Take one step at a time to get your privacy right.

Hysteria is contagious online. One person’s worry becomes another’s conviction, and that belief hardens — the thrill of righteous outrage is addictive! This week saw claims a PPA is being used to distribute Linux ransomware go wild online — but is it true? The story is a bit long, and a bit dry but it goes like this: A user said they tried to install WinBoat (a tool for running Windows apps on Linux) but it wouldn’t connect to FreeRDP. So they tried FreeRDP from different sources, to no avail. Then, they saw a comment on GitHub about a custom […]

You're reading Linux PPA Ransomware Scare is Light on Evidence, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Linux Mint 22.3 is adding a revamped System Information tool with USB, GPU, PCI and BIOS sections to make hardware troubleshooting easier.

You're reading Linux Mint 22.3 is Adding New System Hardware Tool, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Firefox has a new mascot called Kit. Mozilla say the vibrant vulpine character embodies its vision for privacy and openness on the modern web.

You're reading Mozilla Unveils Kit, a (Cute) New Mascot for Firefox, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

CrossOver, the commercial Wine tool, is now available for Linux ARM64 devices in preview, allowing Windows games and software to run on ARM-based systems.

You're reading CrossOver Brings Wine to Linux ARM64 With “Impressive” Results, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Prices are rising across Netflix, Spotify, and their peers, and more people are quietly returning to the oldest playbook of the internet: piracy. Is the golden age of streaming over?

Hello community, here we have another set of package updates. Welcome to our new development cycle of Manjaro 25.1.0, code-named ‘Anh-Linh’.We will focus on Plasma 6.5 series and will introduce GNOME 49, maybe Cosmic 1.0 (Beta).

Current Promotions

• Get the latest Gaming Laptop by Slimbook powered by Manjaro: Slimbook Manjaro III
• Protect your personal data, keep yourself safe with Surfshark VPN: See current promotion

Recent News

• Manjaro 25.0 Zetar released
• Manjaro Summit public Alpha now available
• As of Linux 6.16.12, the 6.16 series is now EOL (End Of Life). Please install 6.17 stable and/or 6.12 LTS (Long Term Support).

Valkey to replace Redis in the [extra] Repository (click for more details) Previous News Finding information easier about Manjaro (click for more details) Notable Package Updates

• Kernels got updated
  • linux616 got removed
• Grub 2.14rc1
• Dracut 109
• Nvidia 580.105.08
• Xorg-Server 21.1.20
• Plasma 6.5.1
• Cosmic 1.0.0.beta.4
• LibreOffice 25.2.7
• Mesa 25.2.6
• Firefox 144.0.2 and 145.0b9
• a lot of rebuilds

Additional Info Python 3.13 info (click for more details) Info about AUR packages (click for more details)

Get our latest daily developer images now from Github: Plasma, GNOME, XFCE. You can get the latest stable releases of Manjaro from CDN77.

Our current supported kernels

• linux54 5.4.301
• linux510 5.10.245
• linux515 5.15.196
• linux61 6.1.158
• linux66 6.6.116
• linux612 6.12.57
• linux617 6.17.7
• linux618 6.18.0-rc4
• linux61-rt 6.1.156_rt56
• linux66-rt 6.6.116_rt66
• linux612-rt 6.12.49_rt13
• linux616-rt 6.16.0_rt3
• linux617-rt 6.17.5_rt7

Package Changes (11/5/25, 17:43 CET)

• testing core x86_64: 47 new and 47 removed package(s)
• testing extra x86_64: 3198 new and 3344 removed package(s)
• testing multilib x86_64: 35 new and 51 removed package(s)

A list of all changes can be found here.

Click to view the poll.

Check if your mirror has already synced:

• Mirror-Check Service

15 posts - 9 participants

Read full topic

Tiny problem but not good for the image of Fedora Linux, pun intended.

The post How to Fix “404 Not Found” Errors in Debian During apt-get upgrade first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

The “404 Not Found” error during upgrade occurs when your system attempts to download packages from repository sources that no

The post How to Fix “404 Not Found” Errors in Debian During apt-get upgrade first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

Like it or not Rust is everywhere, just like autumn.

