Состоялся выпуск [ Phosh 0.55.0 ]( https://phosh.mobi/about/ ) , свободной графической оболочки для мобильных устройств на базе mainline Linux. Проект возник вокруг разработки Purism Librem 5, но сейчас используется на разных смартфонах, планшетах, трансформерах и даже ноутбуках. Основной упор, как и прежде, делается на Linux-смартфоны.

Phosh 0.55.0 опубликован 17 мая 2026 года. В состав выпуска входят обновления основной оболочки phosh, композитора phoc, экранной клавиатуры stevia, мобильных настроек, порталов, вспомогательных библиотек и нескольких новых компонентов.

В самой оболочке phosh 0.55.0 добавлена новая быстрая настройка для Syncthing. Также исправлена логика затемнения экрана: система больше не должна затемнять дисплей в ситуации, когда у устройства нет датчика внешней освещённости. Кроме того, разработчики отмечают различные исправления ошибок, включая устранение утечек памяти.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18295783#cut ) )

15 мая Линус Торвальдс [ принял ]( https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36d49bba19f2c19c933d13b25dcf4eb607a030b3 ) в состав ядра [ документ ]( https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36d49bba19f2c19c933d13b25dcf4eb607a030b3 ) , регламентирующий процесс обработки ошибок, связанных с безопасностью, определяющий модель угроз, поясняющий, какие ошибки в ядре трактуются как уязвимости, и разбирающий действия с ошибками, выявленными при помощи AI. Документ [ подготовлен ]( https://lore.kernel.org/all/20260509094755.2838-1-w@1wt.eu/ ) Вилли Тарро (Willy Tarreau), автором HAProxy и давним разработчиком ядра Linux, отвечавшим за сопровождение нескольких стабильных веток ядра. В качестве основы использованы договорённости, достигнутые в ходе обсуждения недавно выявленных критических уязвимостей в ядре ( [ 1 (opennet.ru) ]( https://www.opennet.ru/opennews/art.shtml?num=65325 ) , [ 2 (opennet.ru) ]( https://www.opennet.ru/opennews/art.shtml?num=65395 ) , [ 3 (opennet.ru) ]( https://www.opennet.ru/opennews/art.shtml?num=65441 ) , [ 4 (opennet.ru) ]( https://www.opennet.ru/opennews/art.shtml?num=65452 ) ), раскрытых до публикации исправлений и для которых, благодаря AI, удалось сразу создать рабочие эксплоиты.

Основную массу связанных с безопасностью ошибок [ предписывается ]( https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/diff/Documentation/process/security-bugs.rst?id=36d49bba19f2c19c933d13b25dcf4eb607a030b3 ) обрабатывать публично, чтобы привлечь максимально широкую аудиторию и найти оптимальное решение. В отдельный приватный список рассылки предлагается отправлять только экстренные сообщения об уязвимостях, легко эксплуатируемых, представляющих угрозу для многих пользователей и позволяющих получить расширенные привилегии или возможности.

Уязвимости, выявленные при помощи AI-ассистентов, всегда предлагается обсуждать публично, так как подобные проблемы часто обнаруживаются одновременно несколькими исследователями. При этом не следует раскрывать в отчёте эксплоит – достаточно упомянуть, что он доступен, и передать его в частном порядке в ответ на запрос сопровождающего.

( [ читать дальше... ]( https://www.linux.org.ru/news/kernel/18296578#cut ) )

Amazon is adding AI-generated "podcasts" to Alexa+, letting users request custom audio explainers on any topic featuring two synthetic co-hosts. Variety reports: Seemingly to dispel the notion that these "podcasts" will be AI audio slop, Amazon emphasized that it has deals with major news organizations to ensure "accurate, real-time news and information." Those include the Associated Press, Reuters, the Washington Post, Time magazine, Forbes, Business Insider, Politico and USA Today; publications from Conde Nast, Hearst and Vox Media; and more than 200 local newspapers across the U.S.

In an example clip shared by Amazon of the new Alexa Podcasts feature, the two AI-generated hosts discuss "the latest music releases." A male Alexa+ narrator says more than 50% of music listening now comes from unsigned artists. "The monoculture is just gone," a female-voiced Alexa+ narrator chimes in. The male Alexa+ host says there has been "stoner metal," indie pop and experimental hip-hop music "all dropping on the same Friday," and adds, "That's not chaos -- that's the healthiest the music ecosystem has ever been."

[...] To use Alexa Podcasts, users can simply tell Alexa what topic they're curious about and "it does the rest in minutes." Alexa+ will provide an overview of what it plans to cover, and let you adjust the length and direction before it generates the podcast. When your episode is ready, you'll get a notification on your Echo Show device and the Alexa app.

[ Read more of this story ]( https://entertainment.slashdot.org/story/26/05/19/0043247/amazons-alexa-now-produces-ai-generated-podcasts?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован проект IncidentRelay, развивающий открытую систему для организации дежурств, маршрутизации оповещений и сопровождения инцидентов, запускаемую на собственном сервере (self-hosted). Проект ориентирован на SRE, DevOps и инфраструктурные команды, которым требуется локально разворачиваемая альтернатива SaaS-сервисам для управления дежурством (on-call management), применения политик эскалации и реагирования на инциденты. Код проекта написан на Python и распространяется под лицензией MIT.

https://www.opennet.ru/opennews/art.shtml?num=65475

An anonymous reader quotes a report from the New York Times: Meta told employees on Monday that it was reassigning 7,000 workers to focus on new initiatives around artificial intelligence, the latest change in a company transformation spurred by the powerful technology. Employees will be moved to four new organizations focused on building new A.I. tools and apps, Janelle Gale, Meta's head of human resources, said in an internal memo. The organizations will use "A.I. native design structures" and have fewer managers per employee than other parts of the company, she said, adding that company leaders will send details about the new roles on Wednesday. The restructuring "will make us more productive and make the work more rewarding," Ms. Gale wrote. Meta declined to comment further on the changes.
The move comes shortly before Meta begins laying off roughly 8,000 employees, or 10 percent of its work force. Ms. Gale also mentioned Wednesday's layoffs in her memo. "We know days like this are extremely hard, and we appreciate you showing up for each other," Ms. Gale said.

According to the NYT, employees have been asked to work remotely that day and emails about the layoffs would be sent at 4 a.m. local time. Employees in the United States will receive 16 weeks of severance pay, along with two extra weeks for every year they worked at Meta.

[ Read more of this story ]( https://meta.slashdot.org/story/26/05/19/0027253/before-mass-layoffs-meta-reassigns-7000-workers-to-focus-on-ai?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Раскрыта информация о шестой уязвимости (1, 2-3, 4, 5), позволяющей непривилегированному локальному пользователю получить права root, перезаписав данные в страничном кэше. Уязвимость получила кодовое имя PinTheft. Доступен прототип эксплоита. CVE-идентификатор ещё не присвоен. Исправление пока доступно только в виде патча, который опубликован 5 мая и 11 мая был принятв ветку netdev, но не включён в корректирующие выпуски ядра.

https://www.opennet.ru/opennews/art.shtml?num=65476

Microsoft is turning Azure Linux into a general-purpose, Fedora-based cloud distribution available to all Azure customers, while also productizing Flatcar as Azure Container Linux for immutable container hosts. "When Microsoft joined the Linux Foundation, there was this big conspiracy theory that somehow the Linux Foundation was undermining open source in partnership with Microsoft, and now you announce that you're shipping a Linux distribution," Jim Zemlin, the Linux Foundation's CEO, said in response to Microsoft's surprise announcement. "That's amazing." ZDNet reports: Until now, [Lachlan Everson, Microsoft's Principal Program Manager on Azure's open-source team] noted, "we had Azure Linux only available to third-party customers through AKS specifically, and that was Azure Linux 3.0." Going forward, this will be ACL. Everson emphasized that Azure Linux 4.0 is the culmination of years of internal usage and the evolution of the earlier Mariner distribution. "So we've been running Azure Linux for many years internally, and we got through to 3.0, and we only allowed it on as a container host on AKS. What we've done is make it a general-purpose, so this is all the learnings that we've had in the heritage of Mariner."

