Almost 50% of all internet traffic are non-human already. Unchecked, it could lead to a zombie internet.

Control Spotify playback from top bar in Ubuntu using gSpotify, a slick GNOME extension that even changes colour based on the playing track's artwork.

You're reading Colourful Spotify Controller (+ More) for GNOME Shell, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker

The speculation around a successor to the Steam Deck has stirred renewed excitement, not just for a new handheld, but for what it signals in Linux-based gaming. With whispers of next-gen specs, deeper integration of SteamOS, and an evolving handheld PC ecosystem, these rumors are fueling broader hopes that Linux gaming is entering a more mature age. In this article we look at the existing rumors, how they tie into the Linux gaming landscape, why this matters, and what to watch.

What the Rumours Suggest

Although Valve has kept things quiet, multiple credible outlets report about the Steam Deck 2 being in development and potentially arriving well after 2026. Some of the key tid-bits:

• Editorials note that Valve isn’t planning a mere spec refresh; it wants a “generational leap in compute without sacrificing battery life”.

• A leaked hardware slide pointed to an AMD “Magnus”-class APU built on Zen 6 architecture being tied to next-gen handhelds, including speculation about the Steam Deck 2.

• One hardware leaker (KeplerL2) cited a possible 2028 launch window for the Steam Deck 2, which would make it roughly 6 years after the original.

• Valve’s own design leads have publicly stated that a refresh with only 20-30% more performance is “not meaningful enough”, implying they’re waiting for a more substantial upgrade.

In short: while nothing is official yet, there’s strong evidence that Valve is working on the next iteration and wants it to be a noteworthy jump, not just a minor update.

Why This Matters for Linux Gaming

The rumoured arrival of the Steam Deck 2 isn’t just about hardware, it reflects and could accelerate key inflection points for Linux & gaming:

Validation of SteamOS & Linux Gaming

The original Steam Deck, running SteamOS (a Linux-based OS), helped prove that PC gaming doesn’t always require Windows. A well-received successor would further validate Linux as a first-class gaming platform, not a niche alternative but a mainstream choice.

Handheld PC Ecosystem Momentum

Since the first Deck, many Windows-based handhelds have entered the market (such as the ROG Ally, Lenovo Legion Go). Rumours of the Deck 2 keep spotlight on the form factor and raise expectations for Linux-native handhelds. This momentum helps encourage driver, compatibility and OS investments from the broader community.

Go to Full Article

Forget pumpkin carving. This year, I carved out a haunted Hyprland setup straight from the underworld of Arch Linux 👻

Fedora 43 is here and so is KDE Plasma 6.5 with a bunch of new, modern features.

Learn how to upgrade Ubuntu 25.04 to Ubuntu 25.10 'Questing Quokka' using Software Updater or the command line in this guide (with troubleshooting tips).

You're reading How to Upgrade to Ubuntu 25.10 from 25.04, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

In Part One of this series, we examined how the SONiC control plane and the VPP data plane form a cohesive, software-defined routing stack through the Switch Abstraction Interface.  We outlined how SONiC’s Redis-based orchestration and VPP’s user-space packet engine come together to create a high-performance, open router architecture. In this second part, we’ll turn […]

The post Disaggregated Routing with SONiC and VPP: Lab Demo and Performance Insights – Part Two appeared first on Linux.com.

Pomodoro combined with task management and website blocking. This is an excellent tool for productivity seekers but there are some quirks worth noticing.

by George Whittaker Introduction

The popular penetration-testing distribution Kali Linux has dropped its latest quarterly snapshot: version 2025.3. This release continues the tradition of the rolling-release model used by the project, offering users and security professionals a refreshed toolkit, broader hardware support (especially wireless), and infrastructure enhancements under the hood. With this update, the distribution aims to streamline lab setups, bolster wireless hacking capabilities (particularly on Raspberry Pi devices), and integrate modern workflows including automated VMs and LLM-based tooling.

In this article, we’ll walk through the key highlights of Kali Linux 2025.3, how the changes affect users (both old and new), the upgrade path, and what to keep in mind for real-world deployment.

What’s New in Kali Linux 2025.3

This snapshot from the Kali team brings several categories of improvements: tooling, wireless/hardware support, architecture changes, virtualization/image workflows, UI and plugin tweaks. Below is a breakdown of the major updates.

Tooling Additions: Ten Fresh Packages

One of the headline items is the addition of ten new security tools to the Kali repositories. These tools reflect shifts in the field, toward AI-augmented recon, advanced wireless simulation and pivoting, and updated attack surface coverage. Among the additions are:

• Caido and Caido-cli – a client-server web-security auditing toolkit (graphical client + backend).

