jrollans.com is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
🖥️ alexpinel/Dot
Text-To-Speech, RAG, and LLMs. All local!
Integrates Text-To-Speech, RAG, and Large Language Models into a local environment for fully offline operation
⭐ Stars: 1908
📅 Last Update: Jun 05, 2026
https://github.com/alexpinel/Dot
#selfhosted #homelab #selfhost #selfhosting #opensource #local #offline
Pocket Casts adopts Liquid Glass design in latest podcast player app update
Pocket Casts for iOS has picked up a fresh visual overhaul this week. The latest version brings Apple’s Liquid Glass design language to one of the most popular podcast apps on the platform.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Deals: AirPods Pro 3 hit best price ever at $179, MacBook Pro $300 off, Series 11 $130 off, more
Today’s 9to5Toys Lunch Break is headlined by AirPods Pro 3 dropping even lower to the best price ever at $179 shipped (nearly 30% off) and all five AirPods Max 2 colors hitting the Amazon all-time low. We also have up t…
https://9to5mac.com/2026/06/10/deals-airpods-pro-240w-beats-cable-macbook-pro/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Random thought of the day: Having a few open source projects I wrote for myself on a weekend or two means having an endless wishlist / backlog - with no one to blame but myself if things don't get better.
In contrast, I've plenty of folks to thank - since I build on others great prior work!
A dedicated Apple Watch communication app is missing in watchOS 27
While the Apple Watch is gaining a handful of helpful features with watchOS 27, it’s also losing one that some users might miss.
https://9to5mac.com/2026/06/10/a-dedicated-apple-watch-communication-app-is-missing-in-watchos-27/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
AT&T launches new $3 ‘Unlimited Day Pass’ plan for iPad cellular
AT&T has announced a new ‘Unlimited Day Pass’ plan launching today that allows iPad users to activate cellular coverage on a convenient, per-need basis. Here are the details.
https://9to5mac.com/2026/06/10/att-launches-new-3-unlimited-day-pass-plan-for-ipad-cellular/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
First Look at #Audacity 4: A Beautiful and Modern Revamp of the Popular Open-Source Audio Editor https://9to5linux.com/first-look-at-audacity-4-a-beautiful-and-modern-revamp-of-the-audio-editor
Interview: Swift Student Challenge winners talk app inspiration, presenting to Tim Cook and John Ternus, more
While at Apple Park this week for WWDC, I had the opportunity to sit down with two Swift Student Challenge Distinguished Winners to talk about their apps and what it’s like giving a surprise demo to Tim Cook and John Te…
https://9to5mac.com/2026/06/10/interview-swift-student-challenge-winners-tim-cook-john-ternus/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Android war für viele von uns immer mehr als nur ein Smartphone-System – es stand auch für Offenheit, Freiheit und die Möglichkeit, Apps unabhängig vom Google Play Store zu nutzen.
Genau deshalb möchte ich heute auf die Seite hinweisen:
keepandroidopen.org/de
Besonders Projekte wie F-Droid verdienen Unterstützung. Ich nutze F-Droid selbst schon länger und schätze die Möglichkeit, freie und quelloffene Android-Apps unabhängig von großen Konzernen zu beziehen.
Die geplanten Änderungen rund um die verpflichtende Entwickler-Registrierung könnten alternative App-Stores und unabhängige Entwickler massiv unter Druck setzen. Viele Organisationen aus dem Bereich Open Source, Datenschutz und digitale Freiheitsrechte warnen bereits davor.
Wer Android als offenes System erhalten möchte, sollte sich das Thema einmal genauer anschauen.
#Android #FDroid #OpenSource #FOSS #KeepAndroidOpen #DigitaleFreiheit #Fediverse
Siri AI might display break reminders if conversations go on for too long
iOS 27 includes code references to break reminders that Siri may display after especially long conversations. Here are the details.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Flat Notes und Navidrome neu im Docker-Zoo http://elbosso.codeberg.page/flat_notes_navidrome_neu_docker_zoo.html#content
Ein weiteres Self-Hosting-Experiment hat zu zwei neuen
Diensten in meinem
Docker-Zoo
geführt...
#Virtualisierung #OpenSource #KW_24_2026 #Juni_2026 #Docker #Linux
I live in the terminal. lazygit, yazi, neovim — if it's a nice TUI I'm probably ricing it.
I care about privacy, local-first tools, and interfaces that don't get in the way.
Currently building enmasec — a password manager where even the metadata is encrypted. No cloud, no telemetry. An open vault shows you nothing but UUIDs.
Building in public. More updates soon.
#introduction #golang #TUI #opensource #privacy #buildInPublic
macOS 27 Golden Gate adds higher resolution support for ultrawide displays
One addition to macOS 27 Golden Gate that went unmentioned during yesterday’s WWDC keynote was the fact that the system has improved its ultrawide display support. Here are the details.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
YouTube wird wieder teurer: Das sind die kostenlosen Alternativen
#google #youtube #did #dut #freetube #didit #opensource #linux #unplugbigtech #unpluggoogle
Schulbildung macht mündig, Open-Source-Software ebenfalls
"„Ich finde Open-Source wichtig, weil man damit eine Art Unabhängigkeit hat“, sagt eine Schülerin, „Die Software, die wir verwenden, ist frei, oft kostenlos und ohne Werbung – das passt wie die Faust aufs Auge für eine Schule.“"
#DigitaleSouveränität #OpenSource #Linux #Schule #Bildung #DigitaleBildung #Open #DigitaleKompetenz #Freiheit #Lizenzkosten #Unabhängigkeit
Record AirPods Price Drops and a Rare Switch 2 Sale: This Week's Top Tech Deals
Multiple AirPods models hit record low prices this week, including the AirPods Pro 3 and AirPods Max 2. We're tracking these great discounts alongside an ultra rare discount on a new Switch 2 on Woot, plus a Summer sale…
https://www.macrumors.com/2026/06/13/best-apple-deals-of-the-week-6-12-26/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Save $500 on this beastly gaming rig with an RTX 5060 Ti 16GB, Ryzen 7800X3D, and 32GB of RAM — Skytech's…
Looking for a solid gaming PC but tired of seeing exorbitant prices on every retailer's website? We've got you covered with this prebuilt, equipped with high-quality components ready for 1440p gaming and more, with a cl…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
I’ve been working on something new!
Presenting YAMLRocks 🪨
A fast, correct YAML library for Python, written in Rust.
It fills a gap I kept running into: YAML 1.2 (and 1.1) correctness, safe defaults, includes, source locations, and round-trip editing that keeps comments and formatting intact. It is about 5 to 10x faster than PyYAML’s C loader! 🚀
Still early, pre-1.0 software, but already pretty useful.
