6. 我把《NetHack》加到了我的社区应用里,这款已有38年历史的游戏却总能让我招架不住 Put NetHack on my community app and this 38-year-old game keeps outsmarting me (lobste.rs)
8. 向 Google kernelCTF 报告一个隐藏了 19 多年的 Linux 内核零日漏洞:CVE-2026-43456 Reporting a 19 Years Hidden Linux Kernel Zero-Day for Google kernelCTF: CVE-2026-43456 (gmo-cybersecurity.com)
10. Waterfall CAD Playground——一个基于 Haskell 的可编程 CAD 环境,通过 WASM 在浏览器中运行 Waterfall CAD Playground - A Haskell powered programmable-CAD environment, in the browser with WASM (doscienceto.it)
12. 谷歌通向破坏气候的数字膨胀之路呈指数级增长 Google’s exponential path to climate-wrecking digital bloat (ketanjoshi.co)
13. 为什么在 x64 架构下,虚假共享的对齐应为 128 字节 Why false sharing alignment should be 128 bytes on x64 (monoid.github.io)
17. 将 Go 程序编译为 Nintendo Switch 的原生二进制文件 Compiling a Go program into a native binary for Nintendo Switch (ebitengine.org)
18. 基于AI验证器的Rust到Lean验证管道:经验报告 A Rust-to-Lean verification pipeline with AI provers: An experience report (arxiv.org)
19. Radicle:支持 Git 原生问题和补丁的点对点 Git 复制 Radicle: P2P Git Replication with Git Native Issues and Patches (radicle.dev)
25. ReactOS“开源Windows”项目现已能够运行《半条命2》 ReactOS "Open-Source Windows" Project Now Capable Of Running Half-Life 2 (www.phoronix.com)
29. 后台访问:Front Gate Tickets 中存在未经身份验证的 SQL 注入漏洞 Backstage access: an unauthenticated SQL injection in Front Gate Tickets (ian.sh)
35. PREEMPT_NONE 已不复存在;你的 Postgres 可能并不在意 PREEMPT_NONE Is Dead; Your Postgres Probably Doesn’t Care (thebuild.com)
38. fin:一款适用于终端的 Jellyfin 和 Subsonic 客户端 fin: a Jellyfin & Subsonic client for the terminal (tangled.org)
41. 一个 Pull Request 如何让 App::HTTPThis 升级至 1.0 版 How One Pull Request Took App::HTTPThis to Version 1.0 (perlhacks.com)
43. “Baby Paint”先生与偶然发现的一种新型细胞自动机 Mr. Baby Paint & accidentally discovering a new cellular automata (tekstien-marginaalien-keskus.aalto.fi)
45. 一场滑雪事故如何考验了我们的开发实践 How a Skiing Accident Put Our Development Practices to the test (blog.enioka.com)
46. 火龙果:一款适用于 ESP32 设备的 68k/Dragonball Palm 设备模拟器 Dragonfruit: A 68k/Dragonball Palm device emulator for ESP32 devices (github.com)
55. 利用 Temporal 和 CSS color-mix 实现基于时间的背景颜色过渡 Time-based background colour transitions with Temporal and CSS color-mix (localghost.dev)
62. 在 DEC Alpha 上运行 Windows 2000,使用新的 es40 分支 Run Windows 2000 on a DEC Alpha with a new es40 fork (raymii.org)
64. 经过3年和10万行游戏代码的开发,Zig的表现如何? How is Zig working out after 3 years and 100k lines of game code? (www.youtube.com)
69. 我希望更多人能注意到我这款Mastodon客户端中的这些小细节 small details in my mastodon client that i wanted more people to notice (w.on-t.work)
71. ps5-linux-loader:一种利用HV漏洞运行自定义引导加载程序的Linux有效载荷 ps5-linux-loader: Linux payload implementing HV exploits to run a custom bootloader (github.com)
78. 非混合型、仅基于PQ的TLS及MIKEY-IBAKE干预措施 Non-hybrid PQ-only TLS and the MIKEY-IBAKE intervention (libroot.org)
86. 关于轴平行矩形时韦格纳猜想的一个反例 A Counterexample to Wegner''s Conjecture for Axis-Parallel Rectangles (arxiv.org)
88. SecretSpec 0.13:适用于 Python、Node.js、Go、Ruby 和 Haskell 的 SDK SecretSpec 0.13: SDKs for Python, Node.js, Go, Ruby, and Haskell (secretspec.dev)
90. 波浪形墙体真的能节省砖块吗?我在Blender中进行了测试 Do Wavy Walls Really Use Fewer Bricks? I Tested It in Blender (blog.tymscar.com)
