Squid describes this as an attack by a trusted client: someone already permitted to use the proxy, not any random host on the internet. That matches Squid’s usual home, shared networks like schools, offices, and public Wi-Fi. In those setups, the attacker is just another user of the same proxy. The leak also only reaches traffic that Squid can read. Normal HTTPS rides an opaque CONNECT tunnel, so Squid never sees inside it; the exposed traffic is cleartext HTTP, plus TLS-terminating setups where Squid decrypts and inspects. The attacker also needs the proxy to reach an FTP server they control on port 21. Both FTP and that port are on by default.

[…] If you patch, verify the fix, not just the version. Confirm the guard is in FtpGateway.cc, or check your distribution’s backport, since distros ship their own builds (Debian packages Squid 5.7). The public thread is still inconsistent: maintainer Amos Jeffries first said Squid 7.6 carried the fix, then corrected that to 7.7, and on June 22 Debian’s Salvatore Bonaccorso noted the referenced commit looks like it is already in 7.6. The fix is small, a null-terminator check before the vulnerable strchr calls, merged to the development branch in April and v7 in May. Squid 7.6 does separately patch CVE-2026-50012, an unrelated cache_digest heap overflow.

The cleaner move is the one the researchers recommend anyway: turn FTP off. Chromium dropped FTP years ago, and most networks carry almost none of it, so disabling it removes this attack surface for free, whatever build you run. The risk is real but bounded. SUSE rates it moderate, CVSS 6.5, and the vector explains the score: the attacker needs proxy access (low privileges), and the only impact is confidentiality, nothing on integrity or availability.

The 67th edition of the TOP500 list of the world’s most powerful supercomputers was announced today at the ISC 2026 conference in Hamburg, Germany. LineShine, a previously unlisted system installed in China, debuts at No. 1, displacing El Capitan as the world’s most powerful supercomputer as measured by the High Performance Linpack (HPL) benchmark. LineShine achieved 2.198 Exaflop/s on HPL — about 80 percent of its 2.736 Exaflop/s theoretical peak — making it the first system on the TOP500 to exceed two exaflops of sustained double-precision performance using CPUs only.

Installed at the National Supercomputing Centre in Shenzhen (NSCS) and built by the Shenzhen Cloud Computing Center, the system is based on a custom Chinese processor and the “LingKun” platform: 13.79 million cores across 304-core LX2 processors running at 1.55 GHz, linked by the proprietary LingQi interconnect and running Kylin OS. LineShine draws approximately 42.2 megawatts of power, for an efficiency of 52.07 Gigaflops/Watt. Its debut marks the first time since 2017 that a Chinese system has led the TOP500, and it also takes over the No. 1 position on the HPCG ranking with 22.00 HPCG-Petaflop/s. On the HPL-MxP mixed-precision benchmark, LineShine reached 7.92 Exaflop/s for fourth place, a comparatively modest 3.6x speedup over its HPL score that points to a CPU-only design without dedicated low-precision accelerators.

The discussion that led to the decision to ban Sanger concluded with what an editor called a “clear consensus” to ban Sanger. “There is general agreement among participants that he has engaged in off-wiki canvassing and is not here to constructively build the encyclopedia,” the editor said in a note closing the discussion. “There is also a significant concern shared by many editors that his actions constitute calls for outing.”

While Sanger has been railing about bias on Wikipedia for years, the specific issue here is around his WikiProject Intellectual Diversity. WikiProjects are group efforts among Wikipedia volunteers to deal with certain issues on the site. […] Sanger’s WikiProject Intellectual Diversity, as its name implies, aims to bring more intellectual diversity to the site, mostly meaning more right-leaning perspectives. Sanger’s WikiProject Intellectual Diversity and its goals alone do not merit a ban according to Wikipedia’s policies. The problem, according to Wikipedia editors, is that during the discussion about whether to allow WikiProject Intellectual Diversity to become an official WikiProject, Sanger invited his 91,000 followers on X to influence that discussion.

