From Cyber Attacks to Historic Open Sourcing: A Week in Linux
Ubuntu DDoS and Twitter hack, Copy Fail exploit, Dutch/V German open-source initiatives, VS Code Copilot glitch, MS-DOS open-sourced, PS5 Linux, Mint updates, Ubuntu 26.04 flavor cuts.
Ubuntu Under Fire: DDoS and Twitter Hack
The past week brought a turbulent start for the Ubuntu ecosystem. A sustained Distributed Denial-of-Service (DDoS) attack targeted Canonical-owned infrastructure, including the ubuntu.com website, Snap Store, and Launchpad. For several days, users experienced intermittent service interruptions, with Snap install commands failing and PPA access becoming unreliable. Canonical has since mitigated the attack, though the incident highlighted the vulnerability of even major open-source platforms to volumetric assaults.
Compounding the situation, the official Ubuntu Twitter account was compromised and used to broadcast cryptocurrency scam links. The social media breach added a layer of concern, though no user data is believed to have been exposed. Both incidents serve as reminders to keep systems updated and remain vigilant against phishing attempts.
New Linux Exploit: “Copy Fail”
Security researchers disclosed a local privilege escalation vulnerability dubbed “Copy Fail” affecting the Linux kernel. For average desktop users, the risk is minimal—exploitation requires local access. The fix will be included in upcoming kernel updates. As with any security flaw, the best defense is to keep your system patched. Most distributions will roll out the update automatically; manual installation is recommended for those running custom kernels.
Governments Embrace Open Source
On a positive note, the Dutch government is building its own code hosting platform based on Forgejo. The soft launch already includes four ministries, several municipalities, and the Electoral Council’s vote-counting software. This move underscores a growing trust in federated, open-source collaboration tools within public administration.
Meanwhile, Germany’s Sovereign Tech Agency has launched a paid pilot program to fund independent maintainers who contribute to web standards (IETF, W3C, ISO). Typically, participating in these working groups requires resources that volunteer developers lack. The initiative aims to give those who build on top of standards a stronger voice in their evolution.
VS Code Copilot Controversy
Microsoft’s Visual Studio Code was caught attributing human-written commits to its Copilot AI—even on machines where Copilot was explicitly disabled. The culprit: a single pull request that changed a default setting without any release note or user-visible notification. The incident raised questions about transparency and control over AI-assisted development tools. Microsoft has since acknowledged the issue and is working on a fix.
MS-DOS Turns 45: Microsoft Open Sources Original Code
In a nod to computing history, Microsoft open-sourced the original 86-DOS source code under the MIT License on DOS’s 45th birthday. The company originally acquired DOS for under $100,000—a deal that eventually made billions. While open-sourcing the code has no practical impact today, it offers historians and enthusiasts a glimpse into the origins of the PC revolution.
Linux on PlayStation 5
Tech enthusiasts have demonstrated a full Linux desktop running on Sony’s PS5. The process, detailed in community guides, involves booting from external media and bypassing hypervisor restrictions. While not intended for gaming, this opens the door for developers to use the console’s powerful hardware for programming, media servers, or other tasks.
Linux Mint News: New HWE ISOs and Extended Support
Linux Mint has released new Hardware Enablement (HWE) ISOs for its latest edition, ensuring better compatibility with modern hardware. Additionally, the project announced it will stretch its release cycle to December 2026, giving users longer update windows without forced upgrades.
Ubuntu 26.04: Flavor List Shrinks
With the upcoming Ubuntu 26.04 release, the official flavor list is being pruned. Rolan argues this is a necessary correction: a passionate community doesn’t automatically produce maintainers willing to do release engineering every six months. The reduction aims to focus resources on better-supported variations.
Paid Program for Standards Development
As mentioned earlier, Germany’s Sovereign Tech Agency is funding independent developers to participate in standards bodies. This is a crucial step toward making the web’s infrastructure more inclusive and less dominated by corporate interests.
Stay tuned for more Linux news, tips, and community highlights in next week’s edition.