MI5 has warned U.K. lawmakers that Chinese intelligence operatives are using LinkedIn and recruitment fronts to target them for information gathering and long-term cultivation. PBS reports: Writing to lawmakers, House of Commons Speaker Lindsay Hoyle said a new MI5 "espionage alert" warned that Chinese nationals were "using LinkedIn profiles to conduct outreach at scale" on behalf of the Chinese Ministry of State Security. "Their aim is to collect information and lay the groundwork for long-term relationships, using professional networking sites, recruitment agents and consultants acting on their behalf," he said. MI5 issued the alert because the activity was "targeted and widespread," he added.

The MI5 alert cited LinkedIn profiles of two women, Amanda Qiu and Shirly Shen, and said other similar recruiters' profiles were acting as fronts for espionage. Home Office Minister Dan Jarvis said that apart from parliamentary staff, others including economists, think tank consultants and government officials have been similarly targeted. Jarvis said the government is rolling out a series of measures to tackle the risk, including investing 170 million pounds ($224 million) to renew encrypted technology used by civil servants to safeguard sensitive work. Opposition parties say authorities are not doing enough and are too wary of jeopardizing trade ties with China.

More than a half dozen federal departments and agencies have backed a proposal to ban future sales of the most popular home routers in the United States on the grounds that the vendor's ties to mainland China make them a national security risk, Washington Post reported Thursday, citing people briefed on the matter. From the report: The proposal, which arose from a months-long risk assessment, calls for blocking sales of networking devices from TP-Link Systems of Irvine, California, which was spun off from a China-based company, TP-Link Technologies, but owns some of that company's former assets in China.

The ban was proposed by the Commerce Department and supported this summer by an interagency process that includes the Departments of Homeland Security, Justice and Defense, the people said. "TP-Link vigorously disputes any allegation that its products present national security risks to the United States," Ricca Silverio, a spokeswoman for TP-Link Systems, said in a statement. "TP-Link is a U.S. company committed to supplying high-quality and secure products to the U.S. market and beyond."

If imposed, the ban would be among the largest in consumer history and a possible sign that the East-West divide over tech independence is still deepening amid reports of accelerated Chinese government-supported hacking. Only the legislated ban of Chinese-owned TikTok, which President Donald Trump has averted with executive orders and a pending sale, would impact more U.S. consumers.

Nvidia is taking a $1 billion stake in Nokia, sending the Finnish telecom giant's shares up 22%. The two companies also struck a partnership to co-develop next-generation 6G and AI-driven networking technology. CNBC reports: The two companies also struck a strategic partnership to work together to develop next-generation 6G cellular technology. Nokia said that it would adapt its 5G and 6G software to run on Nvidia's chips, and will collaborate on networking technology for AI. Nokia said Nvidia would consider incorporating its technology into its future AI infrastructure plans. Nokia, a Finnish company, is best known for its early cellphones, but in recent years, it has primarily been a supplier of 5G cellular equipment to telecom providers.

Critics question why basic flaws like buffer overflows, command injections, and SQL injections are "being exploited remain prevalent in mission-critical codebases maintained by companies whose core business is cybersecurity," writes CSO Online. Benjamin Harris, CEO of cybersecurity/penetration testing firm watchTowr tells them that "these are vulnerability classes from the 1990s, and security controls to prevent or identify them have existed for a long time. There is really no excuse." Enterprises have long relied on firewalls, routers, VPN servers, and email gateways to protect their networks from attacks. Increasingly, however, these network edge devices are becoming security liabilities themselves... Google's Threat Intelligence Group tracked 75 exploited zero-day vulnerabilities in 2024. Nearly one in three targeted network and security appliances, a strikingly high rate given the range of IT systems attackers could choose to exploit. That trend has continued this year, with similar numbers in the first 10 months of 2025, targeting vendors such as Citrix NetScaler, Ivanti, Fortinet, Palo Alto Networks, Cisco, SonicWall, and Juniper. Network edge devices are attractive targets because they are remotely accessible, fall outside endpoint protection monitoring, contain privileged credentials for lateral movement, and are not integrated into centralized logging solutions...