Discussions about potential bans are supposed to remain open for at least 72 hours. While consensus that Sanger had violated Wikipedia policies was clear, Sanger was banned at some point before that deadline. He was then briefly unbanned, and then again indefinitely banned once 72 hours had elapsed and the discussion about the ban closed. “Wikipedia has become more of a mob-rule anarchy than ever,” Sanger said in a statement sent to me by a spokesperson. “In the kangaroo court in which a mob ousted me, Wikipedia’s administrators showed that they don’t appear to value details like formal charges, a designated prosecutor, basic decorum, distinction between prosecution and judge, dispassionate adjudication, and so forth. They have no proper system other than triggering a mob to selectively enforce their hodgepodge of vague rules.”

“Now that same mob has blocked me for trying to bring an intellectually diverse group of thinkers and editors to the site,” Sanger continued. “Subscribing to their groupthink is now an official requirement of being a member in good standing. Something must change, and now. I only wonder if the system as it currently stands can even allow the discourse necessary to fix the system.”

On Tuesday, Walmart announced that it is buying Vibe.co, the French self-serve ad platform that specializes in helping small brands buy streaming commercials with similar ease and precision as they get from search and social. Vibe has been vying for a bigger share of the ad dollars moving to connected TV, especially in the US, as evidenced by the company’s ubiquitous billboards in major cities including New York and San Francisco. Now, Vibe joins Walmart Connect’s commerce ecosystem alongside the smart TV maker Vizio. And Vibe’s tech is poised to help unify Walmart’s growing CTV footprint with the closed-loop attribution provided by its retail sales data.

[…] Together, Walmart and Vibe.co strive to “build the best ecosystem for the performance TV market,” Vibe CEO and Co-Founder Arthur Querou told AdExchanger. Performance CTV has a high ceiling for growth. The performance budgets dedicated for streaming platforms are still small potatoes compared to search and social, Querou said. Only one-quarter of CTV ad campaigns have lower-funnel objectives, and that number has been static for years, according to data from Advertiser Perceptions. Now that Walmart owns both Vibe and Vizio, advertisers should have an easier time tying streaming campaigns to shopper data. That promise stands to win Walmart more marketing dollars earmarked for retail media and streaming behemoths — including Amazon.

Walmart is especially interested in attracting more small- and medium-sized businesses (SMBs) who lack the tools, budgets or teams to invest in streaming TV, a Walmart spokesperson told AdExchanger. Other ad platforms, including MNTN and Magnite, have likewise targeted SMB advertisers as a source for continued growth in the CTV market. By adding Vibe.co, Walmart can court SMBs with the pitch that its new self-serve tools will make it easier for them to execute CTV campaigns. Plus, SMBs tend to prioritize performance campaigns, since they are under more pressure to justify tighter ad budgets and thus have to be more selective about which platforms they advertise on. And Walmart is better positioned than most platforms to prove its ads drove performance thanks to its retail data foundation.

Mr. Zuckerberg, the chief executive of Meta, recently dispatched a small team at his company to create a smartphone app similar to Polymarket and Kalshi, two employees with knowledge of the matter said. Users would not wager money, and the app would probably rely on a video game-like points system instead, one person said, though the company had not ruled out the eventual use of real money betting. The app is internally referred to as “Arena” and would function independently from Meta’s social networking apps, which include Facebook, Instagram, WhatsApp and Messenger, said the employees, who spoke on the condition of anonymity to discuss confidential plans. Meta aims to grow the app by leveraging its large social networking audiences and directing them toward using it, they said.

The effort, which insiders characterized as experimental but a top priority, is part of a broader push by Mr. Zuckerberg to create new types of apps based on emerging social behavior online. More than 3.56 billion people visit one or more of Meta’s apps every day, an amount that has raised questions about whether those platforms have reached a saturation point. Arena is one of a handful of apps that Meta is trying out. Others include one called Meta Photos, another stand-alone app which would create new types of media using artificial intelligence, the employees said. […] Meta insiders have cautioned that Arena remains in development and may not be released. But as executives search for ways to keep the world’s largest social media sites thriving, Mr. Zuckerberg appears to be relying on his well-worn product development strategy: Follow the users.