104. Lemmy 开发动态:2026年6月及 1.0.0-beta.1 版本 Lemmy Development Update June 2026 and 1.0.0-beta.1 (lemmy.ml)
105. 后缀 BWT 与循环移位 BWT 的比较,以及快速计算 Suffix BWT vs cyclic shift BWT, and fast computation (purplesyringa.moe)
109. 针对欧洲议会的间谍活动:调查间谍软件的委员会成员遭“佩加索斯”黑客攻击 Espionage Against the European Parliament: Member of Committee Investigating Spyware Hacked with Pegasus (citizenlab.ca)
110. 浏览器标签页中的 Windows 内核(上):冷启动、快速启动与 4 兆字节 A Windows Kernel in a Browser Tab, Part I: Cold Boot, Fast Boot, and Four Megabytes (www.msuiche.com)
111. sem:一种基于语义粒度的全新代码理解基础工具 sem: A new code understanding primitive tool at a semantic granularity (ataraxy-labs.github.io)
113. PieFed v1.7 正式发布:关注用户、浏览更快捷、管理更智能 PieFed v1.7 is released: Following Users, Faster Browsing & Smarter Moderation (join.piefed.social)
119. 基于 Cloudflare Workers、Vectorize 和 Nostr 的自托管 AI 新闻聚合器 Self-Hosted AI news aggregator using Cloudflare Workers, Vectorize, and Nostr (github.com)
121. 一个名为[非混合型 tls-mlkem]的标准:IETF 如何为其行为推卸责任 A [non-hybrid tls-mlkem] standard by any other name: How IETF evades responsibility for its actions (blog.cr.yp.to)
122. Dogesh 是一种基于 Python 的解释型编程语言,其中每个关键字都用狗语表达 Dogesh is a Python-based interpreted programming language where every keyword speaks dog (github.com)
124. 为什么实现 ActivityPub 很难,以及为什么其实不必如此 Why implementing ActivityPub is hard, and why it doesn''t have to be (hackers.pub)
125. 自动化“橡皮图章”:如果由代理来管理您的部署门禁会怎样? Automating the Rubber Stamp: What If an Agent Ran Your Deployment Gate? (mattvanbird.co.uk)
126. 编译后不产生任何代码的掩码:HotSpot 的 JIT 是如何学会对位进行推理的 The mask that compiles to nothing: how HotSpot''s JIT learned to reason about bits (questdb.com)
130. 呼吁采取行动,反对 draft-ietf-tls-mlkem-08 草案(截止日期:2026-07-08) Call to act to reject draft-ietf-tls-mlkem-08 (Ends 2026-07-08) (nsa.2026.action.cr.yp.to)
131. “guix substitute”和“guix pull”漏洞 ‘guix substitute‘ and ‘guix pull‘ vulnerabilities (guix.gnu.org)
132. Until_Heat_Death_Do_Us_Part:倒计时至宇宙热寂,每秒通过100Mbps以太网广播计数器读数 Until_Heat_Death_Do_Us_Part: Counting until the heat death of the universe, broadcasting counter every second over 100Mbps ethernet (github.com)
134. KDE Plasma 中存在可突破沙箱的任意代码执行漏洞 Arbitrary code execution breaking sandboxes in KDE Plasma (blog.kimiblock.top)
136. proposal-async-context:JavaScript 的异步上下文 proposal-async-context: Async Context for JavaScript (github.com)
138. ds.css:一个重现DS/DS Lite用户界面的CSS框架 ds.css: A css framework recreating the DS / DS Lite''s UI (github.com)
144. 新发现的PamStealer并非典型的macOS恶意软件 Newly discovered PamStealer isn''t your typical macOS malware (arstechnica.com)
146. ScyllaDB 基于 Trie 的索引如何实现高达 3 倍的吞吐量提升 How ScyllaDB''s Trie-Based Index Delivers Up to 3X More Throughput (www.scylladb.com)
148. 自 Linux 6.9(2024 年 5 月)起,LUKS 加密密钥在系统进入待机状态后仍会保留在内存中 Since Linux 6.9 (May 2024), the LUKS encryption key remained resident in memory across suspend (mathstodon.xyz)
149. .gitignore 并不是在 Git 中忽略文件的唯一方法 .gitignore Isn’t the Only Way To Ignore Files in Git (nelson.cloud)
152. 推广“零知识证明”技术,以加强年龄验证中的隐私保护 Opening up ‘Zero-Knowledge Proof’ technology to promote privacy in age assurance (blog.google)
159. 用于从 localStorage 中检索对象的类型定义 Type definitions to retrieve objects from localStorage (taxorubio.com)