[R]esearchers have reported vulnerabilities in these systems for over a decade with little attacker interest beyond isolated incidents. That shifted over the past few years with a rapid surge in attacks, making compromised network edge devices one of the top initial access vectors into enterprise networks for state-affiliated cyberespionage groups and ransomware gangs. The COVID-19 pandemic contributed to this shift, as organizations rapidly expanded remote access capabilities by deploying more VPN gateways, firewalls, and secure web and email gateways to accommodate work-from-home mandates. The declining success rate of phishing is another factor... "It is now easier to find a 1990s-tier vulnerability in a border device where Endpoint Detection and Response typically isn't deployed, exploit that, and then pivot from there" [says watchTowr CEL Harris]...

Harris of watchTowr doesn't want to minimize the engineering effort it takes to build a secure system. But he feels many of the vulnerabilities discovered in the past two years should have been caught with automatic code analysis tools or code reviews, given how basic they have been. Some VPN flaws were "trivial to the point of embarrassing for the vendor," he says, while even the complex ones should have been caught by any organization seriously investing in product security... Another problem? These appliances have a lot of legacy code, some that is 10 years or older.
Attackers may need to chain together multiple hard-to-find vulnerabilities across multiple components, the article acknowleges. And "It's also possible that attack campaigns against network-edge devices are becoming more visible to security teams because they are looking into what's happening on these appliances more than they did in the past... "

The article ends with reactions from several vendors of network edge security devices.

Thanks to Slashdot reader snydeq for sharing the article.

An anonymous reader quotes a report from Ars Technica: Donald Trump is eyeing taking equity stakes in quantum computing firms in exchange for federal funding, The Wall Street Journal reported. At least five companies are weighing whether allowing the government to become a shareholder would be worth it to snag funding that the Trump administration has "earmarked for promising technology companies," sources familiar with the potential deals told the WSJ.

IonQ, Rigetti Computing, and D-Wave Quantum are currently in talks with the government over potential funding agreements, with minimum awards of $10 million each, some sources said. Quantum Computing Inc. and Atom Computing are reportedly "considering similar arrangements," as are other companies in the sector, which is viewed as critical for scientific advancements and next-generation technologies. No deals have been completed yet, sources said, and terms could change as quantum-computing firms weigh the potential risks of government influence over their operations. [...]

The administration will lean on Deputy Commerce Secretary Paul Dabbar to extend Trump's industry meddling into the quantum computing world, the WSJ reported. A former Energy Department official, Dabbar co-founded Bohr Quantum Technology, which specializes in quantum networking systems that the DOE expects will help "create new opportunities for scientific discovery." While the firm he previously headed won't be eligible for funding, Dabbar will be leading industry discussions, the WSJ reported, likely hyping Trump's deals as a necessary boon to ensure US firms dominate in quantum computing. A Commerce Department official denied the claims, saying: "The Commerce Department is not currently negotiating equity stakes with quantum computing companies."

In August, the Trump administration took a 10% stake in Intel to help fund factories that Intel is currently building in Ohio.

An anonymous reader quotes a report from Ars Technica: On Monday afternoon, Amazon confirmed that an outage affecting Amazon Web Services' cloud hosting, which had impacted millions across the Internet, had been resolved. Considered the worst outage since last year's CrowdStrike chaos, Amazon's outage caused "global turmoil," Reuters reported. AWS is the world's largest cloud provider and, therefore, the "backbone of much of the Internet," ZDNet noted. Ultimately, more than 28 AWS services were disrupted, causing perhaps billions in damages, one analyst estimated for CNN.

[...] Amazon's problems originated at a US site that is its "oldest and largest for web services" and often "the default region for many AWS services," Reuters noted. The same site has experienced two outages before in 2020 and 2021, but while the tech giant had confirmed that those prior issues had been "fully mitigated," apparently the fixes did not ensure stability into 2025. ZDNet noted that Amazon's first sign of the outage was "increased error rates and latency across numerous key services" tied to its cloud database technology. Although "engineers later identified a Domain Name System (DNS) resolution problem" as the root of these issues and quickly fixed it, "other AWS services began to fail in its wake, leaving the platform still impaired" as more than two dozen AWS services shut down. At the peak of the outage on Monday, Down Detector tracked more than 8 million reports globally from users panicked by the outage, ZDNet reported. Ken Birman, a computer science professor at Cornell University, told Reuters that "software developers need to build better fault tolerance."