Under the proposal, consumers would be able to hold digital euros in a dedicated wallet, subject to a holding limit that has yet to be determined. The system would support both online and offline payments and is intended to offer a high degree of privacy, with the ECB unable to directly identify users from their payment data.

The ECB would provide the underlying infrastructure, while commercial banks and payment service providers would offer digital euro services to customers. Financial institutions are expected to be compensated for their participation in the scheme, while merchants will pay fees that are expected to be lower than those associated with current card transactions.

How that compensation should be structured remains one of the most contentious issues ahead of negotiations with EU member states, according to three sources familiar with the discussions. […] The European Parliament is expected to formalise the committee’s position during a plenary vote in Strasbourg in early July. Negotiations with the EU’s 27 member states would then begin, with lawmakers aiming to reach a final agreement before the end of the year.

As far as style and specs, the Meta Glasses aren’t that different from Ray-Bans. The internal specs are the same as the recently released Ray-Ban Meta Optics Styles, with slightly longer battery life. The Adventurer models have thinner rims, while the Fury models hew a bit closer to the Meta Ray-Ban Display with a bolder, chunkier frame. You could describe the Adventurer as square, and the Fury as even more square. The Kylie glasses sport a more unique design with a distinct Y2K flavor that I’m told is meant to be worn lower on your nose. […] While playing around with the Meta Glasses, it was hard not to notice that the camera appears smaller than in previous Ray-Ban glasses. Technically, Himel tells me, that’s not new to these Meta Glasses. It was actually introduced back in March with the prescription-optimized Optics Styles.

[…] Meta is quadrupling down on AI. The new Meta Glasses will all launch with Muse Spark, the first model out of Meta’s Superintelligence Labs. (It’ll also be arriving on older Ray-Ban and Oakley glasses in the US and Canada via a software update.) Supposedly, that means more helpful glasses. At my hands-on, I was told that Meta AI would now be less stiff. I’d be able to talk to it more naturally and get smarter responses. The AI now supports 14 more languages, including Arabic, Japanese, Mandarin, Hindi, and Korean. Pedestrian turn-by-turn navigation is also coming to Meta’s displayless glasses. Later this month, there’ll be a new “dynamic photo” feature that automatically takes multiple frames and then recommends the best one.

The software and cloud computing firm says it had around 141,000 full-time employees as of May 31, 2026, down from about 162,000 workers at the same time last year. The “deployment of AI technologies across our operations have resulted, and may continue to result, in reductions to our workforce,” the report says. The cuts, which amount to about 13% of Oracle’s workforce, are part of a wider trend among tech firms as they spend hundreds of billions of dollars on building AI infrastructure like data centers.

Britain is considering forcing social media companies to prioritize what the government called trusted news sources as part of its broader push to tighten regulation of the sector. The culture department said on Monday it was considering requiring platforms such as Meta’s Facebook, Alphabet-owned YouTube and TikTok to make content from public service media — including the BBC, ITV and Channel 4 — and other trusted news providers easier to find in users’ feeds and searches.

Boosting the visibility of regulated news providers could help tackle misinformation, particularly during crises, the government said. However, any move to influence how platforms rank content is likely to face scrutiny from the social media firms, which say such rules could override user choice and disadvantage other creators. The proposals form part of a broader overhaul of Britain’s public service media system to help broadcasters compete with streaming platforms and shifting viewing habits. Ministers are also considering widening public service media status to include online-only providers, extending free-to-air protections for major sporting events to on-demand viewing, and consulting on a shift to internet-based TV from 2034 or 2044.

The strategy calls for construction to start on two new large-scale reactors by 2035, for five more to be planned or under development by 2040 and for at least one reactor to be under construction outside Ontario by 2035. It also calls for a Canadian-made microreactor to be finalized by 2035 and deployed to a remote community by the late 2030s. […] Right now, Canada has four nuclear power plants — three in Ontario and one in New Brunswick — which generate about 15 per cent of Canada’s electricity.