Under the hood, Azure Linux 4.0 is based on Fedora Linux and is delivered as an open distribution on GitHub. This code is available now. Yes, Red Hat knows that Microsoft has done this. Everson continued, "So, we made a decision to use Fedora as an upstream, so it's using RPMs in the Fedora ecosystem. Microsoft curates the packages and the supply chain to fit Azure's cloud platform." Microsoft also created "it to be purpose-built for Azure, which integrates vertically into all of our infrastructure to give you the best Azure Linux experience on Azure." While Azure Linux will ship as a VM image, Microsoft is already preparing a developer-friendly path onto Windows desktops: "And as of today, we have it as a VM image for your VM host on Azure. We're going to announce WSL images as well."

While developers will be able to run Azure Linux locally through WSL, Microsoft is not positioning it as a traditional desktop Linux. Asked whether he could run it on his laptop, Everson said: "I will be able to run it on my laptop, or what have you. Yes, on Windows 11." However, when pressed about a desktop experience, Everson was clear that there are "no plans" for a graphical environment. "It's optimized for server-side in the cloud," he said, adding that even on a developer machine, users should expect a lean environment. "Minimal packages, yeah. The idea is that we offer you a consistent experience to do your development on your machine, and that you can take your workloads as you develop them on your machine and run them with VS Code. You can run your applications on that, and know that the platform is the same that you're running on the cloud, so that you have that kind of consistency between environments."

Flatcar itself remains the upstream project, but Microsoft is packaging it for Azure customers. Everson described Flatcar as "purpose-built, immutable, secure by default, production-ready operating system, and Azure Container Linux is the productization of that, but we're still investing in the upstream Flatcar ecosystem and pulling that downstream into a productized exterior experience just for container workloads, so it's a container hosting in AKS." To underscore the immutable model, he added that "Everything's baked in, so there is no package manager. We bake the bits into the immutable, and they're in the immutable version. So Azure Container Linux is the immutable version. So you shouldn't be changing any system packages or any application packages. Anything that you need to change is customer workloads run in containers."

[ Read more of this story ]( https://linux.slashdot.org/story/26/05/19/0056247/microsoft-surprises-with-its-first-server-linux-distribution-azure-linux-40?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Доступен выпуск проекта fheroes2 1.1.16, который воссоздаёт движок игры Heroes of Might and Magic II с нуля. Код проекта написан на C++ и распространяется под лицензией GPLv2. Для запуска игры требуются файлы с игровыми ресурсами, которые можно получить из оригинальной игры Heroes of Might and Magic II. В составе проекта поставляется скрипт для автоматической загрузки и извлечения ресурсов из демоверсии игры, которых достаточно для полноценной работы.

https://www.opennet.ru/opennews/art.shtml?num=65478

Microsoft is launching three new Intel-powered Surface devices for businesses: the Surface Pro 12, Surface Laptop 8, and a smaller 13-inch Surface Laptop model. These new machines come equipped with newer Intel chips, a few business-focused upgrades, and notably higher starting prices. "The high pricing of these three new Surface devices is a sign of things to come for whatever consumer models Microsoft is planning this year," notes The Verge. From the report: This time around Microsoft is refreshing its Surface Pro and Surface Laptop models with Intel's latest Core Ultra Series 3 processors first, ahead of similar models with Qualcomm's new Snapdragon X2 processors later this year. The new Surface Pro 12, or as Microsoft calls it the Surface Pro for Business 13-inch (12th Edition), will be available for businesses today, starting at an eye-watering $1,949.99. The base model will include an Intel Core Ultra 5 processor, 16GB of RAM, 256GB of storage, and the regular 13-inch PixelSense LCD display.

Businesses will have to pay extra for models with Intel's Core Ultra 7 processor, up to 64GB of RAM, and up to 1TB of storage. The top spec Surface Pro 12 with a Core Ultra 7, 64GB of RAM, and 1TB of storage will be priced at $4,399.99, and there are also OLED screen options and models with 5G connectivity. The Surface Pro 12 5G starts at $2,249.99, with a Core Ultra 5, 16GB of RAM, and 256GB of storage. [...] Microsoft is also launching two new versions of the Surface Laptop for businesses today. The Surface Laptop 8, or Surface Laptop for Business 13.8 or 15-inch (8th Edition) as Microsoft calls it, will also be available with a range of Intel's Core Ultra Series 3 chips. It launches alongside a smaller 13-inch model, which is confusingly labeled the Surface Laptop for Business 13-inch (1st Edition).

The 13.8-inch model starts at $1,949.99, and includes Intel's Core Ultra 5 processor, 16GB of RAM, and 256GB of storage. While Surface devices for businesses have typically had higher pricing than consumer models, the $1,949.99 starting price for a Surface Laptop 8 is almost double the original price of the Surface Laptop 7. RAMageddon really has come for Microsoft's Surface Pro and Surface Laptop devices, after recent price increases meant the existing consumer models are now $500 more expensive than their original starting price. The max configuration for the 13.8-inch Surface Pro 8 will include a Core Ultra 7, 64GB of RAM, and 1TB of storage for $4,299.99. A similar version of the 15-inch model (with an x7 processor) will be priced at $4,499.99.

[ Read more of this story ]( https://hardware.slashdot.org/story/26/05/19/1625223/microsoft-launches-surface-pro-12-surface-laptop-8-with-intel-chips?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Microsoft опубликовала наработки, связанные с дистрибутивом Azure Linux 4, который по сравнению с веткой 3.0 кардинально переработан и переведён с собственной пакетной базы на использование пакетов из дистрибутива Fedora 43. Если ранее Azure Linux позиционировался как платформа для Linux-окружений, используемых в облачной инфраструктуре, edge-системах и различных сервисах Microsoft, то теперь Azure Linux преподносится как защищённая и надёжная операционная система общего назначения, оптимизированная для облака Azure, которую можно использовать в виртуальных машинах, контейнерах, окружении WSL (Windows Subsystem Linux) и в качестве основной ОС на компьютерах.

https://www.opennet.ru/opennews/art.shtml?num=65479

An anonymous reader quotes a report from KrebsOnSecurity: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history. On May 15, KrebsOnSecurity heard from Guillaume Valadon, a researcher with the security firm GitGuardian. Valadon's company constantly scans public code repositories at GitHub and elsewhere for exposed secrets, automatically alerting the offending accounts of any apparent sensitive data exposures. Valadon said he reached out because the owner in this case wasn't responding and the information exposed was highly sensitive.

The GitHub repository that Valadon flagged was named "Private-CISA," and it harbored a vast number of internal CISA/DHS credentials and files, including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets. Valadon said the exposed CISA credentials represent a textbook example of poor security hygiene, noting that the commit logs in the offending GitHub account show that the CISA administrator disabled the default setting in GitHub that blocks users from publishing SSH keys or other secrets in public code repositories. "Passwords stored in plain text in a csv, backups in git, explicit commands to disable GitHub secrets detection feature," Valadon wrote in an email. "I honestly believed that it was all fake before analyzing the content deeper. This is indeed the worst leak that I've witnessed in my career. It is obviously an individual's mistake, but I believe that it might reveal internal practices." "Currently, there is no indication that any sensitive data was compromised as a result of this incident," a CISA spokesperson wrote. "While we hold our team members to the highest standards of integrity and operational awareness, we are working to ensure additional safeguards are implemented to prevent future occurrences."

The GitHub account in question was taken offline shortly after CISA was notified about the exposure. However, according to Caturegli, the exposed AWS keys remained valid for another 48 hours.

"What I suspect happened is [the CISA contractor] was using this GitHub to synchronize files between a work laptop and a home computer, because he has regularly committed to this repo since November 2025," Caturegli said. "This would be an embarrassing leak for any company, but it's even more so in this case because it's CISA."

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/19/1650229/cisa-admin-leaked-aws-govcloud-keys-on-github?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The London-headquartered lender Standard Chartered announced plans to cut more than 7,000 jobs by 2030, with CEO Bill Winters saying the bank will replace some "lower-value human capital" through automation and AI while offering retraining to affected workers. "It's not cost-cutting. It's replacing in some cases lower-value human capital with the financial capital and the investment capital we're putting in," CEO Bill Winters told reporters. "So, the people that want to reskill, that want to carry on, we're giving every opportunity to reposition," Winters said. Reuters reports: The cuts, alongside higher shareholder return targets announced in a strategy update, come as StanChart is at the tail-end of a decade-long effort to transform itself from a potential takeover target to a steadily profitable lender. Its London-listed shares, which have risen 65% in the last 12 months, fell 0.5% in early trading, as analysts said the new targets were at the conservative end of their expectations.