"When people cut costs and cut corners to try to get an application up, and then forget that they skipped that last step and didn't really protect against an outage, those companies are the ones who really ought to be scrutinized later."

An anonymous reader quotes a report from BleepingComputer: U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code. The company states that it first became aware of the breach on August 9, 2025, with its investigations revealing that the attackers had gained long-term access to its system, including the company's BIG-IP product development environment and engineering knowledge management platform.

F5 is a Fortune 500 tech giant specializing in cybersecurity, cloud management, and application delivery networking (ADN) applications. The company has 23,000 customers in 170 countries, and 48 of the Fortune 50 entities use its products. BIG-IP is the firm's flagship product used for application delivery and traffic management by many large enterprises worldwide. [...]

F5 is still reviewing which customers had their configuration or implementation details stolen and will contact them with guidance. To help customers secure their F5 environments against risks stemming from the breach, the company released updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM clients. Despite any evidence "of undisclosed critical or remote code execution vulnerabilities," the company urges customers to prioritize installing the new BIG-IP software updates.

OpenAI and Broadcom are working together to develop and deploy 10 gigawatts of custom AI chips and computing systems over the next four years, a high-profile partnership aimed at satisfying some of the startup's immense computing needs. From a report: OpenAI plans to design its own graphics processing units, or GPUs, which will allow it to integrate what it has learned from developing powerful artificial-intelligence models into the hardware that underpins future systems. As part of the agreement announced Monday, the chips will be co-developed by OpenAI and Broadcom and deployed by the chip company starting in the second half of next year. The new agreement will be worth multiple billions of dollars, people familiar with the matter said.

Broadcom specializes in designing custom AI chips that are specifically tailored to certain artificial-intelligence applications. It began working with OpenAI on creating a custom chip 18 months ago, and the companies broadened their partnership to include work on related components, including server racks and networking equipment.

BrianFagioli shares a report from NERDS.xyz: NASA has awarded Solstar Space a $150,000 SBIR Phase I contract to develop a Lunar Wi-Fi Access Point (LWIFI-AP). The system is designed to provide wireless connectivity for astronauts, rovers, and orbiting spacecraft as part of the Artemis and Commercial Lunar Payload Services programs. Solstar's goal is to build a space-rated, multi-band, multi-protocol access point that can survive radiation, extreme lunar temperatures, and other harsh conditions. NASA has identified Wi-Fi and 3GPP standards as core communication needs across mission systems ranging from the Human Landing System and Lunar Terrain Vehicle to the Lunar Gateway.

Although this is only an early-stage contract, Solstar's proposal addresses a clear gap in space-qualified networking hardware. The company says that just as Wi-Fi transformed daily life on Earth, it will be equally important for living and working on the Moon. If the project advances, astronauts could soon be relying on familiar wireless technology that has been adapted for one of the most challenging environments in existence.

Neon Mobile, now the No. 2 social networking app in Apple's U.S. App Store, pays users up to $30 per day to record their phone calls and sell the data to AI companies. The app claims to only capture one side of a call unless both parties use Neon, but its terms grant sweeping rights over recordings. TechCrunch reports: The app, Neon Mobile, pitches itself as a money-making tool offering "hundreds or even thousands of dollars per year" for access to your audio conversations. Neon's website says the company pays 30 cents per minute when you call other Neon users and up to $30 per day maximum for making calls to anyone else. The app also pays for referrals.

According to Neon's terms of service, the company's mobile app can capture users' inbound and outbound phone calls. However, Neon's marketing claims to only record your side of the call unless it's with another Neon user. That data is being sold to "AI companies," the company's terms of service state, "for the purpose of developing, training, testing, and improving machine learning models, artificial intelligence tools and systems, and related technologies."