A new proposed facility at the existing nuclear plant in Darlington, Ont., would see the first small modular reactor in the G7, capable of producing up to 300 megawatts per unit. Saskatchewan is also looking at the potential to bring small nuclear reactors online by the mid 2030s. The energy deal between Ottawa and Alberta also committed to collaborating on developing a strategy to build a nuclear power plant. Officials from Natural Resources Canada told reporters in a background briefing that construction of the reactors outlined in the new national strategy could cost more than $100 billion. The strategy does not say how Canada would pay for them, though an official pointed to the Canadian Infrastructure Bank and the Canada Growth Fund as possible funding sources. Hodgson said the strategy would double the 90,000 jobs in Canada’s nuclear sector “over the coming decades.”

The plan also looks to expand sales of Candu reactors to new export markets. It says the government wants to break into at least four new international markets by 2040 and “engage six to 10 new nuclear entrant markets over a 15-year horizon, cementing Canada as their partner of choice.” Thirty Candu reactors currently operate around the world, including in South Korea, China, India, Argentina, Pakistan and Romania, and there are plans to build two more. […] “Reactor exports are not transactional. They establish multi-decade partnerships, creating durable geopolitical and commercial relationships that advance Canada’s broader foreign policy interests,” the strategy says. “As Canada works to diversify its trading relationships and strengthen ties with middle powers, Candu can be a central instrument of that strategy.”

NASA’s next great observatory, the Nancy Grace Roman Space Telescope, arrived at the Kennedy Space Center aboard the agency’s massive Pegasus barge late Sunday morning. The spacecraft was nestled inside its protective case, which NASA nicknamed the “Chariot” in keeping with the “Roman” theme. That said, telescope is named not for the ancient empire, but instead for NASA’s first Chief of Astronomy, Nancy Grace Roman. “She was a key person in our exploration of space. She understood that in order to better understand the universe, you have to go in space,” said Lucas Paganini, the program executive for Roman. “That’s why she’s called the ‘Mother of Hubble’ because she made Hubble possible.”

[…] Roman is designed to operate near a fixed point in space called Lagrange Point 2, about 1.5 million km away from the Earth on the side opposite the Sun. It’s designed to operate there for a minimum of five years, but Paganini said with the propellant onboard, it will likely last for 10 years or more. The telescope is+ equipped with a 300 megapixel camera called the Wide Field Instrument, which features 18 detectors. It was developed by BAE Systems (formerly Ball Aerospace). “It’s going to allow us to observe at least 100 times wider field of view than what we can do with Hubble. Same resolution, but a wider area, 1000 times faster,” Paganini said. “So what takes Roman a year to observe, it would take Hubble thousands of years. So it’s definitely much more efficient.”

The observatory also features a chronograph instrument, developed by the Jet Propulsion Laboratory, which will allow Roman to observe the faint light of exoplanets near their stars. Paganini said Roman will also help scientists better understand dark matter and dark energy, the combination of which he calls the “dark universe.” “100 years ago, we discovered that the universe was expanding. 25 years ago, we discovered that it was expanding at an accelerated pace and that’s what led to a Nobel Prize,” Paganini said. “What we don’t quite know yet is if that acceleration is changing in ways. We don’t know if it’s actually dark energy, what is producing it, or is it simply that we don’t understand gravity at all. “So eventually, we’ll see if the laws of physics that we use these days are the right ones for what we are observing. But at the end is, we’re trying to understand a very human question, which is where do we come from and where are wea heading in this universe that is our neighborhood?”

Dozens of new robot arms have been installed at General Motors’ flagship electric vehicle factory in Detroit — even as 1,300 workers remain out of work following what was supposed to be a temporary layoff. The latest automation push has spurred union pushback over a potentially existential issue for automakers and their workers. General Motors installed approximately 50 robot arms at GM’s Factory Zero plant in Detroit, Michigan, according to reporting by Crain’s Detroit Business. Made by the Japanese robotics company FANUC, the robots are designed to help attach various components to vehicles during the assembly line process. But leaders at United Auto Workers (UAW), the primary US union for autoworkers, reacted with anger to the new robotic presence, given how GM has not yet called back any of the workers affected by supposedly temporary layoffs in March.

