6. 非混合型、僅基於PQ的TLS及MIKEY-IBAKE干預措施 Non-hybrid PQ-only TLS and the MIKEY-IBAKE intervention (libroot.org)
14. 關於軸平行矩形時韋格納猜想的一個反例 A Counterexample to Wegner''s Conjecture for Axis-Parallel Rectangles (arxiv.org)
16. SecretSpec 0.13:適用於 Python、Node.js、Go、Ruby 和 Haskell 的 SDK SecretSpec 0.13: SDKs for Python, Node.js, Go, Ruby, and Haskell (secretspec.dev)
18. 波浪形牆體真的能節省磚塊嗎?我在Blender中進行了測試 Do Wavy Walls Really Use Fewer Bricks? I Tested It in Blender (blog.tymscar.com)
32. Lemmy 開發動態:2026年6月及 1.0.0-beta.1 版本 Lemmy Development Update June 2026 and 1.0.0-beta.1 (lemmy.ml)
33. 後綴 BWT 與循環移位 BWT 的比較,以及快速計算 Suffix BWT vs cyclic shift BWT, and fast computation (purplesyringa.moe)
37. 針對歐洲議會的間諜活動:調查間諜軟件的委員會成員遭“佩加索斯”黑客攻擊 Espionage Against the European Parliament: Member of Committee Investigating Spyware Hacked with Pegasus (citizenlab.ca)
38. 瀏覽器標籤頁中的 Windows 內核(上):冷啟動、快速啟動與 4 兆字節 A Windows Kernel in a Browser Tab, Part I: Cold Boot, Fast Boot, and Four Megabytes (www.msuiche.com)
39. sem:一種基於語義粒度的全新代碼理解基礎工具 sem: A new code understanding primitive tool at a semantic granularity (ataraxy-labs.github.io)
41. PieFed v1.7 正式發佈:關注用戶、瀏覽更快捷、管理更智能 PieFed v1.7 is released: Following Users, Faster Browsing & Smarter Moderation (join.piefed.social)
47. 基於 Cloudflare Workers、Vectorize 和 Nostr 的自託管 AI 新聞聚合器 Self-Hosted AI news aggregator using Cloudflare Workers, Vectorize, and Nostr (github.com)
49. 一個名為[非混合型 tls-mlkem]的標準:IETF 如何為其行為推卸責任 A [non-hybrid tls-mlkem] standard by any other name: How IETF evades responsibility for its actions (blog.cr.yp.to)
50. Dogesh 是一種基於 Python 的解釋型編程語言,其中每個關鍵字都用狗語表達 Dogesh is a Python-based interpreted programming language where every keyword speaks dog (github.com)
52. 為什麼實現 ActivityPub 很難,以及為什麼其實不必如此 Why implementing ActivityPub is hard, and why it doesn''t have to be (hackers.pub)
53. 自動化“橡皮圖章”:如果由代理來管理您的部署門禁會怎樣? Automating the Rubber Stamp: What If an Agent Ran Your Deployment Gate? (mattvanbird.co.uk)
54. 編譯後不產生任何代碼的掩碼:HotSpot 的 JIT 是如何學會對位進行推理的 The mask that compiles to nothing: how HotSpot''s JIT learned to reason about bits (questdb.com)
58. 呼籲採取行動,反對 draft-ietf-tls-mlkem-08 草案(截止日期:2026-07-08) Call to act to reject draft-ietf-tls-mlkem-08 (Ends 2026-07-08) (nsa.2026.action.cr.yp.to)
60. Until_Heat_Death_Do_Us_Part:倒計時至宇宙熱寂,每秒通過100Mbps以太網廣播計數器讀數 Until_Heat_Death_Do_Us_Part: Counting until the heat death of the universe, broadcasting counter every second over 100Mbps ethernet (github.com)
62. KDE Plasma 中存在可突破沙箱的任意代碼執行漏洞 Arbitrary code execution breaking sandboxes in KDE Plasma (blog.kimiblock.top)
64. proposal-async-context:JavaScript 的異步上下文 proposal-async-context: Async Context for JavaScript (github.com)
66. ds.css:一個重現DS/DS Lite用戶界面的CSS框架 ds.css: A css framework recreating the DS / DS Lite''s UI (github.com)
72. 新發現的PamStealer並非典型的macOS惡意軟件 Newly discovered PamStealer isn''t your typical macOS malware (arstechnica.com)
74. ScyllaDB 基於 Trie 的索引如何實現高達 3 倍的吞吐量提升 How ScyllaDB''s Trie-Based Index Delivers Up to 3X More Throughput (www.scylladb.com)
