Digest · 23 stories · 49 sources
2026-06-26
Updated
Top stories
- Apple raises MacBook and iPad prices on the memory crunch Apple raised prices on base MacBook and iPad configurations on 2026-06-25, its first move to pass higher memory and storage costs to consumers. Reported increases run from about 17% to 25%: the entry MacBook Neo to $699 from $599, the 512GB MacBook Air to $1,299 from $1,099, the 1TB MacBook Pro to $1,999 from $1,699, and iPad base models up $100 to $150. Apple cited AI data center demand draining DRAM and NAND supply and said it had never seen a component price rise this fast.
- OpenAI to stagger GPT-5.6 release at US government request Reporting on 2026-06-25 (single-sourced) says OpenAI will stagger the release of GPT-5.6 after a request from the Office of the National Cyber Director and the Office of Science and Technology Policy. Sam Altman reportedly told staff GPT-5.6 will enter a limited preview for a small set of enterprise customers, with the government approving access customer by customer during the preview. The request maps onto Executive Order 14409 (signed 2026-06-02), which asks developers to give the government up to 30 days of pre-release access to their most capable models.
- curl 8.21.0 ships a record 18 CVEs, including a 25-year-old flaw Daniel Stenberg released curl 8.21.0 on 2026-06-24 fixing 18 CVEs, the most in any single curl release and any calendar year. Severities are 4 medium and 14 low, with no high or critical. CVE-2026-8932, an incomplete mTLS configuration match on connection reuse that can lead to authentication reuse across mismatched setups, first shipped on 2001-03-22, making it the oldest curl issue ever reported. Security vendor AISLE says its AI agents found 6 of the 18, ahead of other AI-assisted reporters.
- Cisco Unified CM SSRF CVE-2026-20230 added to CISA KEV CVE-2026-20230 (CVSS 8.6) is an unauthenticated server-side request forgery in Cisco Unified Communications Manager caused by improper input validation of HTTP requests. A crafted request can write files to the underlying OS, chainable to root code execution. Cisco published the advisory and patches on 2026-06-03 with no exploitation known at disclosure; exploitation using file:// payloads was observed over the following weeks, and CISA added it to the KEV catalog on 2026-06-25 (catalog 2026.06.25, count 1629).
- Deno 2.9 ships desktop app builds and broad npm migration Deno 2.9 released on 2026-06-25. Headline additions are deno desktop, an experimental tool that compiles web-framework projects (Next.js, Astro, Fresh) to a single native binary with a native webview or bundled Chromium backend, and improved npm migration where deno install reads npm, pnpm, yarn, and Bun lockfiles directly. The release reports 2x faster cold start (34ms to 17ms), 2.2x to 3.1x lower peak memory under load, Node.js 26 compatibility with bare import "fs", and post-quantum and ChaCha20-Poly1305 Web Crypto algorithms. Deno.serve automatic compression now defaults to off, a behavior change.
AI
ML research
- Vesuvius Challenge reads an entire Herculaneum scroll for the first time The Vesuvius Challenge team announced on 2026-06-25 that PHerc. 1667, a Herculaneum papyrus carbonized by the 79 AD eruption of Vesuvius, has been digitally unrolled and read end to end without physically opening it, about 1.4 meters of papyrus and roughly 22 columns of ancient Greek identified as a philosophical treatise. The pipeline scanned the scroll with high-resolution phase-contrast X-ray microtomography at the European Synchrotron Radiation Facility, reconstructed a flat readable surface, then used machine learning to detect faint ink traces on the carbonized fibers. Higher-resolution imaging of PHerc. Paris 4 independently confirmed the 2023 Grand Prize readings, and PHerc. 139 was identified as Philodemus, On Gods, Book 8. All tomographic data, reconstructed surfaces, and transcriptions were released under a Creative Commons license.
- Un-0 generates images with a simulated coupled-oscillator system Unconventional AI published Un-0, an image generator that runs on a simulated system of coupled oscillators rather than standard GPU-executed deep networks. The team trains the coupling matrix, oscillator frequencies, and a decoder end-to-end on CIFAR-10 and ImageNet 64x64, reporting FID 6.74 on ImageNet 64x64, comparable to early conventional generators. Weights, training, and ablation code are open. The result is a project writeup, not an independently reproduced benchmark.