More than 75 data center build-outs worth $130 billion have been successfully blocked in the first four m…
A research firm says the number of blocked data centers in the first quarter of 2026 already matches the number of projects stopped in 2025. The opposition also comes from both sides of the aisle, despite President Trum…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Netgear countersues TP-Link, saying firm 'remains, at its core, a Chinese company selling Chinese-made products' — alleges its 'American company' rebrand is false advertisi…
Netgear filed counterclaims against TP-Link in federal court in Delaware on June 11, accusing its larger rival of false advertising under the Lanham Act.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Nvidia raises RTX Pro 6000 Blackwell GPU pricing to $13,250 — 55% increase over MSRP in a year's time
Nvidia now sells the RTX Pro 6000 Blackwell graphics cards for $13,250, while partner offerings start at $11,359.99.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
My first 24 hours with Siri AI on the Mac
I turned off Siri on the Mac years ago and never looked back. Similarly, I found Apple Intelligence so fruitless I never engage with it. But the new Siri AI coming to macOS 27 Golden Gate has at least got me slightly re…
https://www.theverge.com/tech/949502/apple-macos-27-golden-gate-siri-ai-apple-intelligence
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
Amazon’s Fire TV Stick 4K Select drops to $17.99 in Prime Day runup
The budget 4K stick is 55% off as Amazon ramps up its early deals ahead of the main event.
https://www.androidauthority.com/fire-tv-stick-4k-select-deal-3676462/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
Ukraine used ten AI-controlled ‘Terminator’ drones to kill Russian soldiers two years ago, marking first autonomous killings o…
A watershed moment occurred on the battlefields of Ukraine in 2024 when 10 fully autonomous AI-controlled quadcopter drones were sent to the front lines against Russia with ‘Terminator Mode’ engaged.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
My yard is dying, so I made an app for that
When I returned to my computer five minutes after giving Gemini a lengthy prompt, I had two things: a functional app in a preview window, and a message about a bug. "~ Channel is unrecoverably broken and will be dispose…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
Anthropic cuts off Fable 5 and Mythos 5 access following government order
On Friday evening, the government ordered Anthropic to block access to Fable 5 and Mythos 5 for all foreign nations, both inside and outside the US, due to national security concerns. That order included employees of An…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
Echo Isle is a pint-sized adventure inspired by classic Zelda
Echo Isle is heavily inspired by The Legend of Zelda, and it's not afraid to show it: The retro graphics bear a striking resemblance to Link's Awakening, the main character wears a blue tunic and wields a sword, and he …
https://www.theverge.com/games/947136/echo-isle-review-pc
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
Like clockwork, the same kind of article comes back. "The best Linux for beginners." "The top 5 easy distros." Always recycled clickbait from sites that never booted half the distros they list. So which Linux should you actually start with?
Apple’s new AI photo editing tools mostly work, for better and worse
iPhone owners are getting real, native AI photo editing for the first time. The most popular camera in the world just got its first set of serious AI photo editing features, and I don't think any of us are ready. As far…
https://www.theverge.com/tech/949360/apple-ai-photo-edit-reframe-extend-clean-up-hands-on
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
A better way to manage all your screenshots
Hi, friends! Welcome to Installer No. 132, your guide to the best and Verge-iest stuff in the world. (If you're new here, welcome, happy soccer, and also you can read all the old editions at the Installer homepage.) Thi…
https://www.theverge.com/tech/949465/pool-screenshots-app-disclosure-day-installer
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
I always keep 3 devices connected to a power station - here's why
Using a portable power station to its full potential is ideal for getting your money's worth and enjoying uninterrupted power.
https://www.zdnet.com/article/3-things-i-keep-permanently-connected-to-a-power-station-and-why/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
The Anker SOLIX S2000 power station is an essential home backup beast
It can outlast any outage I have encountered.
https://www.androidauthority.com/anker-solix-s2000-review-3672761/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
📚 New Resource Available
If you're building applications that integrate with Mastodon, understanding authentication, media uploads, server differences, and API rate limits is essential.
Our latest guide walks through the entire integration process with practical examples and recommendations based on real-world implementation experience.
Read it here:
https://example.com/developer/mastodon-api-guide
Did anyone attend OSFS last month?
https://05f5.com/ – Open Source Founders Summit
― The conference about building financially successful and sustainable open source companies.
Yugabyte bets on open-source memory infrastructure for AI agents
<https://www.forkable.io/p/yugabyte-bets-on-open-source-memory> (Paul Sawers, 2026-05-12)
"… I check in with Karthik Ranganathan, CEO and co-founder of Yugabyte, an open-source database company now pushing into AI infrastructure with the launch of Meko, a new “memory layer” for AI agents.
Meko reflects how infrastructure companies are reassessing their role in the agentic AI stack. As agents take on longer-running tasks across multiple systems, the problems companies keep hitting — shared context and coordination — are ones distributed systems engineers would recognise immediately.
"Agents are working from inconsistent views of what's true right now," Ranganathan told me. "This is because there is no way to enforce a shared truth." …"
The best VPN routers of 2026: Expert tested and reviewed
Our guide lists the top routers on the market that provide VPN coverage throughout your entire home. We've ranked them based on speed, security, and reliability.
https://www.zdnet.com/article/best-vpn-router/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
The UK's digital infrastructure is a strategic asset.
But being dependent on US tech firms is a critical weakness.
Our systems can be hit with sanctions, our economy is damaged and our tech policy curbed.
Tell your MP we need Digital Sovereignty by 16 June ➡️ https://action.openrightsgroup.org/tell-your-mp-end-big-tech-rip/?mtm_campaign=big-tech-rip-off&mtm_source=mastodon
#BigTechRipOff #digitalsovereignty #techsovereignty #bigtech #opensource #palantir #ukpolitics #ukpol
As a longtime Android privacy nerd, here are 6 privacy apps I actually regret installing
Most of these apps aren't necessarily bad, they just didn't fit in with what I was looking for.
https://www.androidauthority.com/android-privacy-apps-i-regret-3671250/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
I usually avoid on-ear headphones, but Marshall has me seriously reconsidering
Marshall revamped its midrange headphones with stellar comfort, repairability, and a marathon battery life.
https://www.zdnet.com/article/marshall-milton-anc-review/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
Es wird wieder fleißig in vielen Reparaturcafés repariert und es gibt auch einige Termine für den Umstieg auf Linux! Schaut gerne mal, wann bei euch die nächsten Termine sind.
Ein Reparaturcafé ist eine gute Anlaufstelle um unabhängig Expertise zu euren defekten Geräten zu bekommen.
Heute, morgen und die nächste Woche in
#München #Mannheim #Bocholt #Papenburg #Emden #Esslingen #Heidelberg #Berlin #Landau #Starnberg #Hanau #Ludwigshafen #Erding #Hamburg #Essen #Hannover #Oldenburg #Darmstadt #Aachen #Stuttgart #Köln ... und viele mehr
Termine
https://www.reparatur-initiativen.de/termine
#Österreich
https://www.repaircafes.at/
#Schweiz
https://www.repair-cafe.ch/reparieren/
Auf #Linux umsteigen
https://endof10.org/de/places/
Digitale Unabhängigkeit: #diday am 5. Juli
https://di.day/de
So, nachem ich anfangs mit meinem privaten Mastodon Konto Werbung für unsere Gruppe gemacht habe gibt es nun auch das offizielle Linux User-Group Offenbach Mastodon Konto.
Also nochmal für alle die aus Offenbach oder dem Umkreis kommen - seit 12.04.2026 gibt es nun eine Linux User-Group direkt in Offenbach.
