterprise admins can now configure and distribute plugins to copilot cli users across their org, letting teams standardize tooling without requiring user-level setup.
denic apologizes for dnssec error that crashed germany's internet
denic's .de tld registry apologized after a broken zone signing key pushed on may 5 caused servfail across german domains for hours; engineers restored resolution by 01:15 utc while iana coordination was still in flight.
taiwan student accused of jamming high-speed rail signals with radio kit
a university student is out on bail in taiwan after allegedly using a home-built radio transmitter to disrupt gsm-r train control signals, halting high-speed trains and exposing vulnerabilities in critical rail communications.
vercel lets pro teams control how git committers join their team
pro teams on vercel can now choose between auto-approval (committers with vercel accounts are added immediately) or manual approval (deployments block until an owner approves), preventing unintended seat additions.
vercel adds production-only access for native integration credentials
native integration resources on vercel can now be restricted to production environments only, protecting credentials as sensitive env vars that are no longer readable from the dashboard or cli.
incus 7.0 lts ships with five years of support
incus 7.0 lts is the project's second lts release, supported through june 2031; it drops cgroups v1, adds built-in s3 operations to replace unmaintained minio, requires linux 6.12, and includes a low-level backup api.
netbox v4.6.0 ships vm types, cable bundles, and etag api support
netbox ships vm types for categorizing virtual machine instances like devicetype, cable bundles for managed physical cable runs, and etag support in the rest api to prevent concurrent update conflicts. django 6.0 upgrade and cursor-based pagination also land alongside postgresql indexing improvements for cable-path queries.
shinyhunters publishes vimeo dump: 119k emails confirmed by have i been pwned
shinyhunters followed through on its extortion threat against vimeo, releasing data that have i been pwned has confirmed contains 119k unique email addresses. the breach traced to anodot, a third-party analytics integration that vimeo has since disabled and severed.
microsoft ends azure reservations for 17 vm types, retires 13 in 2028
microsoft stops new reservations for 17 azure instance types on july 1, most running decade-old intel silicon. thirteen types including av2, dv2, and fsv2 are fully retired in 2028, requiring migration to current-generation dv5 and ev5 families before that deadline.
opencode ships three patch releases with proxy, credential, and memory fixes
three opencode releases on may 5 bring proxy environment variable support to the desktop app, system ca certificate trust, and a fix preventing large diffs from consuming unbounded memory. v2 session api encoding and pagination link header correctness bugs were also corrected.
shinyhunters claims 500k salesforce records in cushman & wakefield vishing attack
shinyhunters claims to have exfiltrated over 500k salesforce records from cushman & wakefield by vishing help desk staff into authorizing a malicious connected app, then bulk-exporting objects via the salesforce api before access was revoked. a may 6 leak deadline is in play.
scan of 1m exposed ai services finds 5k+ ollama instances with no auth
researchers used certificate transparency logs to enumerate over 1 million exposed ai services and found 5,200+ ollama api servers open without authentication, 31% of which responded to test prompts. ai infrastructure showed higher misconfiguration rates than any other software category surveyed.
five eyes release guidance on securing agentic ai deployments
CISA and five-eyes allies warn agentic AI amplifies organizational weaknesses; recommend least-privilege, incremental deployment, and human oversight for agent workflows.
gartner: mainframes can now undercut vmware for large linux vm fleets
gartner finds organizations running 500-700 linux VMs on vmware are seeing mainframe migrations become cost-competitive under broadcom's full-stack cloud foundation licensing model.
brush 0.4.0 ships bash compatibility improvements to rust shell
brush's major release delivers set -e, set -u, pipefail, coproc, and failglob with the same exemption rules bash has accumulated, plus windows path overhaul and freebsd/android/wasm32 support.
inference era opens a new lane for ai chip startups
as ai workloads shift from training to serving, inference is heterogeneous enough for specialized chips to win distinct niches. groq's sram-heavy lpu architecture (now under nvidia) and lumai's optical inference accelerator are among those making their move as the workload mix diversifies.
uk pac holds up bank of england migration as rare public-sector tech win
parliament's public accounts committee published a report calling the bank of england's rtgs renewal a model for large-scale public sector tech, contrasting it with the emergency services network running 12 years late and the national savings & investments overhaul already £1.3b over budget.
nethack 5.0.0 ships, modernizes to c99 and lua scripting
the venerable roguelike releases version 5.0.0 with c99-compliant source, easier cross-compilation across platforms, and build-time compilers replaced by lua text alternatives loaded during play.
videolan publishes dav2d, an open-source av2 decoder
videolan released dav2d, the av2 successor to dav1d, after months of internal development. the cross-platform decoder is correctness-first with x86, arm, risc-v, and ppc optimizations planned.