Despite what Neon's privacy policy says, its terms include a very broad license to its user data, where Neon grants itself a: "...worldwide, exclusive, irrevocable, transferable, royalty-free, fully paid right and license (with the right to sublicense through multiple tiers) to sell, use, host, store, transfer, publicly display, publicly perform (including by means of a digital audio transmission), communicate to the public, reproduce, modify for the purpose of formatting for display, create derivative works as authorized in these Terms, and distribute your Recordings, in whole or in part, in any media formats and through any media channels, in each instance whether now known or hereafter developed." That leaves plenty of wiggle room for Neon to do more with users' data than it claims. The terms also include an extensive section on beta features, which have no warranty and may have all sorts of issues and bugs. Peter Jackson, cybersecurity and privacy attorney at Greenberg Glusker, told TechCrunch: "Once your voice is over there, it can be used for fraud. Now, this company has your phone number and essentially enough information -- they have recordings of your voice, which could be used to create an impersonation of you and do all sorts of fraud."

LinkedIn has said it will start using some member profiles, posts, resumes and public activity to train its AI models from November 3, 2025. From a report: Users are rightly frustrated with the change, with the biggest concern isn't the business networking platform will do so, but that it's set to be enabled by default, with users instead having to actively opt out. Users can choose to opt out via the 'data for generative AI improvement' setting, however it will only apply to data collected after they opt out, with data up until that point still retained within the training environment.

Announced this week at RustConf 2025 in Seattle, the new Rust Innovation Lab will offer open source projects "the opportunity to receive fiscal sponsorship from the Rust Foundation, including governance, legal, networking, marketing, and administrative support."

And their first project will be the TLS library Rustls (for cryptographic security), which they say "demonstrates Rust's ability to deliver both security and performance in one of the most sensitive areas of modern software infrastructure." Choosing Rustls "underscores the lab's focus on infrastructure-critical tools, where reliability is paramount," argues explains WebProNews. But "Looking ahead, the foundation plans to expand the lab's portfolio, inviting applications from promising Rust initiatives. This could catalyze innovations in areas like embedded systems and blockchain, where Rust's efficiency shines."

Their article notes that the Rust Foundation "sees the lab as a way to accelerate innovation while mitigating the operational burdens that often hinder open-source development." [T]he Foundation aims to provide a stable, neutral environment for select Rust endeavors, complete with governance oversight, legal and administrative backing, and fiscal sponsorship... At its core, the Rust Innovation Lab addresses a growing need within the developer community for structured support amid Rust's rising adoption in sectors like systems programming and web infrastructure. By offering a "home" for projects that might otherwise struggle with sustainability, the lab ensures continuity and scalability. This comes at a time when Rust's memory safety features are drawing attention from major tech firms, including those in cloud computing and cybersecurity, as a counter to vulnerabilities plaguing languages like C++...

Industry observers note that such fiscal sponsorship could prove transformative, enabling projects to secure funding from diverse sources while maintaining independence. The Rust Foundation's involvement ensures compliance with best practices, potentially attracting more corporate backers wary of fragmented open-source efforts... By providing a neutral venue, the foundation aims to prevent the pitfalls seen in other ecosystems, such as project abandonment due to maintainer burnout or legal entanglements... For industry insiders, the Rust Innovation Lab represents a strategic evolution, potentially accelerating Rust's integration into mission-critical systems.

An anonymous reader quotes a report from Phys.org: In a first-of-its-kind experiment, engineers at the University of Pennsylvania brought quantum networking out of the lab and onto commercial fiber-optic cables using the same Internet Protocol (IP) that powers today's web. Reported in Science, the work shows that fragile quantum signals can run on the same infrastructure that carries everyday online traffic. The team tested their approach on Verizon's campus fiber-optic network. The Penn team's tiny "Q-chip" coordinates quantum and classical data and, crucially, speaks the same language as the modern web. That approach could pave the way for a future "quantum internet," which scientists believe may one day be as transformative as the dawn of the online era.