Phone battery draining fast? Malware is one of 8 possible factors - how to tell for sure
No battery lasts forever. But it's often in your power to extend its life. Here's our checklist for identifying the causes of battery degradation - and how to fix each one.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
We’ve cut Google enough slack for poor Pixel updates. Now it’s time to hold it accountable
Pixel updates have been a mess, and it needs to stop!
https://www.androidauthority.com/google-poor-pixel-updates-accountability-3661496/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
macOS 27 Golden Gate includes these changes that Tahoe critics will appreciate
macOS 26 Tahoe made some polarizing design choices that evoked strong responses from critics. While the new design in macOS 27 Golden Gate is still all about Liquid Glass, Apple’s new Mac operating system corrects a lot…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Apple TV just dropped trailers for two upcoming returning shows
Apple TV kicked off its best summer lineup ever last week with thriller series Cape Fear, and today the streamer released trailers for two returning shows coming soon.
https://9to5mac.com/2026/06/09/apple-tv-just-dropped-trailers-for-two-upcoming-returning-shows/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Volla Community Days 2026: Europe’s Bet on Independence from Big Tech
While most of the world operates within the Google and Apple ecosystems, a small group of European companies is building an alternative. This year’s…
https://vsx.global/volla-community-days-2026-europes-bet-on-independence-from-big-tech/
Technology moves fast, but continuous learning remains the most valuable skill. Stay curious, keep building, and share what you learn along the way.
#Technology #AI #OpenSource #Programming #Learning #Innovation
iOS 27 adds unique new setting to personalize your iPhone’s Lock Screen
iOS 27 adds a brand new Siri, new features in CarPlay and Apple Wallet, and more—including a unique clock setting to personalize your iPhone’s Lock Screen even more.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Guerre de l'open source et polémiques, tout ce qu'il faut savoir sur le lancement d'Euro Office par NextCloud
Je trouve ça triste que les équipes des projets open source en viennent se comporter comme les sociétés qui représentent le monde du propriétaire. Mais il est vrai que les parts de marché sont difficiles à acquérir et à conserver pour l’open.
Top watchOS 27 features that will enhance your Apple Watch
While watchOS 27 didn’t get much stage time during WWDC 2026, the next Apple Watch software update still packs some great new features. Here’s everything new coming to Apple Watch this fall so far.
https://9to5mac.com/2026/06/09/top-watchos-27-features-that-will-enhance-your-apple-watch/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
Nomad debuts limited edition Stand One in color-matching Stellar Orange
The Cosmic Orange iPhone 17 Pro has been my favorite color variation in years. I love how the color just pops. I even recently wrote about my Cosmic Orange-themed everyday carry. The Cosmic Orange color-matching continu…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #9to5Mac [9to5Mac]
How to See Which Mac Apps Will Stop Working After macOS Golden Gate
Apple is phasing out support for Rosetta 2, which is a feature that allows Intel-based apps to run on Apple silicon Macs. Rosetta is going to stop working for most apps in macOS 28, and when that happens, apps that use …
https://www.macrumors.com/2026/06/12/macos-golden-gate-rosetta-support/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Drei freie Office-Suiten gegen Microsoft 365 – und ihre Technik im Vergleich
Drei freie Office-Suiten fürs Web, drei völlig verschiedene Architekturen. Was Euro-Office, Collabora Online und die LibreOffice-Pläne technisch unterscheidet.
#DigitaleSouveränität #IT #LibreOffice #Microsoft #OfficeSuite #OpenSource #news
Three free office suites vs. Microsoft 365 – technology comparison
Three free web office suites, three architectures. What Euro-Office, Collabora Online, and LibreOffice plans differentiate technically.
#DigitaleSouveränität #IT #LibreOffice #Microsoft #OfficeSuite #OpenSource #news
Notion Is Migrating to SwiftUI, Apple Confirms at WWDC
Apple this week confirmed that Notion is migrating its user interface to SwiftUI, citing the app's desire for greater performance and UI consistency than its existing web-based stack can deliver. Notion is a productivit…
https://www.macrumors.com/2026/06/12/notion-is-migrating-to-swiftui/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Apple to Release These 15 New Products Later This Year
Apple's annual WWDC developers conference is drawing to a close, but there is still a lot to look forward to in the second half of the year. Apple is expected to release at least 15 more products later this year. Now th…
https://www.macrumors.com/2026/06/12/15-new-apple-products-rumored/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Record AirPods Price Drops and a Rare Switch 2 Sale: This Week's Top Tech Deals
Multiple AirPods models hit record low prices this week, including the AirPods Pro 3 and AirPods Max 2. We're tracking these great discounts alongside an ultra rare discount on a new Switch 2 on Woot, plus a Summer sale…
https://www.macrumors.com/2026/06/12/best-apple-deals-of-the-week-6-12-26/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
iOS 27 Adds Landscape Mode to More Apple Apps Ahead of 'iPhone Ultra'
iOS 27 enables landscape mode in more of Apple's built-in iPhone apps, including Apple Music, Podcasts, Fitness, Health, Reminders, Home, Shortcuts, Apple Watch, Find My, Weather, Voice Memos, Apple TV Remote, and other…
https://www.macrumors.com/2026/06/12/ios-27-landscape-mode-apps/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Apple Cut Frequencies in WWDC Keynote to Prevent Siri Activations
Apple appears to have modified the audio of this week's WWDC 2026 keynote video whenever "Siri" was mentioned, apparently in an effort to prevent viewers' nearby devices from waking inadvertently during the presentation…
https://www.macrumors.com/2026/06/12/apple-cut-frequencies-to-prevent-siri-activations/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
watchOS 27 Improves Apple Watch Performance in Seven Ways
Apple's software updates previewed during WWDC 2026 this week have followed a distinct pattern: introduce a handful of key new features, while maintaining a focus on refining the underlying platform architecture. watchO…
https://www.macrumors.com/2026/06/12/watchos-27-improves-apple-watch-performance/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
iOS 27: All the New Health and Fitness Features
Apple was rumored to be working on an AI health service, but it was scrapped well before the iOS 27 beta came out. It could resurface in the future, but for now, there are a handful of health and fitness changes in the …
https://www.macrumors.com/guide/ios-27-health-app/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Apple's Craig Federighi: Siri Won't Be Your AI Girlfriend
Apple software engineering chief Craig Federighi and marketing chief Greg Joswiak sat down for an interview with Mostly Human after during WWDC, discussing the iOS 27 Siri changes, Apple's take on AI, new child safety p…
https://www.macrumors.com/2026/06/11/apple-siri-ai-interview/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Valve just imported 13 tons of VR headsets in one day
On June 10th, the German container ship Posen docked in Los Angeles after a two-week voyage from Shanghai. As Valve watcher Brad Lynch notes, it was almost certainly carrying the first mass production shipments of the S…
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
What's New in the iOS 27 Photos App
The Photos app is one of a handful of apps that Apple paid extra attention to in iOS 27. It has multiple improvements to performance, and several quality-of-life upgrades. There are also new AI photo editing tools that …
https://www.macrumors.com/guide/ios-27-photos-app/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Every code generation LLM model available will at some point suggest insecure code as a part of “code completion”. Should this behavior be considered a vulnerability?