"In a world full of uncertainty, performance may prove more challenging further out," said Ed Firth, analyst at Keefe, Bruyette & Woods, citing how the bank has benefited in recent years from high interest rates and huge wealth flows. StanChart's move to streamline operations and rein in costs comes as more global firms slash jobs by deploying AI to improve efficiency. Japanese lender Mizuho in March unveiled up to 5,000 job cuts over a decade. And banks globally are scrambling to integrate frontier AI models and fend off rising cyber threats.

The most affected roles will be in the bank's back-office centres, including those in Chennai, Bengaluru, Kuala Lumpur and Warsaw, according to Winters. "Of course we're using AI along the way and AI will be a huge facilitator and enabler of that," he added, referring to its ongoing revamp to automate more of its core banking system. StanChart said it would deliver over 15% return on tangible equity in 2028, more than three percentage points higher than in 2025, and building to about 18% in 2030. Meta also announced plans to reassign 7,000 employees into AI-related initiatives, just ahead of layoffs expected to affect roughly 8,000 workers.

[ Read more of this story ]( https://slashdot.org/story/26/05/19/1640224/stanchart-to-cut-over-7000-jobs-boost-ai-to-replace-lower-value-human-capital?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Canonical представила релиз Ubuntu Core 26, компактного варианта дистрибутива Ubuntu, адаптированного для применения на устройствах интернета вещей (IoT), в контейнерах, потребительском и промышленном оборудовании. Ubuntu Core поставляется в форме неделимого монолитного образа базовой системы, в котором не применяется разбивка на отдельные deb-пакеты. Образы Ubuntu Core 26, состав которых синхронизирован с пакетной базой Ubuntu 26.04, подготовлены для систем x86_64 и ARM64. Время сопровождения выпуска составит 15 лет.

https://www.opennet.ru/opennews/art.shtml?num=65477

OpenAI co-founder Andrej Karpathy has joined rival AI lab Anthropic. "The hire is a major coup for Anthropic in the high-stakes competition for elite AI talent -- and another sign the company is emerging as a magnet for some of the industry's most respected technical minds," reports Axios. From the report: Karpathy will start this week on Anthropic's pre-training team, which is responsible for the massive training runs that give Claude its core knowledge and capabilities, according to Anthropic. Karpathy will help launch a new team focused on using Claude itself to accelerate pretraining research -- an increasingly important frontier as AI companies race to automate parts of AI development. "I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D," Karpathy said in a post on X.

Karpathy is a rare AI figure with credibility across research, industry and education. He was a founding member of OpenAI before serving as Tesla's director of AI, where he led the computer vision team behind Autopilot. Karpathy coined the term "vibe coding" and recently described himself as being in a "state of AI psychosis" since December -- embracing "tokenmaxxing" and aggressively stress-testing frontier models.

[ Read more of this story ]( https://slashdot.org/story/26/05/19/1743231/openai-co-founder-andrej-karpathy-joins-anthropic?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Inside Climate News: A proposed merger of the largest utility in the country by market value, NextEra Energy, with the sixth-largest, Dominion, would create a megacompany at a time when data centers and rapid increases in electricity demand are reshaping the industry. The proposal, announced Monday morning and contingent on state and federal regulatory approval, would result in a company that leads in nearly every aspect of the US power and utility industry, including overall electricity generation, natural gas generation, and renewables. The $67 billion deal combines NextEra's size and reach with Dominion's positioning as the local utility for the world's largest concentration of data centers in northern Virginia. But the results are likely bad for consumers and the environment, creating a company with enormous financial and political strength that will be difficult to effectively regulate, according to consumer advocates and analysts.

For perspective, only Exxon Mobil and Chevron would be larger based on market value among US-based energy companies. "Mergers are not about consumers; they're about shareholders," said Ari Peskoe, director of the Electricity Law Initiative at Harvard Law School. "For the Dominion shareholders, they are selling their shares at a premium. The executives are getting massive payouts for facilitating this, assuming it all goes through, and obviously NextEra believes the transaction is going to add value to the company. Ratepayers are all an afterthought." The deal makes financial sense for both companies, said Andrew Bischof, an equity analyst for Morningstar. "We view the transaction as allowing NextEra to accelerate its data center ambitions, which had trailed those of its regulated peers, by using Dominion's expertise and relationships to expedite NextEra's data center hub plans," he said in a note to clients.

NextEra, based in Juno Beach, Florida, includes Florida Power & Light, the largest regulated electricity utility in the state, and NextEra Energy Resources, a wholesale electricity supplier that owns power plants across the nation. Dominion, based in Richmond, Virginia, includes regulated utilities serving much of Virginia, parts of North Carolina and South Carolina, and other assets across the country. The company would be called NextEra Energy, and NextEra CEO John W. Ketchum would serve in the same role after the deal closes. Robert M. Blue, Dominion's CEO, would be the CEO for regulated utilities for the merged company. The parties said they expect regulatory approvals to take 12 to 18 months. NextEra shareholders would own 74.5 percent and Dominion shareholders would own 25.5 percent, respectively, of the combined company in the all-stock transaction. "We are bringing NextEra Energy and Dominion Energy together because scale matters more than ever -- not for the sake of size, but because scale translates into capital and operating efficiencies," Ketchum said in a statement.

Although the companies claim the deal would produce savings, including $2.25 billion in Dominion customer bill credits, former regulator Marissa Paslick Gillett said she was "flabbergasted by the tone deafness," arguing that major utility mergers rarely deliver the promised "synergies" and often create "a behemoth" that is harder to regulate.

Others warned that a larger NextEra could use its political power "to the disadvantage of ratepayers," while climate advocates said expanding methane gas plants to serve data centers would worsen pollution and leave vulnerable communities "at the short end of the stick."

[ Read more of this story ]( https://hardware.slashdot.org/story/26/05/19/1733219/nextera-and-dominions-67-billion-mega-merger-is-all-about-the-data-centers?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Google is giving its iconic search box its first major redesign since 2001. The new design incorporates, you guessed it, artificial intelligence, "getting bigger and more interactive so that people can ask even longer questions and upload photographs and videos into queries," reports the New York Times. "In addition, people can ask follow-up questions with a chatbot on Google's main search page." From the report: The company will also offer digital assistants, known as agents, to automate searches so that someone who may be apartment hunting can be notified of a new listing without opening a real estate site like Zillow. The search features will be powered by a new artificial intelligence model, Gemini 3.5 Flash. Google said the model had improved on creating software code and performing autonomous tasks, worked faster and was less expensive to run than comparable models.

[...] Google is also bringing one of A.I.'s biggest breakthroughs -- software coding -- to search. When people research complex topics like astrophysics, Gemini can build interactive graphics and simulations behind the scenes to provide a deeper answer than its previous listing of websites. Google said it was introducing an alternative to the agents powered by Anthropic's Claude Code and OpenAI's Codex. Called Gemini Spark, the service is embedded in Gmail, Docs and other Google products, where it can turn meeting notes spread across emails and chats into a single document. It can also read and draft emails. "The open web is on its way out," says Richard Kramer, a financial analyst with Arete Research. "With A.I., Google is reducing everyone to raw data providers."

[ Read more of this story ]( https://search.slashdot.org/story/26/05/19/1947215/google-changes-its-search-box-for-the-first-time-in-25-years?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

BrianFagioli shares a report from NERDS.xyz: Plex is raising the price of a new Lifetime Plex Pass from $249.99 to $749.99 on July 1. That's a $500 increase for media server software. Plex says it needs the money for "long-term development" and future features, but a lot of self-hosting folks are already wondering if this is basically a soft way of killing the Lifetime option without officially removing it. At nearly $750, are people just going to move to Jellyfin instead? As for those future improvements, Plex said the roadmap includes better downloads support, restored music and photo library support in mobile apps, NFO metadata support, IPv6 support, playlist editing on mobile, audio enhancements, and transcoding improvements.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/19/1957248/plex-triples-lifetime-subscription-cost-to-750?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from NPR: Minnesota Gov. Tim Walz has signed the nation's first law banning prediction market sites from operating in the state, and in response, the Trump administration has sued, teeing up a legal battle over the most far-reaching crackdown on popular services like Kalshi and Polymarket. It comes as states confront a growing standoff with the Trump administration over how to regulate the industry, which allows people to bet on virtually anything.

