How (and why) rqlite takes control of the SQLite Write-Ahead Log (philipotoole.com)
Points are a weird and inconsistent unit of measure (buttondown.com)
Fragnesia: New Linux Privilege Escalation Exploit (github.com)
What if there was no BASIC in EndBASIC? (blogsystem5.substack.com)
Setting up a free *.city.state.us locality domain (fredchan.org)
Lua as a practical "soft-bedrock" language (portal.mozz.us)
Reverting the incremental GC in Python 3.14 and 3.15 (discuss.python.org)
C26: Standard library hardening (www.sandordargo.com)
The Most Emacs Bzr Saga (thanosapollo.org)
Designing a Custom Query Language for Non-Technical Analysts (nchammas.com)
Securitybaseline.eu (securitybaseline.eu)
YellowKey Bitlocker Bypass Vulnerability (github.com)
Sovereign Tech Fund invests over 1 million in KDE software development (kde.org)
AI as Social Technology (knightcolumbia.org)
Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection (0day.click)
Erlang/OTP 29.0 Release (www.erlang.org)
An update on East River Source Control availability (ersc.io)
Dart Live, a compiler, VM, analyzer and hot reload on the web via Wasm (modulovalue.github.io)
MacBook Neo Review: The Laptop For The Rest Of Us (fireborn.mataroa.blog)
Tolaria, Rust, and Questions About What Makes a Mac App Feel Good to Me (shapeof.com)
Deterministic Fully-Static Whole-Binary Translation without Heuristics (arxiv.org)
A detailed introduction to Kakoune for the aspiring power user (ficd.sh)
Partial static single information form (bernsteinbear.com)
what 262,715 regex questions on stack overflow haven''t answered (iev.ee)
Solving the Rubik''s Cube (www.youtube.com)
Pycco: 100-line literate-style side-by-side documentation renderer (pycco-docs.github.io)
Shrinking the OxCaml js_of_ocaml bundle: 285 MB to 4 MB (kcsrk.info)
The BeBox: BeOS Hardware, Photos, and the Apple Deal That Wasn''t (www.jdhodges.com)
Soon We Can Finally Banish JavaScript to the ShadowRealm (css-tricks.com)
The hidden cost of mpsc channels (blog.howardjohn.info)
"six CVEs for serious security vulnerabilities in dnsmasq" (lists.thekelleys.org.uk)
Quack: The DuckDB Client-Server Protocol (duckdb.org)
What is BusyBox? (specular.fi)
cost of enum-to-string: C26 reflection vs the old ways (vittorioromeo.com)
Redis and the Cost of Ambition (charlesleifer.com)
Bambu Lab is abusing the open source social contract (www.jeffgeerling.com)
Time travel without borders (guix.gnu.org)
All the ways to mock your Rust code (blog.appliedcomputing.io)
Killing a Cow made my JSON formatter 42% faster (jacobasper.com)
How Rockstar fit an entire city into PlayStation 2 memory (www.youtube.com)
Postmortem: TanStack npm supply-chain compromise (tanstack.com)
Any app on recent Android versions can leak certain traffic (mullvad.net)
Learning Software Architecture (matklad.github.io)
Fuzzing fork of go toolchain (blog.trailofbits.com)
Unison In Anger (blog.feld.me)
GitLab Act 2 (about.gitlab.com)
A Technical Guide to Compiling Emacs for Performance on Linux and Unix systems (www.jamescherti.com)
The Problem of Pedagogy in Advanced Mathematics (susam.net)
Kettle: Attested builds for verifiable software provenance (arxiv.org)
CSS & vertical rhythm for text, images, and tables (vincent.bernat.ch)
floci: Light, fluffy, and always free - The AWS Local Emulator alternative (github.com)
Popular Go library fsnotify raises supply chain alarms after maintainer access changes (socket.dev)
taken (sinceyouarrived.world)
Extraordinary Ordinals (text.marvinborner.de)
An annotated digest of the 12th International Workshop on Plan 9 (n-gate.com)
The Cathedral, the Bazaar and the Kitchen (blog.vrypan.net)
Zig vs Rust in 2026 (zackoverflow.dev)
iwp9 2026 (n-gate.com)
Fighting Hyrum''s Law in LLVM (maskray.me)
Gram 2.0.0 released (gram-editor.com)