#security #opensource #programming
https://sethmlarson.dev/are-insecure-code-completions-a-vulnerability
Nvidia preps to sell its Vera CPUs into China as its GPU sales stay frozen — customers encouraged to place orders for CPU shipments as early as August
Nvidia has told Chinese clients that its Arm-based Vera server CPUs could be available as soon as August.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Amazon Prime Day
Amazon Prime Day
https://www.tomshardware.com/tag/prime-day
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
A quick opensource update - "minion" - my command line
journal software - now supports MacOS.
Thanks to a fix from the first contributor to the rebooted version on CodeBerg! Thank you!
Watching sports at home? I'd change these 4 soundbar settings for the most optimal audio
Some of your favorite soundbar settings for music and movies aren't compatible with live sports broadcasts.
https://www.zdnet.com/article/soundbar-settings-sports-tips/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
Radeon RX 9070 XT finally appears in Steam Hardware Survey — RDNA 4 flagship surprisingly lands just behind RTX 5080
AMD’s Radeon RX 9070 XT graphics card has finally penetrated the Steam Survey video card results table, going straight in at position 25.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Nvidia's high-speed AI data center storage servers break cover, touting 2.9 petabytes of storage and extreme PCIe 6.0 performance — Wiwynn shows off SC…
Wiwynn is among the first to demonstrate Nvidia SCADA server that promises to offer AI systems petabytes of ultra-fast storage thanks to GPU-accelerated storage acceleration.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
@autistics
Announcement: #Voxelibre multiplayer casual game tomorrow (Sat) for 4 hours in the late afternoon to evening (North America). That's in about 24 hours from now.
Voxelibre is a free and #OpenSource #Minecraft clone. More details here: https://docs.autis.toque.im/
Damage has been turned off. People with #Autism, #ADHD or #AuDHD are invited.
Republican lawmakers urge federal agency to block imports of infringing TSMC chips as patent ruling nears — five asserted U.S. patents come from United Microelectronics Corporation
Four Republican members of Congress have urged the U.S. ITC to block imports of foreign-made chips found to infringe U.S. patents
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Save $300 on Gigabyte's Gaming A16 gaming laptop at Walmart — Budget RTX 5060 -powered 16-inch laptop is now only $1,199
Save $300 on Gigabyte's Gaming A16 gaming laptop at Walmart. Budget RTX 5060 -powered 16-inch laptop is now only $1,199.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Running my own BizzFed instance - a federated, algorithm-free alternative to LinkedIn built on ActivityPub.
🔧 What I added to my fork:
SMTP relay (no Resend dependency)
Account migration wizard (Move activity)
Fixed language switcher (de/en/fr/es)
Fully translated feed UI
Instance: https://bizzfed.haxxors.com
Code: https://git.buechner.me/nbuechner/bizzfed
Thanks to René Hamdorf for the solid original BizzFed foundation!
Save a massive $751 on this RTX 5070 Ti gaming PC with a 9800X3D right now — liquid-cooled, 4K-ready Skytech rig with 32GB DDR5 and a 2TB SSD is now just $2,249
Save $750 on this Skytech gaming PC for gaming at 1440p and 4K, featuring a 9800X3D, RTX 5070 Ti, 32GB DDR5, and a 2 TB SSD.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Started a big one for @silex today
▶️ leaving GitHub for code hosting and CI/CD
First step: flattening our meta-repo architecture (git submodules) into a single monorepo, so we migrate one repo to Codeberg or @ow2 's gitlab
This work is funded by @nlnet 🇪🇺 and built in public: I'll toot the journey, the good and the ugly
If you are a Silex user, is it clear to you why GitHub is a problem for libre software?
Several police officers arrested for using controversial Flock AI license plate reader system to stalk romantic partners, says report — investig…
Tens of officers have been fired, and some even arrested, for abuse of the Flock license plate reader system used by police departments throughout the US, according to a new report.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Murena /e/ OS 4.0: Android fork facilitates Google services switch
The French company Murena has released the Google-free Android fork /e/ OS 4.0.
#Android #Datenschutz #Fairphone #Google #IT #Linux #Migration #Mobiles #OpenSource #news
Are Facebook and Instagram down? What to know about the Meta outage
Even Messenger and WhatsApp appear to be impacted on Friday morning.
https://www.zdnet.com/article/is-facebook-instagram-messenger-whatsapp-down/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
This single router antenna adjustment improved my internet speed more than I expected
Getting the best Wi-Fi performance requires strategic antenna positioning, proper router placement, and a bit of trial and error. Here's my advice.
https://www.zdnet.com/article/adjusting-router-antenna-fix-wi-fi-problems/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #ZDNet [ZDNet]
I've received some questions about my algorithm experiments. First off, I'm building this mainly for myself, since I often don't have time to scroll through posts chronologically and just want the best and most important bits from my social media. It's opt-in and currently only an experiment in my fork.
How the "For you" ranked feed on mementomori.social actually works:
First, the ground rules. Again, "For you" is opt-in on our instance. If you never touch the toggle, your home feed stays exactly as it is: chronological, complete, and untouched. Nothing below applies to you. We never turn it on without your consent, and every setting is stored and controlled by you.
Where the posts come from. The feed ranks the newest ~800 posts and boosts from people you follow. If you also enable "Include posts from people you don't follow," trending posts on the instance get mixed in, roughly one in every four slots, and your scrolling can continue through the trending pool once your own feed runs out.
How a post is scored. Every post receives one score made of four parts multiplied together:
1. Engagement: boosts count 3x, replies 2x, favourites 1x.
For posts from other instances, we use counts from their home instance so federation doesn't undercount them.
2. Your affinity to the author: how often you've favourited, boosted, or replied to that person in the last 30 days.
It's logarithmic, the 5th interaction matters much more than the 50th, so no one can dominate your feed just because you liked them a lot once.
3. Time decay: a post loses half its score every 6 hours. Old posts fade no matter how popular they are.
4. A touch of randomness (±10%) so the order isn't fixed.
Freshness. Every post shown to you goes to the back of the line for 2 days. That's why refreshing gives you new posts instead of showing the same viral hit again and again, and why "Load more" always digs deeper instead of repeating.
Housekeeping rules: boosts show the original post. Your own posts and boosts never appear. Private mentions never appear. Brand-new posts wait 15 minutes before entering so they have a bit of time to gather reactions first.
What it does NOT do: There's no tracking beyond one thing: a list of post IDs already shown to you, which auto-deletes after 2 days. No reading your posts, no content analysis, no machine learning, and no profile built about you.
The weights above are the entire model, and your instance admin can adjust every number. Hopefully, if this project matures, you'll be able to adjust every weight yourself.
Code for the curious:
https://github.com/mementomori-social/mastodon/pull/4
Siri is good now??
You'd be forgiven for thinking this day would never come. Siri has spent a decade and half somewhere between "sort of useful at a few things" and "utterly disastrous, why did I even try, can it honestly not even set a t…
https://www.theverge.com/podcast/949079/siri-ai-good-vergecast
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
Everyone says they want to share wearable data with doctors — but almost nobody is doing it
We're all tracking our health data and keeping it completely to ourselves.
https://www.androidauthority.com/wearable-data-not-shared-with-doctors-3677183/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
Proxmox Mail Gateway 9.1 erleichtert Kampf gegen Spam und verschlüsselt Backups
Das neue Proxmox Mail Gateway will mehr Komfort beim Mail-Handling bieten und die Möglichkeit, ihre Backups zu verschlüsseln.