The new state law makes it a crime to host or advertise a prediction market, which it defines as a system that lets consumers place a wager on a future outcome, like sports, elections, live entertainment, someone's word choice and world affairs. The prohibition extends to services supporting prediction markets, like virtual private networks, that could allow consumers to disguise their location and get around the ban. It would force prediction market sites like Kalshi and Polymarket to leave the state, or face possible felony charges. The law takes effect in August.

The law has a carve-out for event contracts that serve as an insurance policy in the event of "harm, or loss sustained" and for the purchase of securities and other commodities. The Commodity Futures Trading Commission's lawsuit seeks to block the law before it starts, arguing the prediction market industry should be exclusively regulated by federal officials. "This Minnesota law turns lawful operators and participants in prediction markets into felons overnight," said CFTC Chairman Michael Selig.

"Minnesota farmers have relied on critical hedging products on weather and crop-related events for decades to mitigate their risks. Governor Walz chose to put special interests first and American farmers and innovators last." An updated version of the prediction market bill allows trading on weather, an exception that followed pushback from the agricultural industry, which has historically used futures trading on weather as a hedge against storms and other inclement weather that can affect a harvest. Walz is expected to sign it soon. "We as a state should decide how best and what regulations we think should attach to gambling, to protect public safety, to protect our kids," said Minnesota Rep. Emma Greenman, the Democrat who introduced the measure.

Kalshi spokeswoman Elisabeth Diana called the ban a "blatant violation" of the law. "Minnesota banning prediction markets is like trying to ban the New York Stock Exchange," said Diana, adding that "this actively harms users because it reduces competition and drives activity offshore."

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/20/0121248/minnesota-becomes-first-state-to-ban-prediction-markets?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

[ Доступен ]( https://download-installer.cdn.mozilla.net/pub/firefox/releases/151.0/ ) Firefox 151, примечательный улучшенной защитой от сбора цифровых отпечатков, поддержкой Web Serial API, а также возможностью для сайтов захватывать ввод с клавиатуры в полноэкранном режиме.

( [ читать дальше... ]( https://www.linux.org.ru/news/mozilla/18297259#cut0 ) )

В подсистеме криптографии Linux готовится удаление поддержки zero-copy из интерфейса AF_ALG для типов алгоритмов SKCIPHER и AEAD. Изменение уже находится в дереве cryptodev и ожидается к отправке в окно слияния Linux 7.2, которое должно открыться в июне. Поводом стали растущие опасения вокруг безопасности zero-copy-механизмов в ядре, особенно после недавних уязвимостей в криптографическом коде Linux.

AF_ALG — это [ пользовательский интерфейс ]( https://www.kernel.org/doc/html/v6.1/crypto/userspace-if.html ) к криптографическому API ядра Linux. Через него программы могут обращаться к реализациям шифров, хэшей и AEAD-алгоритмов в ядре как к сокетам. Документация Linux отдельно описывает для AF_ALG zero-copy-режим через splice() и vmsplice(), при котором ядро старается избежать лишнего копирования данных в память ядра.

( [ читать дальше... ]( https://www.linux.org.ru/news/kernel/18296321#cut ) )

Дорогие друзья и поклонники проекта fheroes2!

В этом обновлении мы сосредоточились на Редакторе карт. Учитывая обратную связь от наших создателей карт, мы постарались сделать процесс создания карт ещё удобнее и приятнее.

Прежде всего, в Редакторе появилась возможность рисовать дороги и реки, просто задавая нужную траекторию мышью. Это значительно упрощает и ускоряет размещение этих элементов по сравнению с прежним методом, при котором каждый фрагмент приходилось располагать кликая по клеткам карты. Особенно полезным это нововведение будет на устройствах с сенсорным вводом.

Во-вторых, появилась возможность перемещать отдельные объекты на карте. Эта функция была очень востребована и отсутствовала даже в оригинальном Редакторе. Она позволяет быстро корректировать существующие ландшафты без необходимости перестраивать их с нуля. Кроме того, Редактор теперь поддерживает копирование объектов, что упрощает повторное размещение объектов с заданными свойствами и избавляет от необходимости каждый раз заново искать их в списке.

Новая версия редактора fheroes2 позволяет размещать объекты частично за пределами границ карты. Это открывает новые возможности для создания уникальных ландшафтов и создаёт ощущение, что карта является частью гораздо более обширного мира.

Также создатели карт могут выбирать, какой именно Великий Артефакт будет скрыт под заветным перекрестьем на карте.

Помимо улучшений Редактора, команда ускорила запуск приложения, добавила поддержку эсперанто, исправила скорость анимации разворота героев, обновила переводы и закрыла более 20 проблем с момента предыдущего выпуска.

Спасибо за Вашу поддержку и активное участие в жизни проекта! Надеемся, что вам понравится обновлённая версия движка!

https://www.linux.org.ru/news/games/18296882

19 мая тихо и незаметно вышел юбилейный 60-ый выпуск операционной системы OpenBSD.

( [ читать дальше... ]( https://www.linux.org.ru/news/bsd/18297294#cut ) )

Для платформы amd64 подготовлено 13044 бинарных пакетов, среди которых Chromium 147, Firefox 150, GCC 15.2.0, LLVM/Clang 19.1.7 и 20.1.8, GNOME 49, KDE Plasma 6.6.4, Wayland-композиторы Niri, Mango, LabWC, Sway, Wayfire

Впервые после перерыва была выпущена официальная [ песня ]( https://www.openbsd.org/lyrics.html#79 ) , однако русскоязычным сообществом подготовлена и [ неофициальная песня ]( https://openbsd.org.ru/unsong79.html )

Опубликован proof-of-concept для уязвимости DirtyDecrypt, также известной как DirtyCBC, позволяющей локальному непривилегированному пользователю получить права root на некоторых системах Linux. Проблема находится в коде rxgk подсистемы RxRPC и связана с записью в page cache из-за отсутствующей проверки copy-on-write в функции rxgk_decrypt_skb(). О публикации PoC 18 мая 2026 года сообщило издание BleepingComputer; сам PoC размещён в [ репозитории команды V12 ]( https://github.com/v12-security/pocs/tree/main/dirtydecrypt ) .

( [ читать дальше... ]( https://www.linux.org.ru/news/security/18296676#cut ) )

Сервис GitHub предупредил о выявлении неавторизированного доступа к своим внутренним репозиториям. Причиной стала компрометация рабочей станции одного из сотрудников, установившего новую версию одного из расширений к редактору кода VS Code, в которую был интегрирован вредоносный код. Подробности обещают опубликовать после завершения разбирательства. По предварительным данным информация пользователей, хранимая вне внутренних репозиториев компании GitHub, не пострадала. Атака ограничилась утечкой информации из примерно 3800 внутренних репозиториев, принадлежащих GitHub.

https://www.opennet.ru/opennews/art.shtml?num=65484

Astronomers using the James Webb Space Telescope have identified an ultra-faint galaxy seen just 800 million years after the Big Bang. The galaxy contains almost no heavy elements, shows signs of intense early stellar radiation, and could offer a rare glimpse into the first stages of galaxy formation. Phys.org reports: In a paper published in the journal Nature, a team of scientists led by Kimihiko Nakajima, an astronomer at Kanazawa University, Japan, describes how they used the telescope to study a part of the deep universe and discovered a faint galaxy called LAP1-B. "LAP1-B establishes a 'fossil in the making,' a direct high-redshift progenitor of the ancient ultra-faint dwarf galaxies observed in the local universe," they wrote. Because the galaxy is so small and distant, it would normally be impossible to see. However, it was spotted due to a phenomenon known as gravitational lensing, in which a massive cluster of closer galaxies acts like a giant magnifying glass, boosting the light from LAP1-B by 100 times.

The scientists realized that most of the light from the galaxy wasn't coming from the stars, but from glowing clouds of gas. They analyzed this light by splitting it into a spectrum and studying the emission lines, which revealed the chemical composition of the gas. They found that the galaxy contains almost no heavy elements, and its oxygen abundance is about 240 times lower than the sun's, making it one of the most primitive star-forming galaxies ever observed. The emission lines also revealed intense ionizing radiation, which is what scientists expect to see from the first generation of stars.