More than 1,000 union members are still “laid off indefinitely,” James Cotton, president of UAW Local 22, told The Detroit News. He said that the company could bring some of those members back to work instead of installing the 50 robots. The temporary layoffs were preceded by permanent layoffs involving another 1,200 workers at GM’s Factory Zero in October 2025. Many automakers, including Stellantis NV and Ford Motor Company, have deployed assembly-line robots, such as Fanuc robot arms, as they push to automate more of their US operations. Hyundai Motor Company plans to deploy Atlas humanoid robots made by Boston Dynamics — which Hyundai acquired in 2020 — to start working in the automaker’s flagship EV facility in Georgia by 2028.

In some instances, having a user copy and paste the salient bits of the email they are responding to might not be such a bad thing. We’ve all had emails that required epic amounts of scrolling to find what started the conversation, so forcing users to think about what they actually need to include is no bad thing. However, disrupting user workflows without warning — well, that is undoubtedly a bad thing.

This is, after all, one of the most basic things an email client needs to do, so shipping a product with a bug that breaks this functionality says more about Microsoft’s approach to quality than anything else.

Following the revelation, social media was deluged by comments from AMD consumers decrying the move. They noted that AMD’s quiet removal of TSME after supporting it for so long seemed underhanded. The move came solely as a result of firmware changes made in a recent update. With no physical changes required to silicon, continued support was largely, if not purely, a matter of will rather than a necessity required by changes to hardware. The critics called on AMD to reverse the move.

Over the weekend, AMD said it planned to do just that in a firmware update scheduled for release next month. More often than not, the chipmaker refers to TSME as Memory Guard. “Regarding certain non-PRO Ryzen 9000-series desktop processors, a BIOS option to enable Memory Guard was previously available but was removed in a recent update,” AMD said in an email. “Based on valuable community feedback, we will reinstate this option in an upcoming BIOS release in July.”

The company has yet to explain why it removed the protection. Critics speculate that AMD dropped it in an attempt to steer customers toward more costly CPUs. It’s possible, though, that there were less nefarious reasons, such as the difficulty of continued support as chip designs changed. Another possibility is that AMD made the move for performance reasons. Encrypting and decrypting data in memory creates latency. Slowdowns are the enemy of gamers, one of the more popular customer segments using the 9000-line of Ryzen processors. Since many gamers already voluntarily disabled TSME and had little need for it in the first place, AMD may not have considered the change of much consequence.

Valve says that “starting with the SteamOS 3.8 release, you can put together your own Steam Machine using whatever PC parts you want.” SteamOS 3.8.10 launched last week with a slew of updates, including “improved compatibility with recent Intel and AMD platforms.” Alongside that improved compatibility, Valve is giving gamers the green light to install SteamOS on their own desktops. In an interview with The Verge, Valve’s Pierre-Loup Griffais said Valve has been “rolling out improvements to [SteamOS] so it’s more compatible with desktop hardware,” including eventual support for Nvidia graphics. Griffais says Valve has “a growing team” working on Nvidia driver support for SteamOS, adding, “We’re collaborating with Nvidia very closely.” While he mentioned that Nvidia support might not come this year, Griffais emphasized that “it’s certainly something that we’re working on in the background.”

It’s technically been possible to run SteamOS on your own hardware for a while now, but compatibility has been mostly limited to AMD systems. So far installing it has also required using a Steam Deck recovery image, a process that, speaking from experience, is much less straightforward than the installation process for most other Linux distributions. Trying to run SteamOS on Intel or Nvidia hardware has not been easy so far. According to Griffais, Valve is working to change that, which could mean that down the line, you’ll be able to run SteamOS on just about any gaming PC hardware you want, including Nvidia.

For the more immediate future, Griffais says SteamOS in its current state should offer a “good experience” on console-like PC setups: “If you have something that is similar to the use case of a Steam Machine, where you have a PC that’s gonna be plugged into a TV, and has a single hard drive that you’re not going to try and dual boot [] you can put SteamOS on there, and you’ll have an experience that is very similar to a Steam Deck docked or a Steam Machine, with some caveats, of course,” like a lack of HDMI-CEC support. But “the core bits of the experience are there. The SteamOS graphics driver, the shader precompilation […] you can get at all of that with the SteamOS.”