#Datenschutz #EMail #IT #Linux #OpenSource #PostgreSQL #Spam #Verschlüsselung #news
I held the Trump phone
Where's the Trump phone? We're going to keep talking about it every week. We've reached out, as usual, to ask about the Trump phone's whereabouts. We don't have the phones we preordered yet, but this week included an un…
https://www.theverge.com/tech/948464/trump-phone-t1-hands-on
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
https://www.ebay.de/itm/117245434230
#ebay #ubuntu_phone #ubuntu #tab #ubuntu_mobile #linux #lenovotab @ubports@mastodon.social
RT @Kimi_Moonshot: 🌘 Kimi-K2.7-Code, unser neuestes Coding-Modell, ist jetzt veröffentlicht und quelloffen verfügbar!
mehr auf Arint.info
#AIRelease #CodeModel #DeveloperTools #KimiAI #MachineLearning #OpenSource #arint_info
FediSuite - Fediverse Management Platform
If you manage several Fediverse accounts, you're constantly juggling browser tabs, losing track of which input field belongs to which platform, and at some point you no longer know what you've already posted. #FediSuite brings everything together in one place.
Connect accounts from 19(+) #Fediverse platforms: #Mastodon, #Pixelfed, #Misskey, #Friendica, #PeerTube, #Loops, #Wordpress, #Vernissage and more. The app detects your instance type automatically, loads the correct character limit and media rules straight from your instance, and sets up the composer accordingly. No manual configuration needed.
The analytics go way beyond plain follower counts: daily engagement charts, follower growth, your best posting times as a heatmap, hashtag performance, and a tips engine that evaluates your actual data and gives you concrete suggestions based on your own numbers.
Schedule posts down to the minute in your own time zone. Background workers handle publishing reliably, with resume handling for rate limits and atomic delivery.
FediSuite is free and #OpenSource under the GPL-3.0. Anyone can host their own FediSuite #instance and get it added to the official list automatically.
If you find a bug, especially in the #SelfHosting setup, feel free to report it. The project is being actively developed, and real-world bug reports are among the most valuable contributions right now. The CONTRIBUTING.md explains how it works.
The project lives on donations. Donations guarantee and make it possible for FediSuite to keep going and keep being developed. To support FediSuite, click the yellow button on the website.
More info: https://www.fedisuite.com
Summer Upgrade Week
The sun is out, the sky is clear. It’s time to get outside and disconnect — from work, at least. This summer, we’re looking at all the ways to upgrade our free time indoors and out, from smart lights for the backyard to…
https://www.theverge.com/tech/942658/summer-upgrade-week-2026
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
@AutisticInnovator I'm sorry to hear about all the difficulties! I hope you succeed despite all those nasty people.
I've had a lot of bots on my websites, and I set up Anubis on most of them. Anubis was a pain to configure (took a lot of tinkering to understand how it all worked)! But I'm grateful that is was #OpenSource
Attack wave on Arch Linux: hundreds of package descriptions with malware in AUR
Arch Linux defends itself against a wave of attacks that have massively contaminated package descriptions in the unofficial Arch User Repository with malware.
Security Advisory: CVE-2025-52290 - NULL Pointer Dereference in FFmpeg H.264 Reorder Frame Handling
Processing a crafted media file with `ffmpeg` can trigger a segmentation fault in `avpriv_h264_has_num_reorder_frames()`, causing a denial of service.
Summary:
FFmpeg can crash while demuxing a malformed MPEG/MP4 input that causes H.264 data to be handled through a mismatched AAC `AVCodecContext`. In the observed crash path, the demuxing code reaches `has_decode_delay_been_guessed()` and calls `avpriv_h264_has_num_reorder_frames()` with an invalid or uninitialized H.264 parameter-set state. The function then dereferences `ps.sps` without sufficient validation and triggers a `SEGV` read in `libavcodec/h264dec.c:64`.
The issue is reproducible with the provided PoC media file and was observed in both a standard build and an AddressSanitizer build.
CWE:
CWE-476 - NULL Pointer Dereference
Affected Component:
```
libavcodec/h264dec.c:64
Function: avpriv_h264_has_num_reorder_frames()
libavformat/demux.c:757
Function: has_decode_delay_been_guessed()
```
Affected Product:
FFmpeg / ffmpeg command-line media processing tool.
Affected Version:
The issue was reproduced on FFmpeg version `N-119856-gbe46370941` and commit:
```
be46370941405fb04402d96373a53e2a1846f3ac
```
The local environment notes also reference a tested FFmpeg commit:
```
52441bd4cd0e85bf007473bd2eada2b2083aacf5
```
Attack Conditions:
An attacker supplies a specially crafted media file to a workflow that invokes FFmpeg on attacker-controlled input. This can be a local batch/transcoding workflow, or a network-facing media-processing service that accepts uploads and processes them with FFmpeg.
The crash can be reproduced with:
```
./ffmpeg -i ./1_poc.mp4 -f null
```
No elevated privileges are required. User interaction depends on the deployment model: interactive use requires a user to process the malicious file, while automated upload/transcoding services may trigger the crash without direct user interaction.
Impact:
The observed impact is denial of service due to abnormal process termination. AddressSanitizer reports a `SEGV` caused by a read memory access in:
```
avpriv_h264_has_num_reorder_frames libavcodec/h264dec.c:64:17
```
The prepared materials at the CVE request also note the potential impact on code execution, however, I have not demonstrated any control flow hacking or an exploit to execute working code.
References
- Issue/(+ primary email-report): https://github.com/sigdevel/pocs/blob/main/res/FFmpeg/ffmpeg/1/1_libavcodec_h264dec.c.64_17.md
- PoC: https://github.com/sigdevel/pocs/blob/main/res/FFmpeg/ffmpeg/1/1_poc.mp4
Credits
Alexander A. Shvedov (@sigdevel)
#fuzzing #infosec #security #aflplusplus #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #ffmpeg
Security Advisory: CVE-2025-55648 - Heap Buffer Overflow in GPAC MP4Box Opus Packet Parser
Processing a crafted MP4 file containing corrupted Opus sample-size data with `MP4Box` can trigger a heap buffer overflow in `gf_opus_parse_packet_header()`, causing a crash and potential memory corruption impact.
Summary:
The `gf_opus_parse_packet_header()` function in `media_tools/av_parsers.c` does not sufficiently validate the input buffer length before parsing Opus packet headers. When MP4Box processes a crafted MP4 file with corrupted sample-size (`stsz`) data, the parser reads beyond the bounds of a heap-allocated sample buffer.
AddressSanitizer reports a `heap-buffer-overflow` at `media_tools/av_parsers.c:11297`, with a `READ of size 1` 1242 bytes past a 32-byte heap region allocated by `Media_GetSample()`.