The waydroid package prior to version 1.5.4-2 (including aur/waydroid) creates Python byte-code files (.pyc) at runtime which were untracked by pacman. This issue has been fixed in 1.5.4-3, where byte-compiling these files is now done during the packaging process.

As a result, the upgrade may conflict with the unowned files created in previous versions. If you encounter errors like the following during the update:

error: failed to commit transaction (conflicting files)

waydroid: /usr/lib/waydroid/tools/__pycache__/__init__.cpython-313.pyc exists in filesystem

waydroid: /usr/lib/waydroid/tools/actions/__pycache__/__init__.cpython-313.pyc exists in filesystem

waydroid: /usr/lib/waydroid/tools/actions/__pycache__/app_manager.cpython-313.pyc exists in filesystem

You can safely overwrite these files by running the following command:

pacman -Syu --overwrite /usr/lib/waydroid/tools/\*__pycache__/\*

Want to try Ubuntu's amd64v3 packages? Here's how to check if your CPU supports them, enable them via APT, and revert if things go wrong.

You're reading How to Enable amd64v3 Packages on Ubuntu 25.10, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Those who used GNOME 2 in the 2000's would remember the now forgotten GNOME Office. I think it's time to revive that project.

The post How to Use dpkg, apt, aptitude, synaptic, and tasksel in Debian first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

Debian offers several tools for managing software packages, each serving a specific purpose in the package management ecosystem, and understanding

The post How to Use dpkg, apt, aptitude, synaptic, and tasksel in Debian first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

When will these Big Tech platforms learn?

by George Whittaker

The Linux kernel, foundational for servers, desktops, embedded systems, and cloud infrastructure, has been under heightened scrutiny. Several vulnerabilities have been exploited in real-world attacks, targeting critical subsystems and isolation layers. In this article, we’ll walk through major examples, explain their significance, and offer actionable guidance for defenders.

CVE-2025-21756 – Use-After-Free in the vsock Subsystem

One of the most alarming flaws this year involves a use-after-free vulnerability in the Linux kernel’s vsock implementation (Virtual Socket), which enables communication between virtual machines and their hosts.

How the exploit works: A malicious actor inside a VM (or other privileged context) manipulates reference counters when a vsock transport is reassigned. The code ends up freeing a socket object while it’s still in use, enabling memory corruption and potentially root-level access.

Why it matters: Since vsock is used for VM-to-host and inter-VM communication, this flaw breaks a key isolation barrier. In multi-tenant cloud environments or container hosts that expose vsock endpoints, the impact can be severe.

Mitigation: Kernel maintainers have released patches. If your systems run hosts, hypervisors, or other environments where vsock is present, make sure the kernel is updated and virtualization subsystems are patched.

CVE-2025-38236 – Out-of-Bounds / Sandbox Escape via UNIX Domain Sockets

Another high-impact vulnerability involves the UNIX domain socket interface and the MSG_OOB flag. The bug was publicly detailed in August 2025 and is already in active discussion.

Attack scenario: A process running inside a sandbox (for example a browser renderer) can exploit MSG_OOB operations on a UNIX domain socket to trigger a use-after-free or out-of-bounds read/write. That allows leaking kernel pointers or memory and then chaining to full kernel privilege escalation.

Why it matters: This vulnerability is especially dangerous because it bridges from a low-privilege sandboxed process to kernel-level compromise. Many systems assume sandboxed code is safe; this attack undermines that assumption.

Mitigation: Distributions and vendors (like browser teams) have disabled or restricted MSG_OOB usage for sandboxed contexts. Kernel patches are available. Systems that run browser sandboxes or other sandboxed processes need to apply these updates immediately.

CVE-2025-38352 – TOCTOU Race Condition in POSIX CPU Timers

In September 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

Go to Full Article

The systemd-free distro is now powered by Debian 13.

The Turris Omnia NG promises lifetime updates and a modular design for a real long-term use.

Kodi, Jellyfin, Plex, Emby! You might have heard and wondered what those are and why people are crazy about them. Let me explain in this article.

The post How to Setup WireGuard VPN Server with WireGuard-UI on Ubuntu first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

When you connect to a coffee shop’s WiFi or access the internet from any public network, your data travels through

The post How to Setup WireGuard VPN Server with WireGuard-UI on Ubuntu first appeared on Tecmint: Linux Howtos, Tutorials & Guides.