76. 自 Linux 6.9(2024 年 5 月)起,LUKS 加密密鑰在系統進入待機狀態後仍會保留在內存中 Since Linux 6.9 (May 2024), the LUKS encryption key remained resident in memory across suspend (mathstodon.xyz)
77. .gitignore 並不是在 Git 中忽略文件的唯一方法 .gitignore Isn’t the Only Way To Ignore Files in Git (nelson.cloud)
80. 推廣“零知識證明”技術,以加強年齡驗證中的隱私保護 Opening up ‘Zero-Knowledge Proof’ technology to promote privacy in age assurance (blog.google)
87. 用於從 localStorage 中檢索對象的類型定義 Type definitions to retrieve objects from localStorage (taxorubio.com)
89. 控制平面才是關鍵:在大型語言模型時代重新審視 autofz The Control Plane Was the Point: Revisiting autofz in the LLM Era (yfu.tw)
90. 《記憶的物理學》(又名“JavaScript 能實現 ECS 嗎?”) The Physics of Memory (aka can Javascript ECS?) (www.dmurph.com)
91. 提高 VS Code 中 GitHub Copilot 的令牌效率 Improving token efficiency for GitHub Copilot in VS Code (code.visualstudio.com)
92. OpenFeature——為所有人標準化功能開關機制 OpenFeature - Standardizing Feature Flagging for Everyone (openfeature.dev)
95. 通過 FUSE readdir 緩存中的越界寫入實現無特權 root 權限提升(CVE-2026-31694) Unprivileged root via an out-of-bounds write in the FUSE readdir cache (CVE-2026-31694) (cyberstan.co.uk)
96. GraalVM“Hello World”程序大小“僅”為6.5MB GraalVM Hello World Program Down To "Just" 6.5MB (www.phoronix.com)
97. 開源作為基礎設施:從字面意義上理解“道路與橋樑” Open Source as Infrastructure: Taking Roads and Bridges literally (nesbitt.io)
98. Pidgin 3.0 Alpha 2 (2.96.0) 已發佈 Pidgin 3.0 Alpha 2 (2.96.0) has been released (discourse.imfreedom.org)
103. 所有包管理功能已從編譯器遷移至構建系統 All Package Management Functionality Moved from Compiler to Build System (ziglang.org)
104. 優化一種設計上即為二次複雜度的算法 Optimizing an Algorithm That’s Quadratic by Design (whatchord.earthmanmuons.com)
105. 矩陣正交化可提升遞歸模型的記憶能力 Matrix Orthogonalization Improves Memory in Recurrent Models (ayushtambde.com)
107. Jujutsu 如何重新構思 Git 的工作副本和衝突模型 How Jujutsu Rethinks Git''s Working Copy and Conflict Model (www.git-tower.com)
110. 低級 Haskell:在 Haskell/GHC 中模擬內聯彙編的“詛咒之路” Low-level Haskell: The cursed way to emulate inline assembly in Haskell/GHC (minoki.github.io)
113. 在遷移之前,代碼託管平臺需要具備哪些 GitHub 功能? Which GitHub features are needed in a code forge before you can migrate? (lobste.rs)
119. 《為什麼雲服務會中斷?:從數百起服務中斷事件中汲取的教訓》(2016) Why Does the Cloud Stop Computing?: Lessons from Hundreds of Service Outages (2016) (dl.acm.org)
120. pkgbump:從一個笨拙的工具到不可或缺的得力助手 pkgbump: from a dumb tool to an irreplaceable helper (blogs.gentoo.org)
121. 特朗普政府解除對Anthropic公司《Fable 5》的限制 Trump administration lifts restrictions on Anthropic''s Fable 5 (www.axios.com)
126. ZLUDA 6 版本發佈(在非英偉達 GPU 上運行 CUDA) ZLUDA 6 release (run CUDA on non-Nvidia GPUs) (vosen.github.io)
129. 大多數 MCP 服務器其實沒有必要存在。你的情況可能是個例外。 Most MCP servers don''t need to exist. Your case might be an exception (evilmartians.com)
134. 通過 Durable Streams 在我的 Jetson 上提供本地 AI 服務 Serving Local AI on my Jetson through Durable Streams (s2.dev)
136. 解析,而非驗證——在一種不希望你這樣做的語言中 Parse, Don''t Validate — In a Language That Doesn''t Want You To (cekrem.github.io)
140. Servo 五月更新:用戶腳本、mp4 兼容性、開發工具中的黑盒測試等 May in Servo: user scripts, mp4 compat, blackboxing in DevTools, and more (servo.org)
141. “等待 SQL:202y:斯德哥爾摩(BMA)”會議報告 Waiting for SQL:202y: Stockholm (BMA) meeting report (peter.eisentraut.org)