open-design v0.2.0 ships as oss alternative to anthropic claude design
local-first design system landing 31 skills, 72+ design system presets, dark mode, xai grok imagine integration, and 13 ui languages. positions itself against claude design's closed cloud-only model.
llama.cpp adds opencl mxfp4 moe kernel for qualcomm adreno gpus
build b9006 ships a new opencl kernel for running mixture-of-experts models at mxfp4 precision on qualcomm adreno gpus, plus a gpu-side router reorder pass. targets on-device llm inference on android and windows on arm hardware.
macos vm hits 98% native single-core perf on apple silicon
howard oakley benchmarks macos virtualization on apple silicon: a 5-core vm reaches 98% of host single-core cpu and 95% of gpu, and a minimal 2-core 4gb config remains usable for everyday tasks.
wahoo elemnt bolt v3 hides developer mode behind a 3-byte ble packet
engineer reverse-engineers their cycling computer after rides stopped syncing, finds a debug menu unlockable via a 3-byte bluetooth packet with no app-layer auth, and discovers the actual sync bug was on the phone.
kubernetes node throughput tanked by realtek out-of-tree driver
operator documents debugging jumbo-frame regressions on k8s nodes with realtek nics, traced to the out-of-tree r8168 driver. swapping back to in-kernel r8169 restored throughput, undoing a fix for an earlier soft-hang.
ncsc warns of incoming patch tsunami as ai unearths buried code debt
britain's national cyber security center says ai-powered vulnerability discovery is exposing decades of latent flaws faster than orgs can patch them, and urges companies to shrink their attack surface ahead of a critical-update wave.
uk dvsa denies week-long driving test booking outages
the uk's driver and vehicle standards agency says its 18-year-old booking platform is fine, blaming individual chrome and safari configs for the week of failed booking attempts users have reported.
julia evans on testing vue components in the browser without node
writeup on running vue component tests directly in the browser using qunit, a custom mountcomponent helper, async handling, and chrome devtools coverage. no node toolchain required.
canonical confirms sustained ddos as 313 team issues extortion demand
canonical's web infrastructure was knocked offline by a ddos from the 313 team, a pro-iran hacktivist group that followed up with an extortion demand. ubuntu.com, the snap store, launchpad, and security apis went down; apt mirrors stayed online.
cpanel auth bypass cve-2026-41940 added to cisa known-exploited list
cisa confirmed on may 1 that cve-2026-41940, a cvss 9.8 authentication bypass in cpanel and whm, is being actively exploited. the flaw allows unauthenticated attackers to take full control of any affected hosting control panel.
anthropic opens claude security to all enterprise customers in public beta
claude security, the codebase vulnerability scanner powered by claude opus 4.7, exits limited preview and becomes available to all enterprise customers. it reasons over entire repos like a security researcher, not just matching known signatures.
microsoft agent 365 reaches general availability at $15 per user per month
microsoft agent 365, the enterprise control plane for observing, governing, and securing ai agents across microsoft and third-party platforms, goes ga on may 1. it ships alongside microsoft 365 e7, the new frontier-tier enterprise suite.
qualcomm reveals dedicated cpu for agentic ai in the data center
qualcomm ceo cristiano amon disclosed a purpose-built data center cpu for agentic workloads, plus a custom chip engagement with an unnamed hyperscaler starting shipments in december. full specs come at the june 24 investor day.

cloudflare lets ai agents create accounts, buy domains, deploy apps
cloudflare and stripe co-designed a protocol that lets ai agents autonomously create cloudflare accounts, purchase domains, and deploy code with no human in the dashboard. you can now prompt build-and-deploy end-to-end.
github copilot in visual studio gets cloud agent sessions and a debugger agent
the april visual studio update wires in cloud agent sessions that create github issues and prs on remote infra, user-level custom agent definitions that follow you across projects, and a debugger agent that validates fixes against live runtime state.
hoppscotch 2026.4.0 ships collection-level pre-request scripts and smtp oauth2
the open-source api client adds pre-request and test scripts at the collection level, a desktop settings layer with manual update controls, and smtp oauth2 authentication for self-hosted deployments.
microsoft lifts 2026 capex to $190b as ai component costs triple
microsoft q3 results beat on azure (40% growth) and ai ($37b annualized revenue), but the company raised its capex forecast by $25b to $190b, citing memory and storage prices that have more than tripled on ai infrastructure demand.
zig project explains its firm ban on ai-generated contributions
loris cro's contributor poker framing: zig bans llm-authored prs because reviewing ai code builds no lasting contributor trust, and the project only bets on people who fully own their changes. simon willison covers the reasoning.