161. 控制平面才是关键:在大型语言模型时代重新审视 autofz The Control Plane Was the Point: Revisiting autofz in the LLM Era (yfu.tw)
162. 《记忆的物理学》(又名“JavaScript 能实现 ECS 吗?”) The Physics of Memory (aka can Javascript ECS?) (www.dmurph.com)
163. 提高 VS Code 中 GitHub Copilot 的令牌效率 Improving token efficiency for GitHub Copilot in VS Code (code.visualstudio.com)
164. OpenFeature——为所有人标准化功能开关机制 OpenFeature - Standardizing Feature Flagging for Everyone (openfeature.dev)
167. 通过 FUSE readdir 缓存中的越界写入实现无特权 root 权限提升(CVE-2026-31694) Unprivileged root via an out-of-bounds write in the FUSE readdir cache (CVE-2026-31694) (cyberstan.co.uk)
168. GraalVM“Hello World”程序大小“仅”为6.5MB GraalVM Hello World Program Down To "Just" 6.5MB (www.phoronix.com)
169. 开源作为基础设施:从字面意义上理解“道路与桥梁” Open Source as Infrastructure: Taking Roads and Bridges literally (nesbitt.io)
170. Pidgin 3.0 Alpha 2 (2.96.0) 已发布 Pidgin 3.0 Alpha 2 (2.96.0) has been released (discourse.imfreedom.org)
175. 所有包管理功能已从编译器迁移至构建系统 All Package Management Functionality Moved from Compiler to Build System (ziglang.org)
176. 优化一种设计上即为二次复杂度的算法 Optimizing an Algorithm That’s Quadratic by Design (whatchord.earthmanmuons.com)
177. 矩阵正交化可提升递归模型的记忆能力 Matrix Orthogonalization Improves Memory in Recurrent Models (ayushtambde.com)
179. Jujutsu 如何重新构思 Git 的工作副本和冲突模型 How Jujutsu Rethinks Git''s Working Copy and Conflict Model (www.git-tower.com)
182. 低级 Haskell:在 Haskell/GHC 中模拟内联汇编的“诅咒之路” Low-level Haskell: The cursed way to emulate inline assembly in Haskell/GHC (minoki.github.io)
185. 在迁移之前,代码托管平台需要具备哪些 GitHub 功能? Which GitHub features are needed in a code forge before you can migrate? (lobste.rs)
191. 《为什么云服务会中断?:从数百起服务中断事件中汲取的教训》(2016) Why Does the Cloud Stop Computing?: Lessons from Hundreds of Service Outages (2016) (dl.acm.org)
192. pkgbump:从一个笨拙的工具到不可或缺的得力助手 pkgbump: from a dumb tool to an irreplaceable helper (blogs.gentoo.org)
193. 特朗普政府解除对Anthropic公司《Fable 5》的限制 Trump administration lifts restrictions on Anthropic''s Fable 5 (www.axios.com)
198. ZLUDA 6 版本发布(在非英伟达 GPU 上运行 CUDA) ZLUDA 6 release (run CUDA on non-Nvidia GPUs) (vosen.github.io)
201. 大多数 MCP 服务器其实没有必要存在。你的情况可能是个例外。 Most MCP servers don''t need to exist. Your case might be an exception (evilmartians.com)
206. 通过 Durable Streams 在我的 Jetson 上提供本地 AI 服务 Serving Local AI on my Jetson through Durable Streams (s2.dev)
208. 解析,而非验证——在一种不希望你这样做的语言中 Parse, Don''t Validate — In a Language That Doesn''t Want You To (cekrem.github.io)
212. Servo 五月更新:用户脚本、mp4 兼容性、开发工具中的黑盒测试等 May in Servo: user scripts, mp4 compat, blackboxing in DevTools, and more (servo.org)
213. “等待 SQL:202y:斯德哥尔摩(BMA)”会议报告 Waiting for SQL:202y: Stockholm (BMA) meeting report (peter.eisentraut.org)
219. jj_tui:一款专注于速度和清晰度的 jujutsu 终端用户界面 jj_tui: terminal user interface to jujutsu focused on speed and clarity (tangled.org)
220. 对基本正则表达式中 GNU 扩展的平台支持 Platform Support for GNU Extensions to Basic Regular Expressions (www.wezm.net)
229. DRM GEM 的 change_handle 函数中存在“释放后使用”漏洞,导致非特权用户获得 root 权限(CVE-2026-46215) Unprivileged root via a use-after-free in DRM GEM change_handle (CVE-2026-46215) (cyberstan.co.uk)