Quantum signals rely on pairs of "entangled" particles, so closely linked that changing one instantly affects the other. Harnessing that property could allow quantum computers to link up and pool their processing power, enabling advances like faster, more energy-efficient AI or designing new drugs and materials beyond the reach of today's supercomputers. Penn's work shows, for the first time on live commercial fiber, that a chip can not only send quantum signals but also automatically correct for noise, bundle quantum and classical data into standard internet-style packets, and route them using the same addressing system and management tools that connect everyday devices online. "By showing an integrated chip can manage quantum signals on a live commercial network like Verizon's, and do so using the same protocols that run the classical internet, we've taken a key step toward larger-scale experiments and a practical quantum internet," says Liang Feng, Professor in Materials Science and Engineering (MSE) and in Electrical and Systems Engineering (ESE), and the Science paper's senior author.

"This feels like the early days of the classical internet in the 1990s, when universities first connected their networks," added Robert Broberg, a doctoral student in ESE and co-author of the paper. "That opened the door to transformations no one could have predicted. A quantum internet has the same potential."

The Hill reports: Russian state-sponsored hackers have targeted thousands of networking devices associated with U.S. critical infrastructure sectors over the past year, the FBI warned Wednesday. The cyber actors are associated with the Russian Federal Security Service's (FSB) Center 16 and have taken aim at a vulnerability in certain Cisco devices, according to an agency public service announcement.

In some cases, hackers have been able to modify configuration files to enable unauthorized access, which they have used to conduct reconnaissance on networks. This has "revealed their interest in protocols and applications commonly associated with industrial control systems," the FBI said.

Cisco's threat intelligence research arm, Talos, explained in a separate advisory that a subcluster of this group, which it has named "Static Tundra," is targeting a seven-year-old vulnerability in the company's Smart Install feature. The firm has offered a patch for the vulnerability, but it remains a problem in unpatched and end-of-life network devices, it warned.
"Once they establish initial access to a network device, Static Tundra will pivot further into the target environment, compromising additional network devices and establishing channels for long-term persistence and information gathering," warns the Talos blog. "This is demonstrated by the group's ability to maintain access in target environments for multiple years without being detected."

In a statement emailed to The Register, a Cisco spokesperson "said the company is aware of ongoing exploitation targeting this flaw." "We strongly urge customers to immediately upgrade to fixed software versions as outlined in the security advisory and follow our published security best practices," the spokesperson said, directing customers to the FBI's announcement and Cisco Talos blog for additional details.

The ongoing campaign targets telecommunications, higher education, and manufacturing organizations across North America, Asia, Africa, and Europe, "with victims selected based on their strategic interest to the Russian government," according to Talos researchers Sara McBroom and Brandon White. "We assess that the purpose of this campaign is to compromise and extract device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government," McBroom and White wrote.

And while both security alerts focus on the FSB's latest round of network intrusions, "many other state-sponsored actors also covet the access these devices afford," the Talos team warned. "Organizations should be aware that other advanced persistent threats (APTs) are likely prioritizing carrying out similar operations as well."
Some context from Hot Hardware: Cisco indicated in its advisory that "Only Smart Install client switches are affected by the vulnerability". The list of affected devices is in Table A-1 here. For a successful attack, hackers exploit a vulnerability tracked as CVE-2018-0171. This was a vulnerability that was patched way back in 2018.

Threads now has more than 400 million monthly active users. But who are these people who are actually using Threads, asks Mashable? And what is their cultural footprint? Threads is the Big Bang Theory of social media. Bland, boring, largely unoffensive, and somehow, it was the most popular show on television for years... At any given time, "Twitter" and "X" are searched somewhere between 12 and 30 times more than "Threads" on Google, according to the search engine's Trends data. Threads is a popular platform without much of an identity...

[Threads] is consistently good at one thing users really want from a social media platform: for their posts to be seen and engaged with. Threads might be boring in comparison to its competitors, but its users say it might be the only place on the internet right now where they don't feel they are screaming into the void.... Much like TikTok, you don't actually have to have thousands of followers to find decent engagement on the app. One user, commenting in a Reddit forum questioning who actually uses the app, said they "find it worthwhile" because "you can just say stuff on there under a tag and people will find it and respond...." According to consumer research company GWI, while users signed up for Threads because of its integration with Instagram, they're staying because Threads users are "community-focused," noting there's a strong overlap between Discord users and Threads users....