CWE:
CWE-122 - Heap-based Buffer Overflow
Affected Component:
```
media_tools/av_parsers.c:11297
Function: gf_opus_parse_packet_header()
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
MP4Box versions 2.4 and earlier are affected according to the prepared CVE/MITRE data. The issue was reproduced on a GPAC build at commit:
```
61bbfd2e89553373ba3449b8ec05b5f098d732a5
```
Attack Conditions:
An attacker supplies a crafted MP4 file containing corrupted Opus sample-size (`stsz`) data. The issue can be reproduced locally with:
```
./MP4Box 12_poc.mp4 -dxml
```
No elevated privileges are required. The CVE text describes the attack as network/context-dependent because attacker-controlled media may be processed by MP4Box in automated workflows; manual processing also triggers the issue.
Impact:
The immediate observed impact is Denial of Service due to process termination. Because the bug reads beyond a heap allocation, information disclosure may be possible. The local MITRE data also notes potential arbitrary code execution risk, though the observed ASAN trace is an out-of-bounds read.
Fix / mitigation status:
The local CVE/MITRE data references GPAC fix commit:
```
cea49f684dbc4d53ecd6c76a9623838802a68d88
```
Users should update to a GPAC build containing this commit or later. The affected Opus parser should validate sample buffer length and `stsz`-derived packet sizes before reading packet header fields.
References:
- Issue: https://github.com/gpac/gpac/issues/3190
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/12/12_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/cea49f684dbc4d53ecd6c76a9623838802a68d88
Credit:
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #aflplusplus #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
Security Advisory: CVE-2025-55642 - Divide by Zero in GPAC MP4Box AVI Demuxer
Processing a crafted AVI-like media file with `MP4Box` can trigger a division by zero in `avidmx_process()`, causing a floating-point exception and Denial of Service.
Summary:
The `avidmx_process()` function in `filters/dmx_avi.c` does not sufficiently validate frame-count metadata before using it as a divisor during bitrate computation. When MP4Box processes a specially crafted input with invalid AVI frame metadata, such as a `0/256` frame declaration, the DASH processing path attempts to compute bitrate from the bitstream and divides by zero.
AddressSanitizer reports an `FPE` at `filters/dmx_avi.c:639`.
CWE:
CWE-369 - Divide by Zero
Affected Component:
```
filters/dmx_avi.c:639
Function: avidmx_process()
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
GPAC MP4Box v2.4 is affected according to the CVE request data. The issue was reproduced on a GPAC build at commit:
```
f87b30611380e4dcd03cd4dd9ac553c0ec336826
```
Builds before the fix commit `cea49f684dbc4d53ecd6c76a9623838802a68d88` should be considered affected if they contain the vulnerable AVI demuxer bitrate computation path.
Attack Conditions:
An attacker supplies a crafted AVI-like media file with invalid frame metadata. The issue is triggered while processing the file through MP4Box DASH segmentation, for example with a `-dash` command using `14_poc.mp4`.
No elevated privileges are required. User interaction is required when the victim manually processes the malicious media file, or an automated workflow invokes MP4Box on attacker-controlled input.
Impact:
The immediate observed impact is Denial of Service due to an uncaught floating-point exception and process termination. No evidence of arbitrary code execution was observed.
Fix / mitigation status:
The issue was fixed in GPAC commit:
```
cea49f684dbc4d53ecd6c76a9623838802a68d88
```
Users should update to a GPAC build containing this commit or later. The affected code should validate `num_frames` and related AVI metadata before using frame counts in bitrate calculations.
References:
- Issue: https://github.com/gpac/gpac/issues/3196
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/14/14_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/cea49f684dbc4d53ecd6c76a9623838802a68d88
Credit:
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #aflplusplus #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
Security Advisory: CVE-2025-55644 - Use-After-Free in GPAC MP4Box
Processing a crafted MP4 file with invalid BIFS GlobalQuantizer commands causes gf_node_get_tag() to access a freed 192-byte QuantizationParameter node at scenegraph/base_scenegraph.c:1263, resulting in a heap use-after-free and crash.
Summary:
During MPEG-4 BIFS scene decoding, BM_ParseGlobalQuantizer() in bifs/memory_decoder.c first calls gf_node_unregister() at line 176 to release a QuantizationParameter node, freeing the 192-byte heap region. Without clearing the stale pointer, the function then calls gf_node_get_tag() on the same address at line 181, performing a READ of 8 bytes at offset 0 into the freed region. A crafted MP4 containing invalid GlobalQuantizer BIFS commands, corrupted ODF descriptors, and malformed box types (PEC1808, fre) reliably triggers this free-then-use sequence through the -svg dump path.
CWE:
CWE-416 - Use After Free
Affected Component:
```
scenegraph/base_scenegraph.c:1263
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
MP4Box 2.4 and earlier; tested at commit f5b7cdc63a7f3269040778c5431a8f6c310bc9f3
Attack Conditions:
An attacker supplies a locally accessible crafted MP4 file embedding invalid BIFS scene data. The victim runs MP4Box -svg on the file to trigger BIFS scene parsing. No elevated privileges are required.
Impact:
The use-after-free causes a fatal crash (Denial of Service). Use-after-free vulnerabilities can allow attackers to control freed heap memory contents and potentially redirect execution flow; code execution cannot be excluded.
Fix / mitigation status:
The issue was fixed in GPAC commit:
```
63eccc33d4a2b731ebb31581ff5673a2c0b13ad4
```
Users should update to a GPAC build containing this commit or later.
References:
- Issue: https://github.com/gpac/gpac/issues/3246
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/20/20_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/63eccc33d4a2b731ebb31581ff5673a2c0b13ad4
Credit:
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
Security Advisory: CVE-2025-55652 - Heap Buffer Overflow in GPAC MP4Box VP Configuration Handling
Processing a crafted MP4 file with malformed VP codec configuration data can trigger a heap buffer overflow in `gf_isom_vp_config_new()`, causing a crash and potential memory corruption.
Summary:
The `gf_isom_vp_config_new()` function in `isomedia/avc_ext.c` does not sufficiently validate buffer boundaries when creating VP codec configuration boxes. A crafted MP4 file with malformed VP codec data, including unknown box types such as `D0ncv` in `stsd`, can cause MP4Box to allocate an undersized box structure and then write VP/NALU configuration data beyond the allocation.
CWE:
CWE-122 - Heap-based Buffer Overflow
Affected Component:
```
isomedia/avc_ext.c:1962
Function: gf_isom_vp_config_new()
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
MP4Box versions 2.4 and earlier are affected according to the prepared CVE/MITRE data. The issue was reproduced on a GPAC build at commit:
```
74fecde32cd477ab097f3e6db55a32b259f3313d
```
Builds before the fix commit `ad3b541b4f38c8f0ef67544509598f8207ea1207` should be considered affected if they contain the vulnerable VP configuration allocation/write path.
Attack Conditions:
An attacker supplies a crafted MP4 file containing malformed VP codec configuration data. The issue can be reproduced locally with:
```
./MP4Box -dash 10000 ./18_poc.mp4
```
No elevated privileges are required. User interaction is required when the victim manually processes the malicious MP4 file, or an automated media workflow invokes MP4Box on attacker-controlled input.
Impact:
The immediate observed impact is Denial of Service due to process termination. Because the vulnerability is an out-of-bounds heap write, memory corruption and potential arbitrary code execution cannot be ruled out.
