news
today's leftovers
-
Debian Family
-
Michael Prokop ☛ Michael Prokop: What to expect from Debian/trixie #newintrixie
Debian v13 with codename trixie is scheduled to be published as new stable release on 9th of August 2025.
I was the driving force at several of my customers to be well prepared for the upcoming stable release (my efforts for trixie started in August 2024). On the one hand, to make sure packages we care about are available and actually make it into the release. On the other hand, to ensure there are no severe issues that make it into the release and to get proper and working upgrades. So far everything is looking pretty well and working fine, the efforts seemed to have payed off. :)
As usual with major upgrades, there are some things to be aware of, and hereby I’m starting my public notes on trixie that might be worth for other folks. My focus is primarily on server systems and looking at things from a sysadmin perspective.
-
-
Open Hardware/Modding
-
Linux Gizmos ☛ DreamHAT+ Enables 60 GHz Radar Sensing on Raspberry Pi 4B and 5
Dream Boards has released the DreamHAT+ Radar, a compact add-on board that brings high-precision 60 GHz mm-wave radar capabilities to Raspberry Pi 4B and 5. Built around Infineon’s BGT60TR13C radar chip, the DreamHAT+ is designed for developers and researchers working on gesture recognition, presence detection, indoor tracking, and privacy-focused sensing, all without relying on cameras or microphones.
-
Linux Gizmos ☛ Raspberry Pi Expands Embedded Lineup with Low-Cost Radio and Camera Modules
This month, Raspberry Pi launched two new components for embedded designs. The $4 Radio Module 2 adds Wi-Fi and Bluetooth to RP2040 and RP2350 projects, while the Camera Module 3 Sensor Assemblies offer a compact way to integrate Raspberry Pi’s 12MP camera into custom hardware.
-
-
Windows TCO / Windows Bot Nets
-
SANS ☛ Critical Sharepoint 0-Day Vulnerablity Exploited CVE-2025-53770 (ToolShell)
The best write-up and details I found so far come from the Eye Security research team. They initially used CVE-2025-49704 and CVE-2025-49706 to identify the vulnerability. Later, Microsoft confirmed that this is a new issue and started using CVE-2025-53700. This latest issue appears to be a variation of the older vulnerabilities patched in this month's Patch Tuesday.
-
Security Week ☛ SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available
A patch is currently not available for the flaw, dubbed “ToolShell“, which Microsoft says is a variant of CVE-2025-49706.
-
The Register UK ☛ Microsoft warns on-prem SharePoint users of a zero-day
The US Cybersecurity and Infrastructure Security Agency (CISA) advises CVE-2025-53770 is a variant of CVE-2025-49706, a 6.3-rated flaw that Microsoft tried to fix in its most recent patch Tuesday update.
-
The Register UK ☛ UK uncovers novel Microsoft snooping malware, blames GRU
The malware targets the Windows operating system, running within Outlook, according to a technical analysis.
Authentic Antics periodically displays a login window that prompts the user to enter their credentials, and if they do, the malware steals the data, along with OAuth authentication tokens, which allow access to Microsoft services, including Exchange Online, SharePoint, and OneDrive.
-