The team also measured an elevated carbon-to-oxygen ratio. This matches the predicted chemical signature for the first star explosions in history from Population III stars, the first stars to exist in the universe. The stars we see today are Population I stars, which formed later and contain more heavy elements. Another fascinating finding is that, after measuring the gas's motion and speed, the researchers concluded that the galaxy is held together by a massive cloud of invisible dark matter.

[ Read more of this story ]( https://science.slashdot.org/story/26/05/20/022206/webb-discovers-one-of-the-universes-first-galaxies?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Состоялся релиз web-браузера Firefox 151 и сформированы обновления прошлых веток с длительным сроком поддержки - 140.11.0 и 115.36.0. На стадию бета-тестирования в ближайшее время будет переведена ветка Firefox 152, релиз которой намечен на 16 июня.

https://www.opennet.ru/opennews/art.shtml?num=65481

Состоялся релиз почтового клиента Thunderbird 151.0, развиваемого сообществом Mozilla. Выпуск доступен для Linux, Windows и macOS; в системных требованиях для Linux указано наличие GTK+ 3.14 или новее. Релиз опубликован 19 мая 2026 года.

Главное изменение выпуска — развитие поддержки OAuth и Exchange-сценариев. В Thunderbird 151.0 добавлен вход в Thundermail через OAuth с автоматической настройкой учётной записи, а для учётных записей EWS появилась возможность переопределять параметры OAuth-провайдера. Это может быть полезно в корпоративных конфигурациях, где используются нестандартные параметры авторизации или собственные настройки Microsoft Exchange.

Из пользовательских изменений также отмечена возможность сортировать задачи по дате создания или изменения. Кроме того, разработчики вернули проверку Thunderbird как приложения по умолчанию при запуске программы. В работе с OpenPGP изменено поведение подписанных писем: публичный ключ OpenPGP больше не прикрепляется по умолчанию к сообщениям, которые только подписываются, но не шифруются.

( [ читать дальше... ]( https://www.linux.org.ru/news/mozilla/18296310#cut ) )

Разработка pgBackRest, популярного свободного инструмента для резервного копирования и восстановления баз данных PostgreSQL, продолжится. Об этом сообщил сопровождающий проекта Дэвид Стил (David Steele): за последние недели вокруг проекта сформировалась группа спонсоров, готовых финансировать дальнейшую разработку. Благодаря этому pgBackRest больше не будет зависеть от одного корпоративного спонсора, что должно сделать развитие проекта устойчивее в долгосрочной перспективе.

История получилась показательной. В конце апреля Стил [ объявил ]( https://lwn.net/Articles/1069951/ ) , что прекращает работу над pgBackRest и архивирует репозиторий. Причиной стала невозможность найти устойчивое финансирование после потери прежней корпоративной поддержки. По словам разработчика, pgBackRest был его основным проектом на протяжении 13 лет, но поддерживать такой инструмент по ночам и выходным бесконечно невозможно.

Среди новых спонсоров названы AWS, Supabase, pgEdge, Tiger Data, Percona и Eon. В объявлении подчёркивается, что эти компании сами полагаются на pgBackRest для обеспечения восстановления после сбоев в своих продуктах и инфраструктуре клиентов.

Percona [ отдельно объявила ]( https://www.globenewswire.com/news-release/2026/05/19/3297383/0/en/Open-Source-Stays-Open-Percona-Sponsors-pgBackRest-to-Keep-PostgreSQL-Backups-Running.html ) о присоединении к финансированию pgBackRest. Компания заявила, что поддержка позволит вернуть Дэвида Стила к активной работе над проектом, выделить время на исправление ошибок, разработку новых возможностей и ревью изменений от сообщества. Кроме того, Percona намерена участвовать в подготовке нового сопровождающего, чтобы проект не оказался снова завязан на одного человека.

Из важных деталей:

•

Разработка не остановится.
После апрельского объявления о фактической остановке проекта ситуация изменилась: pgBackRest продолжит развиваться, а сопровождающий возвращается к работе.

•

Финансирование теперь коллективное.
Проект больше не должен зависеть от одной компании. Это важный момент: прежняя модель уже показала свою хрупкость, когда потеря одного спонсора поставила под угрозу весь инструмент.

•

Планируется расширение команды сопровождения.
Один из выводов из кризиса — необходимость не только денег, но и передачи знаний. В проект хотят привлечь ещё одного сопровождающего, чтобы снизить риск повторения ситуации.

•

Пользователям PostgreSQL не нужно срочно мигрировать.
После архивирования репозитория часть администраторов начала обсуждать альтернативы вроде Barman и pgmoneta, но теперь у pgBackRest снова появился понятный путь развития. Для существующих установок это означает, что можно не принимать аварийных решений только из-за страха прекращения поддержки.

•

История стала напоминанием о цене инфраструктурного FOSS.
pgBackRest — не модная игрушка, а инструмент, от которого зависят резервные копии PostgreSQL в production. Но даже такие проекты часто держатся на одном-двух людях, пока бизнес воспринимает их как «бесплатную инфраструктуру из воздуха».

Технически pgBackRest остаётся тем же инструментом: поддерживаются полные, дифференциальные и инкрементальные резервные копии, параллельное выполнение операций, локальные и удалённые репозитории, проверка целостности, работа с несколькими хранилищами и архивирование WAL. Проект распространяется под лицензией MIT.

https://www.linux.org.ru/news/opensource/18297472

Представлен проект по созданию виртуального музея операционных систем, в котором собрана коллекция из более 570 операционных систем. Музей оформлен в виде образа виртуальной машины с Linux, подборкой эмуляторов и встроенным графическим интерфейсом для навигации по имеющейся коллекции. Пользователю предоставлена возможность ознакомления с каждой операционной системой вживую, путём её запуска в эмуляторе. Музей основан на коллекции эмуляторов, собиравшейся автором проекта с 2003 года.

https://www.opennet.ru/opennews/art.shtml?num=65486

Комитет FESCo (Fedora Engineering Steering Committee), отвечающий за техническую часть разработки Fedora Linux, принял решение удалить из репозитория Rawhide пакеты, связанные со средой рабочего стола Deepin из-за проблем с их сопровождением. Команде, отвечающей за формирование релизов Fedora, предписано не восстанавливать данные пакеты, в случае поступления заявки от группы deepinde-sig, без проведения их повторной проверки. Осенний выпуск Fedora Linux 45 выйдет без поддержки Deepin.

https://www.opennet.ru/opennews/art.shtml?num=65480

Google is again pressuring some longtime G Suite Legacy users to move onto paid Workspace plans, warning that accounts flagged as "commercial use" could lose access to Gmail, Drive, Calendar, and other services if appeals fail. "The trouble, according to users, is that the appeals system appears about as transparent as a brick," adds The Register. From the report: A reader alerted The Register to what appears to be a new crackdown on long-standing G Suite Legacy accounts, with similar complaints now piling up on Reddit from users accused of violating Google's non-commercial use policy, despite insisting they use the accounts only for family email and personal domains. Reports have been stacking up on Reddit's r/gsuitelegacymigration subreddit from users who say their long-running personal G Suite Legacy accounts are suddenly being classified as "commercial use" accounts and pushed toward paid Google Workspace plans by May 2026. A lot of users have been through this before. Google spent part of 2022 trying to wind down free G Suite Legacy accounts, then changed course after users running family domains made enough noise. Now some of those same users are being told they have fallen outside Google's rules after all.

Emails seen by The Register warn users their accounts have been "identified as being used for commercial purposes" and say Google may start suspending Gmail, Calendar, Drive, Meet, and other Workspace services if they do not either win an appeal or begin paying for Workspace subscriptions. "Please upgrade to a paid Google Workspace subscription to continue using your services. Look out for a notification regarding the appeal process in Google Admin console or email," the email reads. "If you don't take action during your 45-day appeal period, Google will begin suspending your Google Workspace core services, including Gmail, Calendar, Drive, and Meet. As a result, you will lose access to these core services and data." One wrongly-flagged user said the company reversed its decision after they filed a GDPR data request seeking evidence. Others were less fortunate, with some reporting that family-only custom domains were permanently classified as commercial despite failed appeals.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/20/0212227/google-accused-of-pushing-free-for-life-g-suite-users-onto-paid-plans?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from TechCrunch: The AI coding boom is now coming directly for Android app development. On Tuesday at Google IO 2026, the company announced new native Android app creation capabilities in its web-based Google AI Studio, shrinking a process that takes weeks of setup and coding down to minutes. The company also said that consumers will be able to use Gemini AI to find the apps they need, both on the Play Store and the web, expanding opportunities for developers to have their apps discovered.

