Do you waddle the waddle?
M5Stack has introduced the PaperColor, a compact development board built around the ESP32-S3R8 processor and a 4-inch Spectra 6 full-color e-paper display. The platform combines wireless connectivity, onboard sensors, audio hardware, battery operation, and expansion interfaces for low-power IoT and embedded display applications.
Kickstarter recently featured the IDO Claw campaign, a compact ARM-based system from Wireless-Tag designed for local OpenClaw deployment. The fanless platform combines the Rockchip RK3576 processor with LPDDR5 memory, onboard storage, dual Gigabit Ethernet, and hardware video acceleration for always-on AI and edge workloads.
Automotive Grade Linux (AGL) has announced the initial availability of its open source SoDeV reference platform for software-defined vehicles (SDVs), along with the addition of five new project members. The platform combines the AGL Unified Code Base (UCB) with Linux containers, VirtIO, Xen, Zephyr RTOS, and additional Linux Foundation technologies for automotive software development.
A proof-of-concept is available as ssh-keysign-pwn, taking advantage of the __ptrace_may_access() function in the Linux kernel, skipping the dumpable check when task->mm == NULL. As such, do_exit() runs exit_mm() before exit_files() (no mm, fds still there) and pidfd_getfd(2) succeeds in that window when the caller’s uid matches the target’s.
Ubuntu 26.04 LTS was released on April 23rd, 2026, but the upgrade path wasn’t open until now, not for Ubuntu 25.10 users and not for Ubuntu 24.04 LTS users. Of course, you can always force the upgrade with the update-manager -d command, but I wouldn’t recommend doing so as you might end up with a broken system.
Some of the highlights of KDE Plasma 6.7 include per-screen virtual desktops, Wayland session restore, a global push-to-talk feature, a dedicated setup UI for configuring shared printers, a “multi-GPU swapchain” feature for Vulkan support, and a full-featured print queue viewer app.
Fragnesia (CVE-2026-46300) is a bug in the IPsec XFRM ESP-in-TCP subsystem, part of the Dirty Frag vulnerability class. It’s called Fragnesia because the skb “forgets” that a frag is shared during coalescing. The good news this time is that the mitigations for Dirty Frag also apply to Fragnesia.
Coming three weeks after PipeWire 1.6.4, the PipeWire 1.6.5 release is here to add a whole bunch of extra security checks and hardening fixes to the pipewire-pulse server, improve renegotiation in audioconvert when the graph rate changes and the resampler is disabled, and fix a crash in ALSA when logging.
The Sovereign Tech Agency is well known for funding open source projects through its Sovereign Tech Fund program, and it provided over €24.6 million EUR in funding to support more than 60 open source projects globally, including big names like Python Software Foundation, FreeBSD, Eclipse Foundation, OpenStreetMap Foundation (OSMF), and Drupal.
The cancellation of RightsCon 2026 is a stark reminder that when opportunities for civic engagement are neutralized, so are stakeholders’ voices. In this case, civil society was denied the ability to meet in person in Lusaka last week to share ideas and opportunities for how to address some of the most urgent digital challenges of our time.
Two years ago, in May 2024, my wife and I responded to the first-ever lawsuit against us. Now, 2 years later, we get to tell our stories. We sued back (counterclaims) in September 2024 [1, 2] and once the tables got turned some truly malicious actions began. So we document these. The public needs to be aware.
There is a lot more to come. █