Why TypeScript 7.0 Was Rewritten in Go (and what it means for your dev stack) | spf13
Go was designed for systems at scale, not AI. But in 2026, it's the optimal language for agentic development. Here's why, and what it means for your team.
IonStack part II: GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years
GhostLock (CVE-2026-43499) is a Linux kernel vulnerability found by VEGA that exists in every major distribution since 2011. Triggering the bug does not require any special kernel config or privilege. By turning it into a 97% stable privilege escalation and container escape, Google has rewarded us $92,337 in kernelCTF. This writeup covers the technical details of the exploit.
SK Hynix CEO sees worst memory shortage in 2027, demand to outstrip supply beyond 2030
SK Hynix Chief Executive Kwak Noh-jung said the global memory industry is heading for its worst-ever supply shortage in 2027, forecasting that demand for memory will continue to exceed the company's ability to produce it well into the next decade despite aggressive capacity expansion.
ClickHouse is now available as a Docker Hardened Image: a minimal, security-hardened build that passes enterprise vulnerability scans by shipping only what the database needs to run, with no change to how ClickHouse behaves.
JustVugg/colibri: Run GLM-5.2 (744B MoE) on a 25GB-RAM consumer machine — pure C, zero deps, experts streamed from disk. Tiny engine, immense model. 🐦
Run GLM-5.2 (744B MoE) on a 25GB-RAM consumer machine — pure C, zero deps, experts streamed from disk. Tiny engine, immense model. 🐦 - JustVugg/colibri
Ways to think about token pricing — Benedict Evans
AI is in a supply crunch today, but what happens when we come out of it? How and where will supply, demand, price, capacity and capex get back into equilibrium? Today, model labs can name their price, but why won’t they end up as low-margin commodity infrastructure?
John Deere owners will get the right to repair their own equipment under a new FTC settlement
John Deere owners should soon feel free to fix their own machines. The Federal Trade Commission and several state attorneys general have secured a “right to repair” settlement with farming equipment company Deere & Co., known as John Deere.
Have you heard? Clickhouse is winning the observability wars!
Years ago I predicted that columnar storage would remake observability. What I didn't see coming: vendors would build it, nerf it, and sell a worse version back to you as "Datadog, but cheaper"
Samsung chip division's single-year profits beat its past 40 years of profits, combined, due to increased memory and storage prices — Samsung passes Nvidia to become most profitable company in the world, notches 19x quarterly increase in profit
DS president Kim Yong-Kwan told staff the unit's 2026 operating profit will top everything it has earned since Samsung entered the memory business.
Proton 11.0-1 Released To Advance Valve's Steam Play For The Best Linux Experience Yet
Proton 11.0-1 was just released as stable as the newest major version of this downstream of Wine that powers Valve's Steam Play to provide for a great Windows gaming experience across conventional Linux systems plus the popular Steam Deck and brand new Steam Machine.
Rotating Postgres Credentials Without Dropping a Single Connection in Node.JS
Credential rotation is a compliance requirement (PCI DSS, SOC 2, HIPAA) that most teams treat as a downtime event. Here is how to rotate postgres passwords in a Node.js application without restarting a single process or dropping a single connection.
GitLost: How We Tricked GitHub’s AI Agent into Leaking Private Repos - Noma Security
TL;DR: Noma Labs discovered a critical prompt injection vulnerability within GitHub’s new Agentic Workflows, allowing an unauthenticated attacker to silently pull data from private repositories by posting a crafted GitHub Issue in a public repository belonging to the same organization as the private repositories. Noma Labs named the vulnerability GitLost. Introduction GitHub recently launched […]
kiac: Kubernetes on Apple Containers with VM-Isolated Nodes | Kubesimplify
kiac runs local Kubernetes on macOS where every node is its own lightweight VM via apple/container: kubeadm or k3s flavors, Cilium on a custom kernel, built-in LoadBalancer, Grafana, Gateway API, and clusters that survive reboots.
GitHub is restricting its stargazers API to a repository's admins and collaborators, which breaks star history for repos you don't own. Here's what happened and what we're doing.