LinuxWebLog.com

Linux 6.18 Release Improves Gaming, Laptops, and Security  OMG! Ubuntu

An anonymous reader quotes a report from BleepingComputer: The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer's signing keys, leading to a malicious update being pushed to users. The compromise became known when multiple users reported that Play Protect, Android's built-in antivirus module, blocked SmartTube on their devices and warned them of a risk. The developer of SmartTube, Yuriy Yuliskov, admitted that his digital keys were compromised late last week, leading to the injection of malware into the app. Yuliskov revoked the old signature and said he would soon publish a new version with a separate app ID, urging users to move to that one instead. [...] A user who reverse-engineered the compromised SmartTube version number 30.51 found that it includes a hidden native library named libalphasdk.so [VirusTotal]. This library does not exist in the public source code, so it is being injected into release builds. [...] The library runs silently in the background without user interaction, fingerprints the host device, registers it with a remote backend, and periodically sends metrics and retrieves configuration via an encrypted communications channel. All this happens without any visible indication to the user. While there's no evidence of malicious activity such as account theft or participation in DDoS botnets, the risk of enabling such activities at any time is high.

Read more of this story at Slashdot.

Linux usage reaches an all time high on Steam  How-To Geek

Linux Mint 22.3 Beta Coming This Month  OMG! Ubuntu

Michael and Susan Dell pledged $6.25 billion to boost participation in the new "Trump Accounts" child investment program. "The historic gift has little precedent, with few single charitable commitments in the past 25 years exceeding $1 billion, much less multiple billions," notes the Associated Press. "Announced on GivingTuesday, the Dells believe it's the largest single private commitment made to U.S. children." From the report: Its structure is also unusual. Essentially, it builds on the "Trump Accounts" program (PDF), where the U.S. Department of the Treasury will deposit $1,000 into investment accounts set up by Treasury for American children born between Jan. 1, 2025 and Dec. 31, 2028. The Dells' gift will use the "Trump Accounts" infrastructure to give $250 to each qualified child under 10. Though the "Trump Accounts" became law as part of the president's signature legislation in July, the Dells say the accounts will not launch until July 4, 2026. Michael Dell said they wanted to mark the 250th anniversary of U.S. independence. [...] Under the new law, "Trump Accounts" are available to any American child under 18 with a Social Security number and their families can fund the accounts, which must be invested in an index fund that tracks the overall stock market. When the children turn 18, they can withdraw the funds to put toward their education, to buy a home or to start a business. The Dells will put money into the accounts of children 10 and younger who live in ZIP codes with a median family income of $150,000 or less and who won't get the $1,000 seed money from the Treasury. The Dells hope their gift will encourage families to claim the accounts and deposit more money into it, even small amounts, so it will grow over time along with the stock market. The report notes that the timed rollout of the $1,000 deposits gives Republicans a strategic political advantage by delivering money to voters during the 2026 midterms and halting the benefit right after the 2028 presidential election.

Read more of this story at Slashdot.

You can now use Circle to Search and Google Lens to detect scammy messages you receive on your phone.

With today’s Android 16 release, your device is getting smarter, more personal and easier to manage.With today’s Android 16 release, your device is getting smarter, more personal and easier to manage.

This December, Android is getting new accessibility updates like dark theme’s expanded option, emotion tags in Expressive Captions, easier Voice Access and more.This December, Android is getting new accessibility updates like dark theme’s expanded option, emotion tags in Expressive Captions, easier Voice Access and more.

See the emotion behind speech in captions, send new emoji combos, let friends know when your call is urgent and more.See the emotion behind speech in captions, send new emoji combos, let friends know when your call is urgent and more.

The lightweight Linux distro every media junkie should try - and why  ZDNET

A Google Antigravity user says the AI-driven "vibe coding" tool accidentally wiped his entire D: drive while trying to clear a project cache. Google says it's investigating, but the episode adds to a growing list of AI tools behaving in ways that "would get a junior developer fired," suggests The Register. From the report: We reached out to the user, a photographer and graphic designer from Greece, who asked we only identify him as Tassos M because he doesn't want to be permanently linked online to what could "become a controversy or conspiracy against Google." [...] Tassos told Antigravity to help him develop software that's useful for any photographer who has to choose a few prime shots from a mountain of snaps. He wanted the software to let him rate images, then automatically sort them into folders based on that rating. According to his Reddit post, when Tassos figured out the AI agent had wiped his drive, he asked, "Did I ever give you permission to delete all the files in my D drive?". "No, you absolutely did not give me permission to do that," Antigravity responded. "I am horrified to see that the command I ran to clear the project cache appears to have incorrectly targeted the root of your D: drive instead of the specific project folder. I am deeply, deeply sorry. This is a critical failure on my part." Redditors, as they are wont to do, were quick to pounce on Tassos for his own errors, which included running Antigravity in Turbo mode, which lets the Antigravity agent execute commands without user input, and Tassos accepted responsibility. "If the tool is capable of issuing a catastrophic, irreversible command, then the responsibility is shared -- the user for trusting it and the creator for designing a system with zero guardrails against obviously dangerous commands," he opined on Reddit. As noted earlier, Tassos was unable to recover the files that Antigravity deleted. Luckily, as he explained on Reddit, most of what he lost had already been backed up on another drive. Phew. "I don't think I'm going to be using that again," Tassos noted in a YouTube video he published showing additional details of his Antigravity console and the AI's response to its mistake. Tassos isn't alone in his experience. Multiple Antigravity users have posted on Reddit to explain that the platform had wiped out parts of their projects without permission.

Read more of this story at Slashdot.