An unusually practical update for EYG (eyg.run)
Tom''s Namespaces: An Odin Fanfic (zylinski.se)
"Respectful" YAML patching in Rust (verrchu.github.io)
Moving from lsp-mode in GNU Emacs to Eglot (utcc.utoronto.ca)
The anti-minimalist backlash is the bigger story behind Oxygen’s revival (filipfila.wordpress.com)
Exception Annotations: Lay of the Land (well-typed.com)
devenv 2.1: Nix with zsh, fish, and nushell via libghostty - devenv (devenv.sh)
Running local models on an M4 (jola.dev)
A modern feed reader (2024) (unterwaditzer.net)
Running my agents in a VPS (crowdhailer.me)
What is random generation? (alperenkeles.com)
Web Feeds in 2026: A Survey (mnot.net)
Im going back to writing code by hand (blog.k10s.dev)
omlx: LLM inference server with continuous batching & SSD caching for Apple Silicon — managed from the macOS menu bar (github.com)
Programmable Whitelist-based Configs: Embedding Rye in Go (ryelang.org)
Ratty: A terminal emulator with inline 3D graphics (ratty-term.org)
Local AI Needs to be the Norm (unix.foo)
Piping terminal output to the browser using systemfd (blog.izissise.net)
Mythos finds a curl vulnerability (daniel.haxx.se)
Fully Preserving Fisher-Price Pixter (dmitry.gr)
Up to 256 MB FERRIT modular F-RAM storage device preserves critical data for up to 200 years (www.cnx-software.com)
How Factorio Syncs A Million Objects over the network (www.youtube.com)
25 years of pathfinding problems with C (www.youtube.com)
dBase: 1979-2026 (delphinightmares.substack.com)
Unlocking Encrypted ZFS Volumes with a Passkey (withblue.ink)
You Need AI That Reduces Maintenance Costs (www.jamesshore.com)
Replacing Ctrl-R in Bash without TIOCSTI (blog.rickardlindberg.me)
My pastebin clone Vivipara and language musings (akselmo.dev)
Tiny-Lua-Compiler: Possibly the smallest Lua compiler ever (github.com)
ClaudeBleed: A Flaw In Claude''s Browser Extension Allows Any Extension to Hijack It (layerxsecurity.com)
Robot Dogs Are a Security Nightmare (www.youtube.com)
Childhood Computing (lilysthings.org)
let-go: Almost Clojure written in Go (github.com)
Patching and forking in package managers (nesbitt.io)
the 90 day disclosure policy is dead (blog.himanshuanand.com)
We see something that works, and then we understand it (lemire.me)
Training an LLM in Swift, Part 1: Taking matrix multiplication from Gflop/s to Tflop/s (www.cocoawithlove.com)
wayland.fyi minimalist wayland special interest group (wayland.fyi)
A recent experience with ChatGPT 5.5 Pro (gowers.wordpress.com)
So you''ve installed fzf. Now what? (2023) (andrew-quinn.me)
9p file server daemon for UNIX-like systems (kamid.omarpolo.com)
plass: manage passwords (projects.omarpolo.com)
Debian must ship reproducible packages (lists.debian.org)
Cosmic Rays Are Quantum Computers'' Kryptonite—Software might just solve the problem (spectrum.ieee.org)
The Twin Diffie-Hellman Problem and Applications (2009) (eprint.iacr.org)
FreeBSD: Local privilege escalation via execve() (www.freebsd.org)
The Intolerable Hypocrisy of Cyberlibertarianism (matduggan.com)
Replacing a 3 GB SQLite database with a 10 MB FST (finite state transducer) binary (til.andrew-quinn.me)
Space Cadet Pinball on Linux (brennan.io)
Good First Issue: Make your first open-source contribution (goodfirstissue.dev)
Idempotency Is Easy Until the Second Request Is Different (blog.dochia.dev)
Fast Fourier Transforms Part 1: Cooley-Tukey (connorboyle.io)
A principled rethinking of array languages like APL (dercuano.github.io)
AI is Breaking Two Vulnerability Cultures (www.jefftk.com)
Relational modeling and APL (dercuano.github.io)
Point-Free Logic Programming (forum.malleable.systems)
Unlocking sudoku''s secrets (2025) (chalkdustmagazine.com)
Flipping the bozo bit on flips the learning off (surfingcomplexity.blog)