Google says the new capabilities could make sense for anyone from a seasoned developer looking to prototype a new app quickly to a first-time creator. [...] The apps are built with the Kotlin programming language using Google's Jetpack Compose toolkit and with support integration with hardware sensors like GPS, Bluetooth, and NFC, the company says. However, the resulting creations, for now, are only meant to be used personally, as publishing for family and friends is still on the roadmap. The company suggests the technology could be used for the creation of personal utilities and simple social apps, hardware-enabled experiences, or AI-powered experiences. Google is also adding an "Ask Play" AI overlay to the Play Store that lets users discover apps through natural-language conversations. "Perhaps more importantly, apps will begin to be surfaced with users' conversations with Google's Gemini virtual assistant, exposing developers' apps to millions of users," adds TechCrunch.

[ Read more of this story ]( https://tech.slashdot.org/story/26/05/20/0224236/googles-ai-studio-now-lets-anyone-build-android-apps-in-minutes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The 2026 Commonwealth Short Story Prize is facing backlash after several winning entries were accused of being AI-generated, with one Caribbean winner's story flagged as fully AI-written by a detector that WIRED says it independently confirmed. From the report: Each year, the Commonwealth Foundation, a nongovernmental organization in London, awards its short story prize to one writer in each of five regions: Africa, Asia, Canada and Europe, the Caribbean, and the Pacific. One overall winner is then selected from that short list. Regional winners take home [about $3,350], while the top winner, to be announced next month, claims [about $6,700]. On May 12, the respected UK literary magazine Granta published the top five 2026 entries -- all previously unpublished, per the rules of the contest -- on its website. (It has hosted the winning submissions for the prize since 2012.) Within days, however, one entry aroused suspicion. "The Serpent in the Grove," a story by Jamir Nazir of Trinidad and Tobago, which had taken honors for the Caribbean region, struck a few people as bearing the stylistic tells of AI-generated text.

"Well, this is a first: a ChatGPT-generated story won a prestigious literary prize," wrote researcher and entrepreneur Nabeel S. Qureshi, a former visiting scholar of AI at the Mercatus Center at George Mason University, in a post on X on Monday. "'Not X, not Y, but Z' sentences everywhere, the 'hums' trope, and plenty of other obvious markers of AI writing. A major milestone for AI, at any rate..." "They say the grove still hums at noon," Nazir's mysterious and atmospheric tale begins. In his screenshot of the opening paragraphs, Quereshi highlighted the second line as what he considered to be a signature example of AI syntax: "Not the bees' neat industry or the clean rasp of cutlass on vine, but a belly sound -- as if the earth swallows a shout and holds it there."

As the literary community undertook a closer read of Nazir's story, many criticized its language and metaphors as nonsensical, wondering how the Commonwealth judges could have seen any merit to them. Others shared screenshots showing that the AI-detection tool Pangram flagged "The Serpent in the Grove" as 100 percent AI-generated, a result that WIRED independently confirmed. (While no AI-detection software is perfect, third-party analysis has consistently determined Pangram to be the most accurate, with a near-zero rate of false positives.)

[...] Besides Nazir, two more winning authors have drawn allegations of using AI in their work. Pangram finds that "The Bastion's Shadow," by Maltese writer John Edward DeMicoli, winner for the Canada and Europe region, is fully AI-generated; it scans "Mehendi Nights," by Indian writer Sharon Aruparayil, winner for the Asia region, as partly AI-generated. Neither DeMicoli nor Aruparayil immediately returned requests for comment when reached through their respective social media accounts. The other two short-listed stories, by Holly Ann Miller of New Zealand and Lisa-Anne Julien of South Africa, deliver "fully human-written" results from Pangram. Wired also reports that one of the judges for the prize has been "accused of using AI to craft her descriptive blurb that accompanied the listing of 'The Serpent in the Grove' as a regional winner.'" Pangram labels the text as "AI-assisted."

[ Read more of this story ]( https://slashdot.org/story/26/05/20/0636240/regional-winners-of-prestigious-literary-prize-suspected-of-using-chatbots?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Опубликован выпуск ONLYOFFICE DocumentServer 9.4 с реализацией сервера для online-редакторов ONLYOFFICE и организации совместной работы. Редакторы можно использовать для работы с текстовыми документами, таблицами и презентациями. Код проекта распространяется под свободной лицензией AGPLv3. Готовые сборки сформированы для Linux, Windows и macOS.

https://www.opennet.ru/opennews/art.shtml?num=65488

A long-running lawsuit over Vizio's Linux-based smart TV software is headed to trial in August, with the Software Freedom Conservancy arguing that GPL rules require Vizio to release complete source code owners could use to modify, maintain, or strip ads and tracking from their TVs. Ars Technica reports: The outcome could reverberate across the industry. Because many of today's popular smart TV operating systems are Linux-based, the case may help determine how much control many owners have over their sets. Access to the full code would allow users to make meaningful changes to how their TVs work, including limiting ads or deactivating automatic content recognition.

[...] The Software Freedom Conservancy argues it has the right to Vizio OS's source code because it owns several Vizio TVs and because the operating system is based on Ubuntu, a Linux distribution. (SFC employees bought seven Vizio TVs from 2018 to 2021 after getting complaints about Vizio not sharing its TVs' source code, according to the complaint.) In general, the Linux kernel is provided under the terms of GPLv2, as noted by kernel.org, which is run by the Linux Kernel Organization.

SFC's lawsuit alleges that Vizio breached GPLv2 and LGPLv2.1 by failing to make available the complete source code for Vizio OS. The case is currently in the Orange County Superior Court of the State of California. The lawsuit targets Vizio specifically, but the impact could extend to other Linux-based smart TV OSes such as LG's webOS, Samsung's Tizen, and Roku's Roku OS. "We expect all companies who distribute Linux and other software using right-to-repair agreements like the GPL in their products would comply with these agreements," Denver Gingerich, the director of compliance at SFC, told Ars. [...] SFC expects a ruling within three to six months of the conclusion of the trial, which is currently scheduled for August 10.

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/20/1625205/yearslong-fight-over-users-right-to-tweak-smart-tv-software-heads-to-trial?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Seagate CEO Dave Mosley said Monday that building new memory chip factories or adding capacity would "take too long" to keep up with AI-driven storage demand. "If we took the teams off and started building new factories or bringing up new machines, that would just take too long. You would end up with more capacity, but then you'd slow the rate of growth on that technology," Mosely said. CNBC reports: Memory chip stocks have soared in recent months as a flood of AI investing has sent demand soaring, with the chips a key part of the AI buildout in data centers. Chip production cycles stretch over many quarters for a single unit, and investors are increasingly wary of how long the leading memory makers can capture demand. CME Group is launching a new futures market for semiconductors, enabling more traders to lock in prices and hedge against the rising prices of computing power.

At Monday's conference, Mosely also addressed the "very long lead times" and maintaining predictability with its clients. "We know what's coming out a year from now," he said. "And we've basically gone to the customers and said, 'Look, if you want to plan this really well, which it should be for your data centers, we know what's coming out. You can buy this stuff up to a certain period.' And so we want to keep that four or five quarters of visibility very, very solid for what's being built. But the demand is significantly higher than that."

[ Read more of this story ]( https://hardware.slashdot.org/story/26/05/20/1637247/seagate-sparks-memory-sell-off-as-ceo-says-it-would-take-too-long-to-build-new-factories?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from TorrentFreak: A coalition of thirteen major publishers has won a massive $19.5 million default judgment against shadow library Anna's Archive. A New York federal judge fully approved the publishers' requests, issuing a broad permanent injunction that orders more than twenty specific global registries, hosts, and service providers to immediately disable the site's remaining domains. [...] At first glance, the damages award is the headline figure. Judge Rakoff granted the maximum statutory damages of $150,000 for each of the 130 "Works in Suit." This brings the final damages bill amount to a staggering $19,500,000. However, as with the $322 million judgment won by the music industry against Anna's Archive in the related Spotify case, it's highly unlikely that this money will be recouped.