Agentic coding
Security
- PTC Windchill and FlexPLM unauthenticated RCE added to CISA KEV CVE-2026-12569 is an unauthenticated remote code execution flaw in PTC Windchill and FlexPLM, reachable from the network via deserialization of untrusted data and described as easily automatable. It affects Windchill and FlexPLM releases prior to 11.0 M030. CISA added it to the KEV catalog on 2026-06-25 (catalog 2026.06.25, count 1629), citing active exploitation. PTC is releasing patches for supported versions.
- LastPass and BeyondTrust exposed in Klue OAuth supply chain breach LastPass said it learned on 2026-06-12 of a breach at Klue, a third-party market-intelligence platform its go-to-market teams use that integrates with Salesforce and Gong. An attacker obtained OAuth tokens Klue held for many of its customers and used them to pull LastPass customer data from its Salesforce environment. The exposed data is limited to business contact and CRM records (customer names, phone numbers, email and physical addresses) plus support-case and sales data; LastPass says its products, infrastructure, and customer vaults were not affected. SecurityWeek reports BeyondTrust was hit in the same Klue incident, and that a threat actor calling itself Icarus used a compromised legacy credential to generate OAuth tokens against integrated SaaS platforms.
Outages
Languages and runtimes
Apple platforms
Linux and kernel
Engineering posts
Markets and companies
- EU lines up AWS and Azure for DMA cloud gatekeeper status On 2026-06-25 the European Commission issued preliminary findings that Amazon Web Services and Microsoft Azure should be designated gatekeepers under the Digital Markets Act, the first time the regime would extend to cloud infrastructure. The Commission says the two qualify as an important gateway despite not meeting the law's quantitative thresholds; together they hold roughly 70% of European cloud revenue. Designation would bring interoperability, data-portability, and self-preferencing obligations, with fines up to 10% of worldwide turnover for non-compliance.
- IBM demonstrates a sub-1nm nanostack chip technology IBM announced on 2026-06-25 a research-stage 0.7nm (7 angstrom) transistor technology it calls nanostack, a three-dimensional nanosheet design packing close to 100 billion transistors on a fingernail-sized die, near double its 2021 2nm density. IBM reports up to 50% more performance or up to 70% better energy efficiency than its 2nm node and 40% SRAM scaling. It is a research demonstration with production projected around five years out.
- Micron locks in historically high memory prices through 2030 Reporting on 2026-06-25 from Micron's fiscal Q3 2026 earnings call says Micron has signed 16 strategic customer agreements that set floor and ceiling prices for memory, with most deals running through 2030 and covering about 40% of its revenue. Micron described the floor prices as carrying gross margins well above its best quarters in any prior cycle. Fourteen of the 16 agreements represent roughly $100 billion in cumulative revenue at minimum contracted prices, and customers pay up front, which helps fund Micron's fab expansion.
- OpenAI reportedly leans toward a 2027 IPO Reporting surfaced on 2026-06-25 says OpenAI is leaning toward waiting until next year for its IPO rather than pricing in 2026, after filing a confidential S-1 on 2026-06-08. The timing is reported, not confirmed by OpenAI, which remains in a pre-IPO quiet period.
Hacker News
- You can't unit test for taste A 246-point thread debates the limits of automated tests in an era of AI-generated code, arguing that correctness checks cannot capture design taste and judgment. It is an opinion essay rather than an implementation writeup.
- Ask HN: Where is the programming profession going? An Ask HN thread collects practitioner views on how coding-agent adoption is reshaping software-engineering roles, hiring, and skill emphasis. Pure sentiment, no primary source.
- Show HN: Google Trends for Hacker News over 18 years of comments A 667-point Show HN indexes 18 years of Hacker News comments into a term-frequency trends tool. Commenters surface the usual caveats about HN as a biased sample of practitioner attention.