On DOS, floppies, NetBSD and nostalgia (exquisite.tube)
Abstract Machines for Logic Programs (chrisistyping.bearblog.dev)
Aurora: A Leverage-Aware Optimizer for Rectangular Matrices (blog.tilderesearch.com)
Three Cultures of Math (rkirov.github.io)
Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More) (heyitsas.im)
Where Have All the Complex Windows Malware and Their Analyses Gone? (r136a1.dev)
Laptops all have built-in security tokens these days (ahelwer.ca)
ACME CA Comparison (poshac.me)
Notes on using GNU Emacs'' Tramp system in an unusual shell environment (utcc.utoronto.ca)
Fixing QuickLook (2023) (foon.uk)
FFmpeg: The Incredible Technology Behind Video on the Internet (www.youtube.com)
Yggdrasil Network as an Embedded Go Library (dev.to)
Hacking Time: Spoofing Atomic Clocks with Audio Harmonics (josephhall.org)
.png)
My Agentic Trust Issues: From Prompt Injection to Supply-Chain Compromise on gemini-cli (www.pillar.security)
I Will Not Add Query Strings to Your URLs (susam.net)
WebRTC is the Problem (moq.dev)
The React2Shell Story and What Happened Next.js (sylvie.fyi)
On forking the Web (dillo-browser.org)
You gave me a u32. I gave you root. (io_uring ZCRX freelist LPE) (ze3tar.github.io)
Inflorescence – A cross-platform native GUI for Pijul (nest.pijul.com)
Chrome’s AI features may be hogging 4GB of your computer storage (www.theverge.com)
killswitch: add per-function short-circuit mitigation primitive [LWN.net] (lwn.net)
Steering Zig Fmt (matklad.github.io)
12th International Workshop on Plan 9 (Presentations) (www.youtube.com)
A Randomized Scheduler with Probabilistic Guarantees of Finding Bugs (www.microsoft.com)
CADara - I made an open-source fully in-browser CAD (cadara.app)
I learned something about GPUs today (foon.uk)
CVE-2026-31431: Copy Fail (retr0.zip)
jank now has its own custom IR (jank-lang.org)
Let''s Encrypt Stopping Issuance for Potential Incident (letsencrypt.status.io)
NixOS and Secrets (isabelroses.com)
Vulnerability Garden: A growing list of named vulnerabilities, attack techniques and exploits (vulnerability.garden)
Discovery & Validation in the Linux Kernel (Part 1): CAN Use-After-Free Race (www.bynar.io)
Rooting a VMC2040 security camera (www.marcusfolkesson.se)
What We Lost the Last Time Code Got Cheap (www.poppastring.com)
The Sync bound nobody asked for (verrchu.github.io)
Pushing Local Models With Focus And Polish (lucumr.pocoo.org)
Serving a Website on a Raspberry Pi Zero Running Entirely in RAM (btxx.org)
The surprisingly complex journey to text-selectable client-side generated PDFs (sdocs.dev)
Just Fucking Use Go - Blain Smith (blainsmith.com)
Wii IP6 webserver (wii.sjmulder.nl)
Getting peak TOPS on a Ryzen AI 7 350 NPU (destevez.net)
Stop MITM on the first SSH connection, on any VPS or cloud provider (www.joachimschipper.nl)
building a web server in aarch64 assembly to give my life (a lack of) meaning (imtomt.github.io)
hpke-ng: Faster, Smaller, Harder HPKE for Rust (symbolic.software)
Just Fucking Use React (justfuckingusereact.com)
blaise: A modern, self-hosting Object Pascal compiler built for the 2020s. Zero legacy, full ARC, and unified UTF-8 (github.com)
From Supabase to Clerk to Better Auth (blog.val.town)
The agent principal-agent problem (crawshaw.io)
Revisiting PQ WireGuard (eprint.iacr.org)
A Tale of Two Worlds, a Formal Story of WireGuard Hybridization (www.usenix.org)
jlearn: Machine Learning Library in J (github.com)
The cuda-oxide Book (nvlabs.github.io)
cuda-oxide: cuda-oxide is an experimental Rust-to-CUDA compiler (github.com)
Copy Fail 2: Electric Boogaloo (github.com)
Additive Blending on the Nintendo 64 (phoboslab.org)
Why Don’t Lowercase Letters Come Right After Uppercase Letters in ASCII? – Tyler Hillery (tylerhillery.com)