147. jj_tui:一款專注於速度和清晰度的 jujutsu 終端用戶界面 jj_tui: terminal user interface to jujutsu focused on speed and clarity (tangled.org)
148. 對基本正則表達式中 GNU 擴展的平臺支持 Platform Support for GNU Extensions to Basic Regular Expressions (www.wezm.net)
157. DRM GEM 的 change_handle 函數中存在“釋放後使用”漏洞,導致非特權用戶獲得 root 權限(CVE-2026-46215) Unprivileged root via a use-after-free in DRM GEM change_handle (CVE-2026-46215) (cyberstan.co.uk)
158. Solod v0.2:網絡功能、新目標、更友好的互操作性 Solod v0.2: Networking, new targets, friendlier interop (antonz.org)
160. ipv6_frag_escape:Linux LPE——可靠的監獄/容器逃逸 ipv6_frag_escape: Linux LPE - Reliable Jail/Container Escape (github.com)
163. WATaBoy:將Game Boy指令通過JIT編譯為Wasm,性能優於原生解釋器 WATaBoy: JIT-ing Game Boy Instructions to Wasm Beats a Native Interpreter (humphri.es)
164. Pystd 標準庫,功能大致相似,但編譯時間僅為其一小部分 Pystd standard library, similar-ish functionality with a fraction of the compile time (nibblestew.blogspot.com)
165. Longinus:一個漏洞中的兩個邊界,利用單一漏洞突破Chrome的渲染引擎和V8沙箱,CVE-2026-6307 Longinus: 2 Boundaries in One Bug, Piercing Chrome’s Renderer and V8 Sandbox with a Single Vulnerability, CVE-2026-6307 (nebusec.ai)
174. 《網絡彈性法》框架下嵌入式Linux設備的完整性 Integrity on Embedded Linux Devices under the Cyber Resilience Act (sigma-star.at)
178. 代碼審查——BJonas 用 J 語言編寫的 Scheme 解釋器 code review - BJonas'' SchemeInterpreter in J (tangentstorm.github.io)
179. Kivo——一款基於 PySide6 開發的輕量級桌面提詞器 Kivo - A lightweight desktop teleprompter built with PySide6 (github.com)
182. Ante:融合借用檢查與引用計數的新方法 Ante: New Way to Blend Borrow Checking and Reference Counting (verdagon.dev)
187. 難以理解的 Bug 第 10 期:故障的 Windows 構建版本 Unfathomable bugs #10: The Broken Windows Build (algassert.com)
192. 對私人通信的“雙重威脅”:不民主的聊天管控幕後交易及迫在眉睫的讓步,促使 fightchatcontrol.eu 網站重新上線 “Double Threat” to Private Communications: Undemocratic Chat Control Backroom Deals and Imminent Concessions Spark Relaunch of fightchatcontrol.eu (www.patrick-breyer.de)
194. 檢查航天飛機輸入/輸出處理器的電路板 Examining circuit boards from the Space Shuttle''s I/O Processor (www.righto.com)
197. huff12——一款適用於 Apple Silicon 的 12 流霍夫曼解碼器 huff12 - a 12-stream Huffman decoder for Apple Silicon (gist.github.com)
198. iOS 平臺上的動態庫延遲加載與插件架構 Lazy Loading Dynamic Libraries and the Plugin-Architecture on iOS (medium.com)
201. 我們進行了“Mythos at Home”測試:在我們的網絡基準測試中,GLM 5.2 擊敗了 Claude We have Mythos at Home: GLM 5.2 beats Claude in our Cyber Benchmarks (semgrep.dev)
204. VictoriaLogs 如何以列式佈局存儲日誌 How VictoriaLogs Stores Your Logs in a Columnar Layout (victoriametrics.com)
207. Nourish——一款支持無限縮放和平移的 Wayland 合成器 Nourish - a wayland compositor with infinite zoom and pan (github.com)
210. 藉助 Lemote Yeeloong 筆記本電腦和 OpenBSD 應對“龍”的挑戰 Working around dragons with the Lemote Yeeloong laptop and OpenBSD (oldvcr.blogspot.com)
211. 具有依賴類型且內核兼容 Lean4 的 Clojure 領域特定語言(DSL) Dependently typed Clojure DSL with a Lean4 compatible kernel (github.com)
214. OxCaml 中值得更多編程語言借鑑的特性——《The Consensus》 The feature in OxCaml that more languages should steal - The Consensus (theconsensus.dev)
215. pomerium:Pomerium 是一個支持身份識別和上下文感知功能的訪問代理 pomerium: Pomerium is an identity and context-aware access proxy (github.com)