230. Solod v0.2:网络功能、新目标、更友好的互操作性 Solod v0.2: Networking, new targets, friendlier interop (antonz.org)
232. ipv6_frag_escape:Linux LPE——可靠的监狱/容器逃逸 ipv6_frag_escape: Linux LPE - Reliable Jail/Container Escape (github.com)
235. WATaBoy:将Game Boy指令通过JIT编译为Wasm,性能优于原生解释器 WATaBoy: JIT-ing Game Boy Instructions to Wasm Beats a Native Interpreter (humphri.es)
236. Pystd 标准库,功能大致相似,但编译时间仅为其一小部分 Pystd standard library, similar-ish functionality with a fraction of the compile time (nibblestew.blogspot.com)
237. Longinus:一个漏洞中的两个边界,利用单一漏洞突破Chrome的渲染引擎和V8沙箱,CVE-2026-6307 Longinus: 2 Boundaries in One Bug, Piercing Chrome’s Renderer and V8 Sandbox with a Single Vulnerability, CVE-2026-6307 (nebusec.ai)
246. 《网络弹性法》框架下嵌入式Linux设备的完整性 Integrity on Embedded Linux Devices under the Cyber Resilience Act (sigma-star.at)
250. 代码审查——BJonas 用 J 语言编写的 Scheme 解释器 code review - BJonas'' SchemeInterpreter in J (tangentstorm.github.io)
251. Kivo——一款基于 PySide6 开发的轻量级桌面提词器 Kivo - A lightweight desktop teleprompter built with PySide6 (github.com)
254. Ante:融合借用检查与引用计数的新方法 Ante: New Way to Blend Borrow Checking and Reference Counting (verdagon.dev)
259. 难以理解的 Bug 第 10 期:故障的 Windows 构建版本 Unfathomable bugs #10: The Broken Windows Build (algassert.com)
264. 对私人通信的“双重威胁”:不民主的聊天管控幕后交易及迫在眉睫的让步,促使 fightchatcontrol.eu 网站重新上线 “Double Threat” to Private Communications: Undemocratic Chat Control Backroom Deals and Imminent Concessions Spark Relaunch of fightchatcontrol.eu (www.patrick-breyer.de)
266. 检查航天飞机输入/输出处理器的电路板 Examining circuit boards from the Space Shuttle''s I/O Processor (www.righto.com)
269. huff12——一款适用于 Apple Silicon 的 12 流霍夫曼解码器 huff12 - a 12-stream Huffman decoder for Apple Silicon (gist.github.com)
270. iOS 平台上的动态库延迟加载与插件架构 Lazy Loading Dynamic Libraries and the Plugin-Architecture on iOS (medium.com)
273. 我们进行了“Mythos at Home”测试:在我们的网络基准测试中,GLM 5.2 击败了 Claude We have Mythos at Home: GLM 5.2 beats Claude in our Cyber Benchmarks (semgrep.dev)
276. VictoriaLogs 如何以列式布局存储日志 How VictoriaLogs Stores Your Logs in a Columnar Layout (victoriametrics.com)
279. Nourish——一款支持无限缩放和平移的 Wayland 合成器 Nourish - a wayland compositor with infinite zoom and pan (github.com)
282. 借助 Lemote Yeeloong 笔记本电脑和 OpenBSD 应对“龙”的挑战 Working around dragons with the Lemote Yeeloong laptop and OpenBSD (oldvcr.blogspot.com)
283. 具有依赖类型且内核兼容 Lean4 的 Clojure 领域特定语言(DSL) Dependently typed Clojure DSL with a Lean4 compatible kernel (github.com)
286. OxCaml 中值得更多编程语言借鉴的特性——《The Consensus》 The feature in OxCaml that more languages should steal - The Consensus (theconsensus.dev)
287. pomerium:Pomerium 是一个支持身份识别和上下文感知功能的访问代理 pomerium: Pomerium is an identity and context-aware access proxy (github.com)
288. Prism:一种具有类型化效应的不纯粹函数式语言 Prism: An Impure Functional Language With Typed Effects (www.stephendiehl.com)
289. pg_plan_advice — 帮助规划器制定正确的执行计划 pg_plan_advice — help the planner get the right plan (www.postgresql.org)
292. exploitarium:一个汇集了公开漏洞利用概念验证(PoC)的单一存档库 exploitarium: A single archive of public exploit PoCs (github.com)
299. Linux 7.2 提升了 shell 管道中匿名/无名管道的性能,并进行了其他改进 Linux 7.2 Improves Anonymous/Unnamed Pipe Performance For Shell Pipelines & More (www.phoronix.com)