Cloudflare lays off 1,100 employees (blog.cloudflare.com)
Building Transit Tracker (blog.horner.tj)
Affordances of a screenless writing interface (jamesg.blog)
Mojo v1.0.0b1 (mojolang.org)
Dirty Frag: Universal Linux LPE (www.openwall.com)
Formatting an entire 25 million line codebase overnight: the rubyfmt story (stripe.dev)
Ploopy Bean - external trackpoint (ploopy.co)
jj v0.41.0 is out (github.com)
Behind the Scenes Hardening Firefox with Claude Mythos Preview (hacks.mozilla.org)
A PHP license change is imminent (lwn.net)
Potential Consequences of Using Postgres as a Job Queue (richyen.com)
VRL Log Splitting FlowG v0.55.0 (flowg.cloud)
Major DNS Outage Hits .de Domains: DNSSEC Failure on May 5, 2026 (www.ip.network)
AI Slop is Killing Online Communities (rmoff.net)
Try LispE in the Browser (naver.github.io)
Programming Still Sucks (www.stvn.sh)
DNSSEC disruption affecting .de domains (status.denic.de)
Making your own programming language is easier than you think (but also harder) (lisyarus.github.io)
aube, a fast Node.js package manager (aube.en.dev)
A new hash table for the Lwan web server (tia.mat.br)
Vibe coding and agentic engineering are getting closer than I’d like (simonwillison.net)
Google’s Prompt API (wil.to)
A Path Not Taken for OxCaml (joel.place)
cursed_browser: A web browser with no rendering engine — the VLM reads the HTML and hallucinates the page (github.com)
Branimir Lambov from IBM on Cassandra (theconsensus.dev)
Plastic Flowers to Protect the Hive (phildini.dev)
Canvas-ing the Web (meyerweb.com)
Arguments parsing in Guile (fishinthecalculator.me)
The Original Super Mario 64 Is Now Playable On GBA (retrododo.com)
Hardware-assisted Arm VMs for s390 (lwn.net)
Open weights are quietly closing up - and that''s a problem (martinalderson.com)
How an HTTP header caused time.gov to skew from UTC (alexsci.com)
Peer Production License (worker.informatics.coop)
A text editor as UI: implementation (softwaremaniacs.org)
Solod v0.1: Go ergonomics, practical stdlib, native C interop (antonz.org)
Building the deployment tool I wish I had (ruuda.nl)
What even is a pidfd anyway? (www.corsix.org)
Scroll-Driven Animations (www.joshwcomeau.com)
1000 third parties could have stolen RIPE NCC session tokens - by design (mxsasha.eu)
Multi-stroke text effect in CSS (yuanchuan.dev)
We''re Not Building AI Features for the Money (zed.dev)
Programming Is Real Engineering, And AI Proves It (jerf.org)
A new filesystem for pidfds (lwn.net)
Emacs Completion Showcase with VOMPECCC (video) (www.chiply.dev)
iPhone dumbphone (stopa.io)
Working was the beginning (themackabu.dev)
Principia Softwarica (principia-softwarica.org)
Go is FIPS 140-3 certified (csrc.nist.gov)
The vi family (lpar.ath0.com)
Understanding Wi-Fi 4/5/6/6E/7/8 (802.11 n/ac/ax/be/bn) (www.wiisfi.com)
A dispute over the TAB key between Microsoft and IBM organizational structures (devblogs.microsoft.com)
krabby: making a fast Rust compiler (bal-e.org)
StarFighter 16-inch (us.starlabs.systems)
SLAM: s6/synit based NixOS (worker.informatics.coop)
Google Chrome silently installs a 4 GB AI model on your device without consent (www.thatprivacyguy.com)
Comparing the Z80 and 6502 to Their Relatives (bumbershootsoft.wordpress.com)
An exploitable integer overflow in Lix (CVE-2026-44028) (lix.systems)
One week of view_types (scrabsha.dev)
We''re announcing Mikan: a proof assistant for cubical type theory, forked from the Agda codebase (types.pl)
RSS Feeds Send Me More Traffic Than Google (shkspr.mobi)
Building my own Vi text editor in BASIC (leetusman.com)
Behavior-Oriented Concurrency for Python: Lock-less, Deadlock-free, Ownership-based (microsoft.github.io)
How not to format a private key (keymaterial.net)
Why didn’t IPv6 work in my home network? (gowtham.dev)