For now, the operators of Anna's Archive remain strictly anonymous, which doesn't help either. The default judgment (PDF) addresses this and requires the operators to unmask their identities and provide a sworn statement with valid contact information to the court within 10 days. However, since the operators have previously stated they hide their identities to avoid "decades of prison time," it is safe to assume that the operators will simply ignore this request. The true power of this default judgment lies in the permanent injunction. Anna's Archive is known to evade enforcement and change domain names when needed, so the injunction targets the technical intermediaries that keep the site online.

Specifically, the injunction orders "all domain name registries and registrars of record" to permanently disable access to Anna's Archive's domains and prevent their transfer to anyone other than the publishers or the music industry plaintiffs in the related case. In addition to domain name services, the order also extends to international hosting providers, who are also ordered to stop working with the site. Leaving no room for interpretation, the order specifically names more than twenty companies and organizations. This includes familiar names like Cloudflare, Njalla, and DDOS-Guard, as well as the domain name registries of the site's current active domains [...]. The names include some intermediaries that were already listed in the Spotify default judgment, as well as new ones.

[ Read more of this story ]( https://yro.slashdot.org/story/26/05/20/1853257/annas-archive-hit-with-global-domain-takedown-order?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Longtime Slashdot reader Himmy32 writes: GitHub has announced on X that their internal repositories have been breached through a compromised VS Code Extension on an employee's workstation. Bleeping Computer reported that the attack is linked to TeamPCP who have been in the news for a recent campaign affecting Checkmarx, Trivy, SAP, TanStack, and Bitwarden. The group appears to be attempting to sell the stolen code on cybercrime forums. "Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately," the company said. "Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker's current claims of ~3,800 repositories are directionally consistent with our investigation so far."

Although the investigation remains ongoing, GitHub says it has "no evidence of impact to customer information stored outside of GitHub's internal repositories." The company has also not said whether it's in contact with the hackers or if it's received a ransom demand.

[ Read more of this story ]( https://it.slashdot.org/story/26/05/20/197246/githubs-internal-repos-breached-via-employees-use-of-malicious-vs-code-extension?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Red Hat has released RHEL 10.2 and 9.8 with new AI-assisted command-line tools. The releases also add updated developer toolchains such as Go 1.26, LLVM 21, Rust 1.92, Python 3.14, and PHP 8.4. Phoronix reports: Red Hat Enterprise Linux has introduced the goose command for power users. Goose is an optional CLI AI assistance with model context protocol (MCP) integration. There is also improved visual output via color output enhancements. As for their rationale with the new AI integration: "The business value: Faster problem resolution, and a quicker path for new administrators to become proficient. This translates into higher developer productivity and accelerated project timelines."

[ Read more of this story ]( https://linux.slashdot.org/story/26/05/20/203252/rhel-102-released-with-new-ai-command-line-assistance?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Ars Technica: Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other Chromium-based browsers. The proof-of-concept code exploits the Browser Fetch programming interface, a standard that allows long videos and other large files to be downloaded in the background. An attacker can use the exploit to create a connection for monitoring some aspects of a user's browser usage and as a proxy for viewing sites and launching denial-of-service attacks. Depending on the browser, the connections either reopen or remain open even after it or the device running it has rebooted.

The unfixed vulnerability can be exploited by any website a user visits. In effect, a compromise amounts to a limited backdoor that makes a device part of a limited botnet. The capabilities are limited to the same things a browser can do, such as visit malicious sites, provide anonymous proxy browsing by others, enable proxied DDoS attacks, and monitor user activity. Nonetheless, the exploit could allow an attacker to wrangle thousands, possibly millions, of devices into a network. Once a separate vulnerability becomes available, the attacker could use it to then compromise all those devices.

"The dangerous part here is that you can just have a lot of different browsers together that you can in the future run something on that you figure out," said Lyra Rebane, the independent researcher who discovered the vulnerability and privately reported it to Google in late 2022 in an interview. He said using the exploit code Google prematurely published would be "pretty easy," although scaling it to wrangle large numbers of devices into a single network would require more work. In the thread of Rebane's disclosure to Google, two developers said in separate responses that it was a "serious vulnerability." Its severity was rated S1, the second-highest classification.

Since its reporting 29 months ago, the vulnerability remained unknown except to Chromium developers. Then on Wednesday morning, it was published to the Chromium bug tracker. Rebane initially assumed the vulnerability was finally fixed. Shortly thereafter, he learned that, in fact, it remained unpatched. While Google removed the post, it remains available on archival sites, along with the exploit code. Google representatives didn't immediately respond to an email asking how and why it published the vulnerability and if or when a fix would become available. The exploit works by abusing Chromium's Browser Fetch API to open a service worker that remains persistently active. A malicious website can trigger it through JavaScript, creating a connection that can be used "for monitoring some aspects of a user's browser usage and as a proxy for viewing sites and launching denial-of-service attacks," reports Ars.

Depending on the browser, those connections "either reopen or remain open even after it or the device running it has rebooted," effectively turning the device into part of a "limited botnet."

[ Read more of this story ]( https://it.slashdot.org/story/26/05/20/2013252/google-publishes-exploit-code-threatening-millions-of-chromium-users?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Intuit is reportedly cutting about 3,000 jobs, or 17% of its workforce, as it restructures around AI and simplifies its corporate organization. TechCrunch reports: The layoffs come during a bad year for the tech workforce. The tech industry has already cut more than 100,000 jobs this year, per Statista, and is on track to outpace both 2024 and 2025 if the layoff trend continues. Companies such as Amazon, Block, Cisco, Cloudflare, Meta, Microsoft, and Oracle have let go of thousands of employees each, all of them citing a need to refocus expenditures around AI projects as a reason to cut jobs and restructure their organizations. [...]

Intuit, however, hasn't been perceived as a beneficiary of the AI boom, with its shares consistently underperforming in the broader S&P 500 over the past 12 months. The company has been caught up in the broader current of worries that traditional software-as-a-service firms will not be able to keep up or compete, as new and upcoming AI products and services threaten to change how software is developed and how it is used. In its fiscal second quarter ended January, Intuit reported revenue of $4.65 billion, a 17% increase, and net profit of $693 million, a 48% improvement compared to a year earlier. The company expects revenue to increase by about 10% in the third quarter, for which it will report results later today.

[ Read more of this story ]( https://slashdot.org/story/26/05/20/2038203/intuit-to-lay-off-over-3000-employees-to-refocus-on-ai?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Colossal Biosciences says it has grown chickens inside 3D-printed artificial eggshells. "The company says the egg technology could help conserve at-risk bird species," reports MIT Technology. "It could also play a role in a project to re-create the extinct giant moa, a flightless 12-foot-tall bird that once lived in New Zealand and laid four-liter eggs, larger than those of any living bird." From the report: The biotech company today claimed it has developed a "fully artificial egg" as part of its effort to resurrect extinct avian species, including birds like the dodo and the giant moa. But "artificial eggshell" would probably be a better description for the invention. It's an oval-shaped printed lattice, coated inside with a special silicone-based membrane that lets in oxygen, just as a real eggshell does. To generate birds, Colossal took recently laid chicken eggs and carefully poured their contents into the artificial shells, where they continued growing. A window on top lets researchers peek inside. "To see them all moving around in their artificial eggs was absolutely mind blowing," says Andrew Pask, the company's chief biology officer. "You really feel you can grow life outside of the womb."

[...] The work on the artificial eggshell was carried out in Dallas by Colossal's exogenous development team, or Exo Dev. That group is also trying to develop artificial wombs for mammals, starting with marsupials. "We're looking at every single facet of what's happening during a mammalian pregnancy to unpack exactly how we then go about recapitulating that," says Pask. For that team, an artificial eggshell is a relatively quick and easy technical win. That's because chickens are already an example of ex utero development. After an egg is laid, a small embryo sitting on top of the yolk starts growing, drawing nutrients from the yolk, the white, and even the shell, which provides calcium. (Colossal says it has to add ground-up calcium to the artificial eggs.)

In order to create a moa, Colossal will have to genetically alter another type of bird, changing potentially thousands of DNA letters. But so far, chickens are the only bird species that can be genetically engineered. And that's via a tricky process of editing stem cells that produce egg and sperm. Scientists have to add or delete DNA letters from these cells and then inject them back into an egg. The resulting bird will carry the genetic changes in its gonads -- and then be able to pass them on. Pask says Colossal's idea is that it could modify avian stem cells enough to produce moa-like sperm or eggs. But then you might have the odd situation of a chicken laying an egg with a moa embryo inside it. "You would have chickens making moa egg and moa sperm. But it's still a chicken egg," he says.