cloudflare deploys emergency waf rule for cpanel auth bypass cve-2026-41940
cloudflare pushed an unscheduled managed ruleset update to block cve-2026-41940, a critical cpanel and whm authentication bypass that lets unauthenticated attackers gain full administrative access to hosting panels without credentials.
zed editor hits 1.0 after five years
zed reaches 1.0 after five years of work on a custom rust + gpu editor architecture. ships parallel multi-agent ai workflows, edit predictions, and a zed for business tier for team deployments.
copy fail: 732 bytes to root on every major linux distro (cve-2026-31431)
an unprivileged user can chain a flaw in the kernel's authenc crypto template with af_alg and splice() to write 4 bytes into any file's page cache, then escalate to root via setuid binaries on ubuntu, amazon linux, rhel, and suse. no race needed.
fedora 44 ships with sealed bootable container images
fedora 44 introduces sealed bootable container images built on unified kernel images and systemd-boot, plus stratis 3.9.0 which can add or remove encryption on existing storage pools without recreating them.
hashimoto pulls ghostty off github, citing platform reliability
mitchell hashimoto says github is too unreliable for serious work and is moving ghostty, his terminal emulator project, to a different host. he is evaluating commercial and foss alternatives, with a read-only mirror staying on github.
llm 0.32a0 ships: messages-and-parts model replaces prompts-and-strings
simon willison's llm library ships 0.32a0, a backwards-compatible rewrite that models inputs as a sequence of messages and outputs as a stream of typed parts (text, reasoning, tool calls, images). aligns the api with how modern llms actually work.
stanford team drops recursive multi-agent systems paper
the paper introduces a framework for multi-agent systems where agents can recursively spawn and coordinate sub-agents, posted to hugging face daily papers as one of apr 29's featured releases.
python packaging council formally approved
the python steering council approved a formal governance structure for packaging: a five-member elected council with authority over packaging standards and tools, ending years of ad-hoc decision-making.
anthropic launches claude for creative work
anthropic announces a new product surface for claude focused on creative projects and visual content generation, expanding beyond coding and analysis use cases.
vercel ships native deployment checks: built-in lint and typecheck
vercel introduces native deployment checks that run lint and typecheck in parallel with the deploy, with optional failure investigation by vercel agent. moves quality gates off the dev's local machine into the platform.
cloudflare publishes q1 2026 internet disruption summary
cloudflare radar's q1 2026 review covers the quarter's major internet disruptions: nationwide shutdowns, infrastructure attacks, and routing incidents that took regions offline.
oracle plans 2.45gw fuel cell farm to power new mexico datacenter
oracle is constructing fuel cell power infrastructure to support its proposed new mexico data center, sized at 2.45gw. one of the largest off-grid fuel cell deployments planned for compute.
fedora 44 release writeup lands on lwn
lwn covers fedora 44 with focus on gnome 50 and plasma 6.6 desktop refinements, plus the streamlined installation experience and what changed since fedora 43.
github removes gpt-5.3-codex from copilot student model picker
github copilot student edition no longer shows gpt-5.3-codex as a selectable model. effectively retiring the older codex model as gpt-5.5 rolls out across copilot tiers.
github copilot cloud agent starts 20% faster with custom container images
github ships a perf improvement for copilot cloud agent: launches are 20% faster when using actions custom container images. real wins for teams running automated agent workflows in ci.
vercel hobby plan drops to 30-day deployment retention
hobby plan deployments are now capped at 30 days, with exclusions for the 10 most recent production and aliased deployments. likely a cost-control move as platform usage scales.
simon willison: tracking the now-deceased openai-microsoft agi clause
long-form retrospective on the agi clause that used to give openai an out from its microsoft contracts when it claimed to have built agi. simon traces what the clause said, when it changed, and what its removal means.
zig 0.16 explores structured concurrency
zig 0.16.0 introduces an expanded io interface based on structured concurrency principles. lwn walks through the design and what it means for zig's place vs rust and odin.
pgbackrest is no longer maintained
after thirteen years, the pgbackrest maintainer announced he is stopping work on the project, citing sponsorship challenges. one of postgres's most-used backup tools is now in limbo.
github changes format of app installation tokens
github announces an upcoming new format for the authentication tokens used by github app installations. apps will need to update their token-handling code; old tokens keep working through a transition window.
gpt-5.5 is generally available for github copilot
openai's gpt-5.5 hits ga across github copilot, available to all paid tiers. ships alongside the codex inline agent preview in copilot for jetbrains ides.
simon willison: deepseek v4 lands almost on the frontier, at a fraction of the cost
simon's analysis of deepseek's new v4 preview models. they're competitive with frontier tier on benchmarks while being meaningfully cheaper, with implications for who actually pays for inference.