Fix / mitigation status:
The issue was fixed in GPAC commit:
```
ad3b541b4f38c8f0ef67544509598f8207ea1207
```
References:
- CVE: https://www.cve.org/CVERecord?id=CVE-2025-55652
- Issue: https://github.com/gpac/gpac/issues/3242
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/18/18_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/ad3b541b4f38c8f0ef67544509598f8207ea1207
Credit:
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
Security Advisory: CVE-2025-55643 - NULL Pointer Dereference in GPAC MP4Box TrackWriter Handling
Processing a crafted MP4 file during DASH segmentation can trigger a NULL pointer dereference in MP4Box TrackWriter handling, causing a Denial of Service.
Summary:
The DASH fragmentation path in `filters/mux_isom.c` does not sufficiently validate a `TrackWriter` pointer before accessing its members. A crafted MP4 file with malformed metadata boxes can cause the PID-to-track setup to fail, leaving the `TrackWriter` pointer NULL. The muxer then performs member access through the NULL pointer.
CWE:
CWE-476 - NULL Pointer Dereference
Affected Component:
```
filters/mux_isom.c:6621
Function/path: TrackWriter handling during fragmented MP4 muxing
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
MP4Box versions 2.4 and earlier are affected according to the prepared CVE data. The issue was reproduced on a GPAC build at commit:
```
74fecde32cd477ab097f3e6db55a32b259f3313d
```
Builds before the fix commit `ad3b541b4f38c8f0ef67544509598f8207ea1207` should be considered affected if they contain the vulnerable TrackWriter handling path.
Attack Conditions:
An attacker supplies a crafted MP4 file containing malformed metadata boxes, including malformed `mvcC` / `stsz` data. The issue can be reproduced locally with:
```
./MP4Box -dash 10000 ./17_poc.mp4
```
No elevated privileges are required. User interaction is required when the victim manually processes the malicious MP4 file, or an automated media workflow invokes MP4Box on attacker-controlled input.
Impact:
The immediate observed impact is Denial of Service due to process termination. No evidence of arbitrary code execution was observed.
Fix / mitigation status:
The issue was fixed in GPAC commit:
```
ad3b541b4f38c8f0ef67544509598f8207ea1207
```
Users should update to a GPAC build containing this commit or later. The affected muxing path should validate `TrackWriter` before member access and fail cleanly when track initialization fails.
References:
- Issue: https://github.com/gpac/gpac/issues/3240
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/17/17_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/ad3b541b4f38c8f0ef67544509598f8207ea1207
Credit
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
Angriffswelle auf Arch Linux: Hunderte Paketbeschreibungen mit Malware im AUR
Arch Linux wehrt sich gegen eine Angriffswelle, die massenweise Paketbeschreibungen im inoffiziellen Arch User Repository mit Malware verseucht hat.
Security Advisory: CVE-2025-55641 - NULL Pointer Dereference in GPAC MP4Box Sample Info Copy
Processing a crafted MP4 file with corrupted Sample Auxiliary Information metadata can trigger a NULL pointer dereference in `gf_isom_copy_sample_info()`, causing a Denial of Service and potential memory corruption impact.
Summary:
The `gf_isom_copy_sample_info()` function in `isomedia/isom_write.c` does not sufficiently validate pointers after handling invalid Sample Auxiliary Information (SAI) metadata. A crafted MP4 file can provide corrupted SAI values, such as an invalid `sai_samples` count, causing memory allocation or merge handling to fail. The import path later attempts to copy sample information from a NULL pointer.
AddressSanitizer reports a `SEGV` caused by a `READ` memory access at address `0x000000000000`, with the crash occurring at `isomedia/isom_write.c:8164`.
CWE:
CWE-476 - NULL Pointer Dereference
Affected Component:
```
isomedia/isom_write.c:8164
Function: gf_isom_copy_sample_info()
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
MP4Box versions 2.4 and earlier are affected according to the prepared CVE/MITRE data. The issue was reproduced on a GPAC build at commit:
```
f87b30611380e4dcd03cd4dd9ac553c0ec336826
```
Attack Conditions:
An attacker supplies a crafted MP4 file containing corrupted SAI metadata. The issue can be reproduced locally with:
```
./MP4Box -add 13_poc.mp4 -new /dev/null -split-size 500
```
No elevated privileges are required. User interaction is required when the victim manually processes the malicious MP4 file, or an automated media workflow invokes MP4Box on attacker-controlled input.
Impact:
The immediate observed impact is Denial of Service due to process termination. The local CVE/MITRE data also marks potential code execution impact; the observed ASAN trace is a NULL pointer read.
Fix / mitigation status:
The issue was fixed in GPAC commit:
```
e38d24b7e3cbdc24e70f0437bf390ac3f2080b52
```
Users should update to a GPAC build containing this commit or later. The affected code should validate SAI metadata, allocation results, and sample-info pointers before copying sample information.
References:
- CVE: https://www.cve.org/CVERecord?id=CVE-2025-55641
- Issue: https://github.com/gpac/gpac/issues/3195
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/13/13_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/e38d24b7e3cbdc24e70f0437bf390ac3f2080b52
Credit:
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
Security Advisory: CVE-2025-55649 - NULL Pointer Dereference in GPAC MP4Box ESD Mapping
Processing a crafted MP4 file with corrupted Elementary Stream Descriptor data can trigger a NULL pointer dereference in `gf_media_map_esd()`, causing a Denial of Service.
Summary:
The `gf_media_map_esd()` function in `media_tools/isom_tools.c` does not verify that `esd->URLString` is non-NULL before passing it to `strlen()`. When MP4Box processes a crafted MP4 file containing corrupted ESD data during fragmentation setup, `URLString` can be NULL and the process crashes while reading from address `0x000000000000`.
AddressSanitizer reports a `SEGV` in `strlen()`, with the GPAC call site at `media_tools/isom_tools.c:1359`.
CWE:
CWE-476 - NULL Pointer Dereference
Affected Component:
```
media_tools/isom_tools.c:1359
Function: gf_media_map_esd()
```
Affected Product:
MP4Box (GPAC Multimedia Open Source Project)
Affected Version:
MP4Box versions 2.4 and earlier are affected according to the prepared CVE/MITRE data. The issue was reproduced on a GPAC build at commit:
```
09e7063ed0a13b4cee9a180a56dcc21e9f9ade07
```
Attack Conditions:
An attacker supplies a crafted MP4 file containing corrupted ESD data. The issue can be reproduced locally with:
```
./MP4Box -frag 1500 11_poc.mp4
```
No elevated privileges are required. User interaction is required when the victim manually processes the malicious MP4 file, or an automated workflow invokes MP4Box on attacker-controlled media.
Impact:
The immediate observed impact is Denial of Service due to process termination. The crash is a NULL pointer dereference on the zero page; no evidence of arbitrary code execution was observed.
Fix / mitigation status:
The local CVE/MITRE data references GPAC fix commit:
```
10c16d54659b1b82dd49573dfeacfa9a5627a115
```
Users should update to a GPAC build containing this commit or later. The affected code should validate `esd`, `esd->URLString`, and related ESD fields before string operations.