[ Read more of this story ]( https://science.slashdot.org/story/26/05/21/0112253/colossal-biosciences-is-growing-chickens-in-a-3d-printed-artificial-eggshell?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Проект ONLYOFFICE представил ONLYOFFICE Docs 9.4 — новую версию серверного офисного пакета для совместной работы с документами, таблицами, презентациями, PDF и формами. Релиз опубликован 19 мая 2026 года и включает заметное изменение для открытой Community-редакции: из неё убран прежний лимит в 20 одновременных подключений.

ONLYOFFICE Docs используется как самостоятельный [ Document Server ]( https://github.com/onlyoffice/documentserver ) или в составе интеграций с внешними платформами для совместной работы, включая ownCloud, Seafile, Moodle, Odoo и другие решения. Сам проект описывает Docs как онлайн-пакет редакторов для текстов, таблиц, презентаций, форм, PDF и диаграмм с поддержкой OOXML-форматов .docx, .xlsx и .pptx.

( [ читать дальше... ]( https://www.linux.org.ru/news/opensource/18298086#cut ) )

Проект ONLYOFFICE представил ONLYOFFICE Docs 9.4 — новую версию серверного офисного пакета для совместной работы с документами, таблицами, презентациями, PDF и формами. Релиз опубликован 19 мая 2026 года и включает заметное изменение для открытой Community-редакции: из неё убран прежний лимит в 20 одновременных подключений.

ONLYOFFICE Docs используется как самостоятельный [ Document Server ]( https://github.com/onlyoffice/documentserver ) или в составе интеграций с внешними платформами для совместной работы, включая ownCloud, Seafile, Moodle, Odoo и другие решения. Сам проект описывает Docs как онлайн-пакет редакторов для текстов, таблиц, презентаций, форм, PDF и диаграмм с поддержкой OOXML-форматов .docx, .xlsx и .pptx.

( [ читать дальше... ]( https://www.linux.org.ru/news/office/18298086#cut ) )

NASA Administrator Jared Isaacman says he expects China to fly taikonauts around the moon in 2027, "ratcheting up perceptions of a space race between China and the United States," reports SpaceNews. He is using that prospect to argue for a revamped Artemis strategy and an accelerated path toward a U.S. lunar return. From the report: "The next time the world tunes in to watch astronauts fly around the moon, which will likely be sometime in 2027, they will be taikonauts, and America will no longer be the exclusive power to send humans into the lunar environment," he said. While Isaacman has frequently discussed a race with China to be the next to land humans on the moon, this was one of the first times he predicted a 2027 Chinese crewed circumlunar mission. He repeated the comments later in the day at an industry reception.

China has not publicly announced plans for such a mission, which, as Isaacman described it, would likely be similar to NASA's Artemis 2 mission in April. There have been rumors of a mission along those lines, though, and an expectation of a roadmap of missions leading to a Chinese crewed landing by the end of the decade. So far, all the crewed missions to fly around, orbit or land on the moon have been flown by NASA: nine Apollo missions from 1968 to 1972 and Artemis 2. All the astronauts on those missions have been Americans except for Canadian Space Agency astronaut Jeremy Hansen on Artemis 2.

Isaacman has used the threat that China could land astronauts on the moon before NASA returns there as a rationale for revamping the Artemis lunar exploration program. In February, he announced that Artemis 3, which was to be a lunar landing attempt in 2028, will instead be a test flight in low Earth orbit in 2027, followed by a landing on Artemis 4 in 2028. In March, he changed other elements of Artemis at the agency's Ignition event, including effectively canceling the lunar Gateway to focus resources instead on a lunar base, while calling for a much higher cadence of robotic lander missions.

[ Read more of this story ]( https://science.slashdot.org/story/26/05/21/0123247/nasa-expects-chinese-crewed-mission-around-the-moon-in-2027?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Red Hat объявила о доступности новых выпусков корпоративного дистрибутива Red Hat Enterprise Linux 10.2 и Red Hat Enterprise Linux 9.8. Обновления развивают две поддерживаемые ветки RHEL и сосредоточены на трёх направлениях: подготовке инфраструктуры к постквантовой криптографии, автоматизации обновлений и развитии image-based-подхода к развёртыванию систем. В Red Hat отдельно подчёркивают, что новые версии ориентированы на гибридные инфраструктуры, edge-сценарии, контейнерные окружения и рабочие нагрузки, связанные с ИИ.

RHEL 10.2 продолжает развитие новой десятой ветки, тогда как RHEL 9.8 остаётся обновлением более консервативной девятой ветки. Для RHEL 9.8 запланирована поддержка в рамках EUS и Enhanced EUS, а для RHEL 10.2 — Enhanced EUS, что важно для организаций, которые фиксируются на конкретных минорных версиях и не хотят часто менять базовую платформу.

( [ читать дальше... ]( https://www.linux.org.ru/news/redhat/18298083#cut ) )

Состоялся выпуск WordPress 7.0 «Armstrong», очередной мажорной версии свободной системы управления контентом, распространяемой под лицензией GPLv2 или выше. Релиз был намечен на 20 мая 2026 года после переноса с апрельской даты: разработчики выпустили дополнительные RC-сборки, чтобы дотестировать архитектурные изменения перед финальной сборкой.

В [ WordPress 7.0 ]( https://make.wordpress.org/core/2026/05/14/wordpress-7-0-field-guide/ ) вошло более 419 исправлений и изменений в Core Trac, включая свыше 300 исправлений ошибок, а также сотни изменений в редакторе, панели управления и интеграции с ИИ.

( [ читать дальше... ]( https://www.linux.org.ru/news/internet/18297311#cut ) )

>>> [ Загрузить ]( https://wordpress.org/wordpress-7.0.tar.gz ) (прямая ссылка на тарболл)

Сегодня состоялся релиз стабильной версии веб-браузера Vivaldi 8.0. В новой версии разработчики полностью унифицировали интерфейс браузера, таким образом все панели инструментов теперь находятся на одной непрерывной поверхности - унифицированном фрейме, охватывающем весь браузер. Вместо сложенных друг на друга слоёв все составлено в одной визуальной плоскости. Это делает интерфейс более связным и логичным.

Кроме того, теперь пользователи могут выбрать один из предустановленных вариантов компоновки браузера, позволяющих быстро получить необходимую конфигурацию. Это можно сделать как в процессе начальной настройки при новой установке браузера, так и впоследствии через настройки браузера.

>>> [ Подробный список изменений ]( https://vivaldi.com/ru/changelog-vivaldi-browser-8-0/ ) .

https://www.linux.org.ru/news/proprietary/18298202

SpaceX has revealed its financials for the first time as it prepares for a potentially massive IPO. The New York Times reports: SpaceX's revenue soared to $18.7 billion in 2025, up 33 percent from a year earlier, the company disclosed in a filing required of firms that are seeking to go public. In the first three months of this year, revenue rose to $4.7 billion from $4.1 billion in the same period a year ago. But the company lost more than $4.9 billion last year, compared with a $791 million profit in 2024, as capital expenditures nearly doubled to $20.7 billion from heavy spending on artificial intelligence development. In the first three months of this year, SpaceX lost almost as much money as all of 2025, recording a $4.3 billion loss.

[ Read more of this story ]( https://news.slashdot.org/story/26/05/21/0343258/spacex-reveals-its-finances-for-the-first-time?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Компания Red Hat представила релиз дистрибутива Red Hat Enterprise Linux 10.2, а также обновление прошлой ветки - Red Hat Enterprise Linux 9.8. Готовые установочные образы доступны для зарегистрированных пользователей Red Hat Customer Portal (для оценки функциональности можно использовать общедоступные iso-образы CentOS Stream 10, а также бесплатные сборки RHEL для разработчиков). Выпуск сформирован для архитектур x86_64, s390x (IBM System z), ppc64le (POWER9), Aarch64 (ARM64) и RISC-V (preview). Обновления для выпуска RHEL 10.2 будут формироваться до мая 2032 года. Ветка RHEL 10 будет сопровождаться до 2035 года (+ 4 года расширенной платной поддержки), RHEL 9 - до конца мая 2032 года, а RHEL 8 - до 2029 года.

https://www.opennet.ru/opennews/art.shtml?num=65489