• Detect It Easy (DiE) – a utility for identifying file types, a useful tool in reverse engineering workflows.

• Gemini CLI – an open-source AI agent that integrates Google’s Gemini (or similar LLM) capabilities into the terminal environment.

• krbrelayx – a toolkit focused on Kerberos relaying/unconstrained delegation attacks.

• ligolo-mp – a multiplayer pivoting solution for network-lateral movement.

• llm-tools-nmap – allows large-language-model workflows to drive Nmap scans (automated/discovery).

• mcp-kali-server – configuration tooling to connect an AI agent to Kali infrastructure.

• patchleaks – a tool that detects security-fix patches and provides detailed descriptions (useful both for defenders and auditors).

• vwifi-dkms – enables creation of “dummy” Wi-Fi networks (virtual wireless interfaces) for advanced wireless testing and hacking exercises.

Go to Full Article

Ubuntu 25.10 no longer includes the Startup Applications tool, so learn how to autostart scripts and run custom commands at login with .desktop files.

You're reading How to Run Scripts and Commands at Login in Ubuntu 25.10, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

From BSL license changes to abandoned codebases, see how the open source community struck back with powerful forks and fresh alternatives.

Floating Mini Panel GNOME extension now has a vertical panel option, an orientation which feel up (a bit of) screen space on widescreen displays.

You're reading Floating Mini Panel Gains New Vertical Orientation Option, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Ghostty certainly has a few innovative features up its sleeves but is it worth your time?

Ubuntu 25.10's Rust-based coreutils had a bug preventing automatic updates from working. Here's what happened, why it matters, and how it was resolved.

You're reading Rust Bug Broke Ubuntu 25.10 Automatic Update Checks, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Upgrade to KDE Plasma 6.5 on Ubuntu 25.10 using the official Kubuntu Backports PPA. Installation steps, advice and rollback instructions provided.

You're reading How to Upgrade to KDE Plasma 6.5 on Kubuntu 25.10, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Canonical announce beta DeepSeek and Qwen AI inference snaps for Ubuntu, both optimised to deliver better performance on Intel and ARM Ampere systems.

You're reading DeepSeek and Qwen AI Models Now Available as Ubuntu Snaps, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker Introduction

In the world of modern CPUs, speculative execution, where a processor guesses ahead on branches and executes instructions before the actual code path is confirmed, has long been recognized as a performance booster. However, it has also given rise to a class of vulnerabilities collectively known as “Spectre” attacks, where microarchitectural side states (such as the branch target buffer, caches, or predictor state) are mis-exploited to leak sensitive data.

Now, a new attack variant, dubbed VMScape, exposes a previously under-appreciated weakness: the isolation between a guest virtual machine and its host (or hypervisor) in the branch predictor domain. In simpler terms: a malicious VM can influence the CPU’s branch predictor in such a way that when control returns to the host, secrets in the host or hypervisor can be exposed. This has major implications for cloud security, virtualization environments, and kernel/hypervisor protections.

In this article we’ll walk through how VMScape works, the CPUs and environments it affects, how the Linux kernel and hypervisors are mitigating it, and what users, cloud operators and admins should know (and do).

What VMScape Is & Why It Matters The Basics of Speculative Side-Channels

Speculative execution vulnerabilities like Spectre exploit the gap between architectural state (what the software sees as completed instructions) and microarchitectural state (what the CPU has done internally, such as cache loads, branch predictor updates, etc). Even when speculative paths are rolled back architecturally, side-effects in the microarchitecture can remain and be probed by attackers.

One of the original variants, Spectre-BTI (Branch Target Injection, also called Spectre v2) leveraged the Branch Target Buffer (BTB) / predictor to redirect speculative execution along attacker-controlled paths. Over time, hardware and software mitigations (IBRS, eIBRS, IBPB, STIBP) have been introduced. But VMScape shows that when virtualization enters the picture, the isolation assumptions break down.

VMScape: Guest to Host via Branch Predictor

VMScape (tracked as CVE‑2025‑40300) is described by researchers from ETH Zürich as “the first Spectre-based end-to-end exploit in which a malicious guest VM can leak arbitrary sensitive information from the host domain/hypervisor, without requiring host code modifications and in default configuration.”

Here are the key elements making VMScape significant:

• The attack is cross-virtualization: a guest VM influences the host’s branch predictor state (not just within the guest).

Go to Full Article

GNOME all the way!

VirtualBox 7.2.4 is the second maintenance update in the new 7.2.x series, but users say installation fails on Ubuntu 25.10 due to a libxml2 dependency issue.

You're reading VirtualBox 7.2.4 Released (But Won’t Install on Ubuntu 25.10), a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.