CVE-2026-42945 hits nginx 0.6.27–1.30.0 rewrite module with heap overflow. CVSS 9.2 but only fires on specific rewrite+capture+set patterns. How to check with nginx -T and what to patch.
Verdict on GTIG's May 11, 2026 report: the first confirmed AI-generated zero-day, a Python 2FA bypass for an OSS admin tool, was caught by a hallucinated CVSS score and textbook Pythonic code structure.
Tested Q_rsqrt on Apple M4 (Mac mini) and Zen 3 (Ryzen 5800HS / WSL2). M4's -O2 already rewrites 1/sqrtf to frsqrte and ties Q_rsqrt; x86 clang needs -ffast-math or hits a 12x gap. Hand-written NEON/SSE wrappers turn out slower. Newton 0/1/2 error and the Lomont constant covered too.
oMLX 0.3.9.dev2 release notes from the angle of Codex/Copilot on Mac local LLMs: Gemma 4 VLM MTP, DFlash, omlx launch copilot, SSD KV cache — what each changes for agent workflows.
RubyGems.org halted new signups after DDoS and 500+ malicious gem uploads. Existing install/push unaffected — check lockfiles for gems added around May 12 2026.
VoxCPM2 sits in the tokenizer-free corner. Mapped vs F5-TTS, CosyVoice2, Irodori-TTS, Style-Bert-VITS2; plus why Japanese TTS still leans on OpenJTalk.
NVD API queries: kernel CVEs return Analyzed but SuperAGI CVE-2026-6584 stays Deferred with no CPE. Maps Snyk, Trivy, Grype, Dependabot, OSV-Scanner reliance on NVD vs GHSA/OSV.
CodePush shut down in March 2025. Compared EAS Update, self-hosted, and Stallion for React Native OTA — rollback, bundle signing, delta delivery — plus Unity AssetBundle parallels, TestFlight for personal apps, PWA Service Worker cache traps, and the lifecycle of deployed code.
TanStack npm compromise (42 pkgs / 84 versions, CVE-2026-45321 CVSS 9.6) on May 11, 2026 UTC spread across UiPath (60+), Mistral, OpenSearch, guardrails-ai, Checkmarx Jenkins. Covers token-revoke wipe ordering, first valid SLSA provenance on malicious npm, and Vect ransomware secondary wave (wiper, not real ransomware). Live tracking.
Every Ghostty tab turns into 'Claude Code' when running multiple AI CLI sessions. Fix it with shell-integration-features = no-title, CLAUDE_CODE_DISABLE_TERMINAL_TITLE, and a 30-line zsh preexec/precmd/chpwd hook that tags tabs by repo name.