References:
- Issue: https://github.com/gpac/gpac/issues/3183
- PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/11/11_poc.mp4
- Fix: https://github.com/gpac/gpac/commit/10c16d54659b1b82dd49573dfeacfa9a5627a115
Credit:
@sigdevel (Alexander A. Shvedov)
#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory #media #gpac
You can now beat ChatGPT Codex rate limits, if you have friends
OpenAI launches a new (temporary) referral system that rewards you and a friend with bankable rate limit resets.
https://www.androidauthority.com/openai-chatgpt-codex-rate-limit-resets-referral-program-3677035/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
Homebrew 6.0 sichert Paketquellen ab
Homebrew 6.0 ist da: Externe Paketquellen müssen sich künftig als vertrauenswürdig erweisen. Dazu gibt es eine Linux-Sandbox und eine schnellere Standard-API.
#IT #Linux #macOS #OpenSource #Security #Softwareentwicklung #news
Murena /e/ OS 4.0: Android-Fork soll Umstieg von Google-Diensten erleichtern
Das französische Unternehmen Murena hat den Google-freien Android-Fork /e/ OS 4.0 veröffentlicht.
#Android #Datenschutz #Fairphone #Google #IT #Linux #Migration #Mobiles #OpenSource #news
Spotify’s hated disco ball icon is finally gone for good
Spotify's latest iOS update quietly ended a month of disco-themed misery.
https://www.androidauthority.com/spotify-disco-ball-icon-gone-3677022/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
Aus dem Linux-Magazin 07/2026 (geschrieben von @veit und mir):
Wie LLM-Agenten Open-Source-Projekte gefährden
https://www.linux-magazin.de/ausgaben/2026/07/gefahr-durch-llms/
AAPL Stock Slides Following WWDC, But Analysts Broadly Raise Targets
Apple shares have lost roughly $25 per share this week following the company's WWDC 2026 keynote, though a wave of upward analyst price target revisions suggests Wall Street's longer-term view of Apple remains construct…
https://www.macrumors.com/2026/06/11/aapl-stock-slides-following-wwdc/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Apple Agrees to Let Jon Prosser Formally Contest iOS 26 Leak Lawsuit
Apple and leaker Jon Prosser have jointly asked a federal court to set aside the default judgment entered against him last October, with Prosser agreeing to hand over documents he had thus far failed to fully produce. A…
https://www.macrumors.com/2026/06/11/apple-agrees-to-let-jon-prosser-contest-lawsuit/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Siri won’t be your AI girlfriend
‘Listen, that's not what I'm here for, right?' | Image: Apple Our early testing has already shown that Siri AI knows when to shut up, and that's very much by design. In an interview with Mostly Human, Craig Federighi sa…
https://www.theverge.com/tech/948890/siri-wont-be-your-ai-girlfriend
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TheVerge [The Verge]
Telegram’s Wear OS app makes a comeback, now with full chats, voice notes, and more
Telegram finally fits on your wrist properly.
https://www.androidauthority.com/telegram-wear-os-return-3677006/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
Touchscreen MacBook '100% Confirmed,' Says Reputable Leaker
Apple's first touchscreen MacBook is now "100% confirmed," according to the prolific Chinese leaker known as Instant Digital, who appears to have insider information from sources in the supply chain. The leaker made the…
https://www.macrumors.com/2026/06/11/touchscreen-macbook-confirmed-leaker/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
The End of uBlock Origin in Chrome: What's Really Changing and What to Do About It
In early June 2026, it was confirmed that Chrome was also losing its last technical capabilities that had kept…
Asahi Linux warns against upgrading to macOS 27 “Golden Gate”
Users of Asahi Linux should not update to the beta version of macOS 27 “Golden Gate,” the project currently warns.
Asahi Linux warnt vor Upgrade auf macOS 27 „Golden Gate“
Nutzer von Asahi Linux sollen nicht auf die Beta-Version macOS 27 „Golden Gate“ aktualisieren, warnt das Projekt aktuell.
The Galaxy Z Fold 7 is finally getting the S26’s Galaxy AI features
Samsung's foldable phones are now getting S26-exclusive Galaxy AI features.
https://www.androidauthority.com/galaxy-z-fold-7-one-ui-update-ai-features-3676999/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #AndroidAuthority [Android Authority]
WWDC 2026 Keynote Marked a Major Departure From Previous Years
Apple's WWDC 2026 keynote broke from a longstanding format tradition, abandoning the platform-by-platform structure that has defined the annual developer conference for years in favor of a theme-driven presentation. Pre…
https://www.macrumors.com/2026/06/11/wwdc-2026-keynote-major-departure/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
Apple Maps to Get These 10 New Features in iOS 27
Apple Maps is getting a range of new features in iOS 27, headlined by an upgraded Flyover experience that uses AI to improve the realism and detail of its aerial imagery. Flyover is a longstanding feature of Apple Maps…
https://www.macrumors.com/2026/06/11/apple-maps-to-get-these-10-new-features-in-ios-27/
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #MacRumors [MacRumors]
OpenAI bans China-linked ChatGPT accounts that amplified US data center electricity price backlash — used AI-generated cartoons to st…
OpenAI says it has banned two clusters of ChatGPT accounts it believes are operating from China, and that used its models for covert influence campaigns targeting U.S. tech and policy debates.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
@delta Thanks for making a consistent client experience on all platforms. The #iPadOs client is great, and this despite the #Apple ecosystem being quite an awkward fit to #OpenSource projects.
Memory famine compels GPU vendors to re-release 2020 graphics cards — GeForce RTX 3060 and GeForce RTX 3050 return to Asian market
Graphics card manufacturer Manli adds new GeForce RTX 3060 and GeForce RTX 3050 SKUs to its portfolio.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
RT @RyanLeeMiniMax: Hallo zusammen — unsere Hochleistungs-MSA-Kernbibliothek ist jetzt Open-Source. Die M3-Gewichte werden voraussichtlich diesen Freitag veröffentlicht. Vielen Dank für eure Geduld! Github: https://github.com/MiniMax-AI/MSA Paper: https://github.com/MiniMax-AI/MSA/blob/main/docs/MiniMaxSparseAttention.pdf
mehr auf Arint.info
#AI #DeepLearning #MachineLearning #MiniMax #MSA #OpenSource #arint_info
After spat with Chinese gov't, Meta cuts AI Manus off from its internal systems and is 'sunsetting' platform, report claims — Beijing-ordered breakup of $2 billion AI deal begins
Meta has finished separating its operations from Manus, the Chinese-founded agentic AI startup it acquired for roughly $2 billion in December.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Watching the World Cup online is easier with these VPN deals — deals for watching the FIFA World Cup 2026
A choice of VPN subscriptions to cover you over the FIFA World Cup 2026 and beyond. Stay safe online for less.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]
Massive 8TB SD cards are set to ship 'shortly' after a two-year delay — mind-blowing storage at possibly bank-breaking prices
Notebookcheck reports that 8TB SD cards will soon hit the retail market, although an exact launch date and pricing remain a mystery.
#Tech #Technology #TechNews #AI #Gadgets #Software #Cybersecurity #Apple #Google #Microsoft #Startup #OpenSource #TomsHardware [Tom's Hardware]