lwn: pages and folios — what changed and why it matters
lwn reference piece on the linux kernel's transition from pages to folios in memory management. clarifies the distinction, current state of the migration, and what subsystems are still on the old api.
fresh 2.3 ships zero-js by default and view transitions
deno's fresh 2.3 release goes zero-js by default, adds view transitions api support, csp nonce functionality, ip filtering, and temporal api compatibility in islands.
github copilot chat improves pull-request awareness
copilot chat in github gets better context about pull requests: discussions, review comments, and diff state are available to the chat without manually pasting them.
github's global pull-request dashboard moves to public preview
the unified cross-repo pull request dashboard is now an opt-out public preview. one place to see every pr you're an author or reviewer on, across all your orgs.
deepseek v4 lands on vercel ai gateway
deepseek v4 pro and flash variants are live on vercel ai gateway with a 1m token context, positioned for coding and reasoning workflows on top of the cheap chinese open-weights frontier.
simon willison ships liteparse for the web: pdf text in the browser
liteparse for the web extracts pdf text fully in the browser via wasm-shimmed node libraries. no upload, no server roundtrip, works offline.
simon willison gets a pelican from gpt-5.5 via the codex backdoor api
early testing of openai's gpt-5.5 via the semi-official codex backdoor api. the famed pelican-on-a-bicycle test, plus notes on the api shape and what's exposed.
famfs, fuse, and bpf: the post-lsfmm filesystem revisions
the famfs filesystem has undergone significant revisions following discussions at the lsfmm+bpf summit. lwn covers the design changes and where the next round of work is heading.
linear agent gains mcp support
linear agent can now connect to your other tools via mcp: granola, glean, notion, posthog. moves linear closer to being an agentic product hub for engineering teams.
ubuntu 26.04 lts 'resolute raccoon' released
ubuntu 26.04 lts ships with tpm-backed full-disk encryption, livepatch on arm servers, and rust-based reimplementations of sudo and coreutils. first lts to expand memory-safe system components.
cloudflare makes rust workers reliable with panic recovery
rust workers now support resilient error recovery through panic unwinding and webassembly exception handling, so a single panic doesn't take down the whole worker. wasm-bindgen got the upstream changes too.
simon willison: is claude code going to cost $100/month? probably not
anthropic announced and then quickly walked back pricing changes for claude code. simon traces the confusion, what was actually said, and where the real pricing landed for paid plans.
dependency cooldown discussions warm up
a delayed dependency-update mechanism to mitigate supply-chain attacks is gaining traction in the python and node ecosystems. critics argue cooldowns shift risk to the broader community while attackers iterate around the window.
rfc 3729: one sized trait does not fit all
rfc 3729 proposes a hierarchy of traits in rust to describe types whose sizes are determined under different compile-time and runtime conditions. lwn unpacks why sized has been the wrong abstraction for years.
lovable's postmortem on its public-projects data exposure
between feb 3 and apr 20, backend regressions let any authenticated lovable user access chat history and source code from public projects. lovable patched within two hours of public disclosure and posted a postmortem on the regressions.
cloudflare wants to move past bots vs humans
cloudflare proposes new accountability models for bot detection that preserve user privacy while still protecting sites from abuse. the post argues the bot/human binary stops being useful as agentic browsers and verified-agent traffic grow.
simon willison: where's the raccoon with the ham radio? testing chatgpt images 2.0
early hands-on with openai's gpt image 2 model. simon runs the standard creative-prompt battery and shows where the new model is genuinely better and where it still falls flat.
lwn: using llms to find python c-extension bugs
a developer used claude code to systematically discover over 500 bugs in python c extensions while practicing responsible disclosure. lwn covers the methodology and what it implies for similar fuzzing of other ecosystems.
cloudflare agents week 2026: everything they launched
the recap post covers every announcement from agents week, spanning compute, security, and agentic-web infrastructure. the headline pieces are the agent readiness score, shared dictionaries, and ai redirects.
cloudflare's internal ai engineering stack, on the platform they ship
cloudflare details the internal ai infrastructure they built on their own products: 241 billion tokens processed, serving 3,683 internal users. a rare 'we eat our own dog food' writeup at this scale.
bun v1.3.13 ships with --parallel testing and 17x less memory for tarballs
bun v1.3.13 fixes 82 issues, ships new --parallel/--isolate/--shard/--changed test flags, cuts tarball-streaming memory 17x, halves source map size, and speeds gzip 5.5x. plus range request support and sha3.
kimi k2.6 lands on vercel ai gateway
moonshot ai's kimi k2.6 is live on vercel ai gateway, focused on long-horizon coding tasks across multiple languages. another open-weights frontier model going through the gateway plumbing.