February 28, 2026 at 11:57 PM

MidnightBSD Forbids Use by Californians

Responding the new California Law, AB1043, which threatens developers of Open Source operating systems with fines if they do not implement an age verification mechanism, MidnightBSD has modified their license to exclude use by Californians staring Jan 1, 2027.

While California is the first state to inact age-verification mandates at the OS-level, Colorado recently passed a similar law.

February 28, 2026 at 11:46 PM

OpenClaw Wipes the Inbox of Meta AI Director

Summer Yue, Director of Alignment for Meta’s Super Intelligence Lab, had her email inbox wiped, Hillary Clinton style, by OpenClaw. Lacking any intelligence of her own, she asked OpenClaw to flag any emails that should be deleted but to ask for permission before deleting them. However, OpenClaw decided to operate on the “it is better to get forgiveness than permission” plan.

February 25, 2026 at 12:03 PM

Democrats Infringe on Open Source, Legislate Spyware

Adafruit, the maker-focused electronics design house and manufacturer based in New York, keeps finding that it needs to defend open source from busy-body politicians. Last month, the outwardly non-political, tech-focused company spoke out against New York Mayor Mamdami’s misinformed actions against Raspberry Pis.

Now Adafruit is speaking out against proposed legislation in Democratically-controlled Colorado that would require Linux and other open source operating systems to implement unsound age-verification practices. The Electronic Frontier Foundation maintains a website on the perils of age-verification technlogy.

Adafruit’s blog post also points out other recent challenges to makers and 3D printing, highlighting legislation in the Democratically-controlled states of New York and California that would limit 3D printers from printing parts that are somehow deemed usable in firearms. Adafruit is correct in asserting that such laws do not work, infringe on other uses of 3D printing technology, and drive up the costs and legal risks for manufacturers of maker-focused manufacturers and hobbyists.

February 11, 2026 at 03:44 PM

Hundreds of Malicious OpenClaw Skills Discovered

OpenClaw, is a self-hosted personal AI assistant that is all the rage lately. However, its centralized skills repository, ClawHub, has been found to have 314 malicious AI skills to be used in malware campaigns and other compromises.

Indications are that the malicious AI skills uploaded to ClawHub are not just one-off attacks but are a “systemic threat” to OpenClaw and ClawHub.

These AI skills appear a legitimate agents, but are intended to exfiltrate data, install backdoors, and execute other compromises.

As predicted, OpenClaw is an opsec nightmare.

February 11, 2026 at 03:33 PM

237 Repos Hit with AI Hallucinated NPM Vulnerability

Charlie Eriksen of Aikido Security discovered an npx command that was hallucinated by Artificial Intelligence and found its way into 237 GitHub repositories.

The command, “npx react-codeshift”, has never existed, yet it replicated in so many code bases due to AI hallucinations.

The package for the command did not exist, so Charlie claimed the package before a bad actor could, thus preventing what could have been a very damaging exploit.

This incident highlights the need for humans to double check the output of AI.

February 1, 2026 at 11:19 PM

ISP Goes Bankrupt Because Rats Keep Chewing Through Their Fiber

UK internet service provider G.Network has gone bankrupt in part because rats keeping chewing through their fiber optic cables made with biodegradable sheathing composed of soy and corn substances.

FitzWalter Capital, the private equity firm who owns G.Network, was attempting to unload the business on Community Fibre. However, Community Fibre backed out of the deal upon learning of G.Network’s underground rodent snacks.

January 30, 2026 at 01:19 PM

Cloudflare Makes a Post-Quantum Matrix Server

Ok. Cloudflare did not do it, but one of their employees did it as a side-project and the results are impressive.

Nick Kuntz ported the Matrix server Synapse to Cloudflare infrastructure making it serverless. And as a side benefit, every connection to this Cloudflare-hosted Matrix home server can take advantage of post-quantum cryptography.

The code is available on GitHub under the MIT license.

January 27, 2026 at 12:21 PM

Microsoft Hijacks Example.com

For six years, Microsoft has been rerouting example.com to a company in Japan according to tinyapps.org and first reported on 1 January. Assessment of the damage is unknown, but configurations of email services that used example.com were being incorrectly set to the services of Sumitomo Electric at sei.co.jp. According to ArsTechnica, it appears any credentials used with this configuration were sent to Sumitomo Electric.

According to the ArsTechnica article, it does appear Microsoft is now aware of the problem and has taken steps to correct the issue.

January 22, 2026 at 11:19 AM

Lingering Vulnerability In Telnetd Found

A recently discovered vulnerability in the GNU InetUtils telnetd server has just been revealed. The bug allows a user to obtain root access by passing in a simple environment variable.

Though recently revealed, the bug has been in the code since 2015.

“Do not run a telnetd server at all.” advises Simon Joseffson, one of the patch submitters.

January 15, 2026 at 12:57 PM

New Raspberry Pi AI HAT +2

The Raspberry Pi has introduced the new AI Hat +2, an AI co-processor and add-on board, featuring the Hailo-10H neural network accelerator and 8GB of dedicated on-board RAM. With this new AI board, generative AI workloads maybe off-loaded from the main CPU on to the Hailo-10H.

The product is available now for $130.