It just doesn't have the same flair as X or Twitter, which could be because Adam Mosseri, the head of Instagram, went out of his way to ensure politics was downplayed when Threads first launched. (Meta has since backtracked slightly by phasing "civic content" back into Threads "with a more personalized approach....") Threads is still in its adolescence. It lacks the media ecosystem that made Twitter indispensable for journalists, politicians, and celebrities. But it has something else: sheer scale and Meta's backing. With Instagram's 2 billion users as a feeder system, Meta can keep funneling people toward Threads whether they like it or not.
The article also points out Threads is integrated with the fediverse, supporting ActivityPub's decentralized protocol...

A 22-year-old Oregon man has been charged with operating one of the most powerful botnets ever recorded. The network, known as Rapper Bot, launched over 370,000 DDoS attacks worldwide, including against X, DeepSeek, U.S. tech firms, and even Defense Department systems. It was allegedly operated by Ethan Foltz of Eugene, Oregon. The Wall Street Journal reports: Foltz faces a maximum of 10 years in prison on a charge of abetting computer intrusions, the Justice Department said in a news release. Rapper Bot was made up of tens of thousands of hacked devices and was capable of flooding victims' websites with enough junk internet traffic to knock them offline, an attack known as a distributed denial of service, or DDoS.

In February, the networking company Nokia measured a Rapper Bot attack against a gaming platform at 6.5 trillion bits per second, well above the several hundred million bits a second of the average high-speed internet connection. "This would place Rapper Bot among the most powerful DDoS botnets to have ever existed," said a criminal complaint that the prosecutors filed Tuesday in a federal court in Alaska. Investigators said Rapper Bot's attacks were so powerful that they were able to overwhelm all but the most robust networks.

Foltz allegedly rented out Rapper Bot to paying customers, including gambling website operators who would use the network in extortion attempts, according to the complaint. The botnet was used to launch more than 370,000 attacks in 80 countries, including China, Japan and the U.S., prosecutors said. It launched its attacks from hacked routers, digital video recorders and cameras, not from computers. [...] "At its height, it mobilized tens of thousands of devices, many with no prior role in DDoS," said Jerome Meyer, a researcher with Nokia's Deepfield network-analysis division. "Taking it down removes a major source of the largest attacks we see."

Prospect magazine, in a recent piece: "LinkedIn doesn't know me anymore," someone complained to me recently. "What do you mean?" I asked. She explained that the platform has replaced the old "recommended jobs" section, which used to show her quite useful job openings based on her previous searches and CV, with an AI search engine that asks you to describe your ideal job in freeform text. The results it brings up aren't nearly as relevant.

This is just one of many ways in which the professionals' social media platform, which has embraced artificial intelligence with ferocious zeal, is being gradually "enshittified," to borrow tech writer Cory Doctorow's phrase. Each new embrace of AI tools promises to make hiring, job searching, networking and even posting a bit easier or more fruitful. Instead, AI seems to have made the user's experience more alienating, and to have helped foster a genre of LinkedIn-speak which bears all the hallmarks of the worst AI writing on the internet.

Let's start with my opening example -- which, to be fair, is in beta testing mode and can be switched off. Instead of the AI assistant being like an intuitive digital servant, pulling up the best jobs based on your ruminations, users are confronted with a new and annoying task: crafting prompts for the AI. But the non-AI search bar worked perfectly well as it was.

Then there is the AI writing assistant, which is available to users who pay for the platform's $40 per month premium service to help them craft their posts. LinkedIn's CEO Ryan Roslansky recently admitted that users aren't using the tool as much as he anticipated. It seems that sounding like a human being to your colleagues and clients is put at, well, a premium.

And then there are the ways in which users are deploying outputs from external AI chatbots on the platform, something with which LinkedIn is struggling to cope. According to the New York Times, the number of job applications submitted via the platform increased by 45 per cent in the year to June, now clocking in at an average of 11,000 per minute.