Meet Bazzite: Windows 10’s demise: Linux hype, déjà vu  Windows Central

See Google TV’s top entertainment from 2025.See Google TV’s top entertainment from 2025.

Crypto exchange OKX is currently offering a 5% deposit bonus on USDG held for 90 days (within a 180-day window) for new and existing customers. This is on top of 5% APY on USDG stablecoin. New customers can get a $150 referral bonus in crypto after depositing and trading $200+ in crypto (30-day hold period). Details below.

Deposit match details. Here are the details on the 5% deposit match starting December 2025. This is a new promotion, separate from the previous 10% deposit match. Existing OKX customers can participate in this new one with new deposits.

• Be sure to “join” the offer before making your deposits, to get the match!
• Get a 5% match for every 1,000 USDG you deposit (buy) and hold for 90 days, up to a max reward of 250 USDG after depositing 5000 USDG (pegged 1:1 = $5,000). On-chain deposits of crypto and direct purchases of crypto via ACH bank transfer, debit card, or Apple Pay and Google Pay also count.
• This works in increments of 1,000. So if you buy/deposit 1,200 USDG, you’ll only get 50 USDG for meeting the 1,000 USDG tier. You can make multiple deposits and it will track them and add them up. See my screenshot of the tracker below.
• Your rewards make take up to 5 minutes to reflect.
• Rewards must be held for 90 days within a 180-day window before you can use, trade, or withdraw them.

Deposit match tiers and available rewards are defined as follows:
$1,000 to $1,999 -> 50 USDG
$2,000 to $2,999 -> 100 USDG
$3,000 to $3,999 -> 150 USDG
$4,000 to $4,999 -> 200 USDG
$5,000 and above -> 250 USDG

In addition, OKX is paying 5% APY on USDG deposits currently. The deposit bonus works out to a payout of 5% over 90 days, or 20% annualized + 5% APY = 25% total annualized return over 90 days. In other words, if I put in $5,000, in 90 days I’ll expect to take out an extra $250 + ~$62 in interest = $312.

The app does a good job of showing you exactly how many days you have left in the hold period. If you see a date that is 180 days out, that refers to the 180-window. You have to meet the tier for 90 days within a 180-day window.

USDG stablecoin is not FDIC-insured. They are supposedly fully backed by US Treasury Bills, but I still plan to withdraw my USDG out into a real bank as soon as the holding period is over.

$150 New customer bonus details. Here are the steps for the $150 bonus for new OKX customers:

• Sign up via referral link. I think they allow either smartphone or browser sign-up, but identity verification may be easier on a smartphone. That’s my referral link, which should auto-populate with the promo code 79795662. Thanks if you use it!
• Complete identity verification (driver’s license and smartphone selfie).
• Deposit $200+ of either cash (link bank account via Plaid) or crypto within 30 days.
• Buy $200 or more of crypto (can be stablecoin like USDG) and hold the assets for at least 30 days within a 90-day period.
• After 90 days, the bonus will be tradable and withdrawable.

You should get confirmation of the bonus shortly after linking a bank account and making the trade. Here’s some app screenshots regarding my bonus, which are pretty clear. I did mine on 10/21/25 and so mine unlocks on 1/19/26. (The bonus used to be $200, but it went down to $50 and is currently $150. Not sure if it will ever go back to $200.)

Please perform your own due diligence on crypto apps. They are not regulated on the same level as bank account or brokerage accounts. I usually don’t like to keep significant funds in there any longer than is required for the bonus to clear, but in this case the reward/risk ratio for 90 days is acceptable to me. Here is the OKX Wikipedia page and they are profiled in the Forbes article “The World’s Most Trustworthy Crypto Exchanges”. (Also see: Kraken and Gemini bonuses.)

Note: OKX does not allow customers to be individuals residing in New York, Texas, American Samoa, Guam, the Northern Mariana Islands, and the US Virgin Islands.

Homebrew can now help you install Flatpaks, too  How-To Geek

VLC 3.0.22 Released with AMD GPU Frame Rate Doubler, dav1d-all-layers Option  9to5Linux

Linux Reaches Record 3.20% Share in Steam’s November 2025 Survey  WebProNews

Zillow has removed climate risk scores from over a million home listings after real estate agents argued the data was scaring off buyers. TechCrunch reports: Zillow first added the data to the site in September 2024, saying that more than 80% of buyers consider climate risks when purchasing a new home. But last month, following objections from the California Regional Multiple Listing Service (CRMLS), Zillow removed the listings' climate scores. In their place is a subtle link to their records at First Street, the climate risk analytic startup that provides the data. "When buyers lack access to clear climate-risk information, they make the biggest financial decision of their lives while flying blind," First Street spokesperson Matthew Eby told TechCrunch via email. "The risk doesn't go away; it just moves from a pre-purchase decision into a post-purchase liability." First Street's climate risk scores first appeared on Realtor.com in 2020, where they remain. They also still appear on Redfin and and Homes.com. The New York-based startup has raised more than $50 million from investors including General Catalyst, Congruent Ventures, and Galvanize Climate Solutions, according to PitchBook. Art Carter, the CRMLS CEO, told The New York Times that "displaying the probability of a specific home flooding this year or within the next five years can have a significant impact on the perceived desirability of that property." He also questioned the accuracy of First Street's data, saying he didn't think that areas which haven't flooded in the last 40 to 50 years were likely to flood in the next five.

Read more of this story at Slashdot.

Valve's Steam Machine has one big advantage over the old Steam Box  Polygon

The next Linux Mint release has a name and several new features  How-To Geek