216. Prism:一種具有類型化效應的不純粹函數式語言 Prism: An Impure Functional Language With Typed Effects (www.stephendiehl.com)
217. pg_plan_advice — 幫助規劃器制定正確的執行計劃 pg_plan_advice — help the planner get the right plan (www.postgresql.org)
220. exploitarium:一個彙集了公開漏洞利用概念驗證(PoC)的單一存檔庫 exploitarium: A single archive of public exploit PoCs (github.com)
227. Linux 7.2 提升了 shell 管道中匿名/無名管道的性能,並進行了其他改進 Linux 7.2 Improves Anonymous/Unnamed Pipe Performance For Shell Pipelines & More (www.phoronix.com)
232. 《如何看待人工智能》:科裡·多克託羅談科技巨頭、理解人工智能、勞動自動化等話題 "How to Think About AI": Cory Doctorow on Big Tech, Understanding AI, Labor Automation & More (www.youtube.com)
238. 當人工智能來處理數學計算時,作為一名數學家意味著什麼? What does it mean to be a mathematician when AI does the math? (spectrum.ieee.org)
244. 介紹 Flink 的原生 S3 文件系統:專為性能而生,為生產環境而設計 Introducing Flink''s Native S3 FileSystem: Built for Performance, Designed for Production (flink.apache.org)
248. 讓 devenv 快速啟動,並帶動整個 nixpkgs 系統一起啟動 - devenv Making devenv start fast, and the whole nixpkgs with it - devenv (devenv.sh)
250. “新布盧布悖論”,或:為何 TypeScript 並非人工智能時代的理想選擇 The New Blub Paradox, or: Why TypeScript Is a Poor Choice for the AI Era (iankduncan.com)
257. 在此次網絡攻擊發生前數年,警方就已經掌握了那些入侵倫敦交通局(TfL)的青少年相關信息 Teens who hacked TfL were known to police years before cyber-attack (www.bbc.co.uk)
260. mmo-chip:多玩家 CMOS 標準單元芯片逆向工程工具 mmo-chip: Multiplayer CMOS Standard Cell Chips Reverse Engineering Tool (github.com)
261. DSPi:一款面向樹莓派 Pico(RP2040)和 Pico 2(RP2350)的、功能齊全的音頻 DSP 固件 DSPi: A fully featured audio DSP firmware for the Raspberry Pi Pico (RP2040) and Pico 2 (RP2350) (github.com)
265. Dyalog v20.0 的新功能:數組、命名空間、組合、內聯跟蹤——阿舍·哈維-史密斯 Enhancements in Dyalog v20.0: Arrays, Namespaces, Composition, Inline Tracing - Asher Harvey-Smith (www.youtube.com)
267. Akrites:針對開源軟件關鍵基礎設施的協調、保密的漏洞修復工作取決於 Akrites: Coordinated, confidential vulnerability remediation for the open source software critical infrastructure depends on (akrites.org)
268. 我已經全面轉向 Nix:從 Proxmox 遷移到 NixOS Incus I''ve gone full Nix: Proxmox to NixOS Incus (www.nijho.lt)
269. 隆重推出 Silk:一款專為 ClickHouse 設計的絲般順滑的纖維運行時 Announcing Silk: a silky smooth fiber runtime for ClickHouse (clickhouse.com)
272. 通用同步的侷限性:架構、權衡與決策因素的分類學 The Limits of Generalized Sync: ATaxonomy of Architectures, Trade‑offs, and Decision Factors (aaltodoc.aalto.fi)
275. 在Shai-Hulud出手之前,檢測並清除開發工作站上的危險機密 Detecting and removing dangerous secrets on dev workstations before Shai-Hulud does (recyclebin.zip)
276. Clever Cloud 的 Pierre Zemb 談 FoundationDB Pierre Zemb from Clever Cloud on FoundationDB (theconsensus.dev)
287. Go 語言中的零拷貝:sendfile、splice 以及 io.Copy 的開銷 Zero-copy in Go: sendfile, splice, and the cost of io.Copy (segflow.github.io)
293. Sacr3d:一個用於在 Scheme 中實現 3D 圖形渲染的渲染引擎工具箱 Sacr3d: A rendering engine toolbox to do 3D graphics in Scheme (teddd.srht.site)
297. Rails 的擴展:每小時 4100 萬次請求,8 個數據庫,disable_joins: true Scaling Rails: 41M Req/Hour, 8 DBs, disable_joins: true (andyatkinson.com)
298. Microspeak 進一步解釋道:託管不就是“發佈候選版”的另一個說法嗎? Microspeak elaborated: Isn''t escrow just a release candidate by another name? (devblogs.microsoft.com)