claude code is not making your product better (ethanding.substack.com)
A bidirectional typechecking puzzle (haskellforall.com)
A Caddy Cert Expired Because systemd-resolved Was Selectively Broken (rant.mvh.dev)
Rolling the root key (blog.apnic.net)
Agent MetaSKILLs (swival.dev)
Post-Quantum VPN Based on QUIC (github.com)
What I’m Hearing About Cognitive Debt (So Far) (margaretstorey.com)
minipgp6: A very lean interpretation of modern OpenPGP (codeberg.org)
MacBook Neo Deep Dive: Benchmarks, Wafer Economics, and the 8GB Gamble (www.jdhodges.com)
Inexpressibility in Exp-Minus-Log (arxiv.org)
Embedded Rust or C Firmware? Lessons from an Industrial Microcontroller Use Case with Ariel OS (arxiv.org)
Bun (the js runtime) is being vibe-ported from zig to rust (github.com)
Tokens and Dreams (charlesleifer.com)
A little comparison between R and Kap (blog.dhsdevelopments.com)
sectorllm: llama2 inference in 1500 bytes of x86 assembly (github.com)
Podman rootless containers and the Copy Fail exploit (garrido.io)
Nondeterminism''s not the problem (isaacvando.com)
Security Advisory: Local privilege escalation in Lix and Nix (discourse.nixos.org)
uutils coreutils CVEs (seclists.org)
OpenMythos: A theoretical reconstruction of the Claude Mythos architecture, built from first principles using the available research literature (github.com)
Oasis Linux (git.sr.ht)
Release v0.9.0 · Foxboron/ssh-tpm-agent (github.com)
Losing Skills (noahbogart.com)
THEC64 Handheld (www.c64os.com)
Byline: Structured Identity for Syndication Feeds (www.bylinespec.org)
Redis array type: short story of a long development (antirez.com)
6.828: Operating System Engineering (2012) (pdos.csail.mit.edu)
Package Manager CWEs (nesbitt.io)
Async Rust never left the MVP state (tweedegolf.nl)
How I create static websites for tiny archives (2025) (alexwlchan.net)
oops, cubic macro (bal-e.org)
How LLMs Distort Our Written Language (sites.google.com)
Is form design easy? (adamsilver.io)
[2022] the tragedy of gethostbyname (ariadne.space)
In the Lab: Inside Brave Origin & Containers (incognitocat.me)
Do AI summaries hurt critical thinking? (medium.com)
Writing middlewares for Rust Lambda functions (loige.co)
Native macOS app to track YouTube channels, no Google login required (github.com)
Reminder: You Can Stitch Together Lots of Little HTML Pages With Navigations For Interactions (blog.jim-nielsen.com)
I accidentally made law enforcement shut down their stresser honeypot (lina.sh)
Designing microkernel IPC (seiya.me)
Continuing the story of early DOS development (opensource.microsoft.com)
dithering with css (ikesau.co)
On (not) using “cryptographic hashes” for hash table keys (runxiyu.org)
Agentic Coding is a Trap (larsfaye.com)
Blue Ridge Ruby 2026 (microblog.thomascannon.me)
Broadcasting GPS on the local network (evertpot.com)
How a Broken Bike Sync Led Me to Reverse Engineering My Wahoo’s Hidden Debug Mode (noahclements.com)
This Wasm interpreter fits in a QR code (purplesyringa.moe)
For thirty years I programmed with Phish on, every day. In 2026, the music is out of phase with the work (christophermeiklejohn.com)
Fake Notepad for Mac (notepad-plus-plus.org)
Your Container Is Not a Sandbox (emirb.github.io)
C8s: A Confidential Kubernetes Architecture (arxiv.org)
A desktop made for one (isene.org)
git-async web demo - A git browser in the browser (git-async.donk.systems)
Minimal Viable Zig Error Contexts (matklad.github.io)
My favorite device is a Chromebook, without ChromeOS (kokada.dev)
The text mode lie: why modern TUIs are a nightmare for accessibility (xogium.me)
Losrs - Spaced Repetition in the terminal with markdown cards (github.com)
GIT - the stupid content tracker (raw.githubusercontent.com)
pgBackRest is dead. Now what? (mydbanotebook.org)