An anonymous reader shares a report: Manufacturer to the stars Foxconn is building so many AI servers that they're now bringing in more cash than consumer electronics -- even counting the colossal quantity of iPhones it creates for Apple.

The Taiwanese company revealed the shift in its Thursday announcement of Q2 results, which saw revenue grow 16% to NT$1.79 trillion ($59.73 billion) and operating profit rise 27% to NT$56.6 billion ($1.9 billion). CEO Kathy Yang told investors the company's Cloud and Networking Products division delivered 41% of total revenue, up nine percent compared to Q2 2024, and surpassing the company's Smart Consumer Electronics unit for the first time. The latter business includes Foxconn's work for Apple.

Australia's spy chief has warned that defense workers are exposing themselves to foreign intelligence services through LinkedIn profiles that detail classified projects and security clearances. Director-General Mike Burgess said over 35,000 Australians on the platform indicate access to sensitive information, with 7,000 mentioning defense work and 400 listing involvement in the AUKUS nuclear submarine program. Foreign spies routinely scour professional networking sites posing as consultants and recruiters, Burgess said.

ZDNet's Steven Vaughan-Nichols shares his list of "what's new and improved" in the latest Linux 6.16 kernel. An anonymous reader shares an excerpt from the report: First, the Rust language is continuing to become more well-integrated into the kernel. At the top of my list is that the kernel now boasts Rust bindings for the driver core and PCI device subsystem. This approach will make it easier to add new Rust-based hardware drivers to Linux. Additionally, new Rust abstractions have been integrated into the Direct Rendering Manager (DRM), particularly for ioctl handling, file/GEM memory management, and driver/device infrastructure for major GPU vendors, such as AMD, Nvidia, and Intel. These changes should reduce vulnerabilities and optimize graphics performance. This will make gamers and AI/ML developers happier.

Linux 6.16 also brings general improvements to Rust crate support. Crate is Rust's packaging format. This will make it easier to build, maintain, and integrate Rust kernel modules into the kernel. For those of you who still love C, don't worry. The vast majority of kernel code remains in C, and Rust is unlikely to replace C soon. In a decade, we may be telling another story. Beyond Rust, this latest release also comes with several major file system improvements. For starters, the XFS filesystem now supports large atomic writes. This capability means that large multi-block write operations are 'atomic,' meaning all blocks are updated or none. This enhances data integrity and prevents data write errors. This move is significant for companies that use XFS for databases and large-scale storage.

Perhaps the most popular Linux file system, Ext4, is also getting many improvements. These boosts include faster commit paths, large folio support, and atomic multi-fsblock writes for bigalloc filesystems. What these improvements mean, if you're not a file-system nerd, is that we should see speedups of up to 37% for sequential I/O workloads. If your Linux laptop doubles as a music player, another nice new feature is that you can now stream your audio over USB even while the rest of your system is asleep. That capability's been available in Android for a while, but now it's part of mainline Linux.

If security is a top priority for you, the 6.16 kernel now supports Intel Trusted Execution Technology (TXT) and Intel Trusted Domain Extensions (TDX). This addition, along with Linux's improved support for AMD Secure Encrypted Virtualization and Secure Memory Encryption (SEV-SNP), enables you to encrypt your software's memory in what's known as confidential computing. This feature improves cloud security by encrypting a user's virtual machine memory, meaning someone who cracks a cloud can't access your data. Linux 6.16 also delivers several chip-related upgrades. It introduces support for Intel's Advanced Performance Extensions (APX), doubling x86 general-purpose registers from 16 to 32 and boosting performance on next-gen CPUs like Lunar Lake and Granite Rapids Xeon. Additionally, the new CONFIG_X86_NATIVE_CPU option allows users to build processor-optimized kernels for greater efficiency.

Support for Nvidia's AI-focused Blackwell GPUs has also been improved, and updates to TCP/IP with DMABUF help offload networking tasks to GPUs and accelerators. While these changes may go unnoticed by everyday users, high-performance systems will see gains and OpenVPN users may finally experience speeds that challenge WireGuard.