Security
- Google Chrome V8 Zero-Day CVE-2026-11645 — Out-of-bounds memory access in Chrome's JavaScript/WebAssembly engine is actively exploited in the wild (CVSS 8.8). Patch immediately in Chrome 150+. This is the fifth actively exploited Chrome zero-day since the year started. Read more
- Microsoft Patches Record 206 Flaws — Including three zero-days and critical RCE bugs. The batch addresses vulnerabilities across Windows, Defender, and other products. Critical fixes include CVE-2026-28252 through CVE-2026-28256 for Trane Tracer SC+ HVAC systems and multiple SAP NetWeaver flaws. Read more
- Microsoft 365 Copilot SearchLeak — Vulnerability chain (CVE-2026-42824, critical) turned Copilot into a 1-click data theft tool via specially crafted URLs. Attackers could exfiltrate emails, passwords, calendar events, and documents from mailbox/OneDrive/SharePoint. Microsoft has already patched this—no user action required. Read more
- ShinyHunters Exploits Oracle PeopleSoft Zero-Day — CVE-2026-35273 (CVSS 9.8, missing authentication) allowed unauthenticated PeopleSoft Enterprise takeover. Active exploitation observed May 27–June 9, 2026 with lateral movement and data exfiltration. CISA added it to Known Exploited Vulnerabilities list. Read more
Browser & Web Platform
- Safari 27 Brings Customizable Select Elements — Developers can now fully control the appearance of
elements with custom arrows, styling, and behavior. This long-requested feature gives developers parity with other browsers. Read more - Chrome 150/151 Closes Manifest V2 Ad Blocker Loopholes — Google is removing the final workarounds for running legacy ad blockers like uBlock Origin. Chrome 150 (late June) removes the
ExtensionManifestV2Disabledflag, and v151 (July) removes all remaining Manifest V2 references. Only Manifest V3 ad blockers will function. Read more
DevOps & Cloud
- AWS WAF AI Traffic Monetization — New Bot Control capability lets digital publishers charge AI bots and agents for content access. Includes pricing, metering, and payment collection from AI agents crawling your site. Read more
- AWS Advances Fault-Tolerant Quantum Computing — Strategic collaboration with QuEra brings error-corrected quantum capabilities to Amazon Braket, advancing practical quantum applications beyond current limitations. Read more
Databases & Data
- ClickHouse Celebrates 10 Years Open Source — Released June 15, 2016, ClickHouse is now the most popular open-source analytical database with massive adoption in production. Marks a decade of evolution in OLAP workloads. Read more
- Cisco Talos Cuts TCO 75% with ClickHouse Cloud — Threat intelligence reputation service now classifies file hashes faster on ClickHouse Cloud, demonstrating real-world performance gains for security operations. Read more
Open Source
- addyosmani/agent-skills — Production-grade engineering skills for AI coding agents. Encodes workflows, quality gates, and best practices from senior engineers. Read more
- FlorianBruniaux/claude-code-ultimate-guide — Comprehensive guide covering Claude Code from beginner to power user, with production-ready templates, agentic workflows, and learning resources. Read more
- Antigravity Awesome Skills — 1,550+ installable agentic skills for Claude Code, Cursor, Gemini CLI, Copilot, and more. Specialized plugins available as a GitHub library. Read more
Dev Tools & IDEs
- TreeSitterViewer Plugin for JetBrains — Live tree visualization for syntax parsing. Automatically updates when editing files or switching between open files. Now at v1.0.0. Read more
- Visual Studio Theming Improvements — New theme customization options let you personalize VS beyond dark/light modes, including custom color schemes and UI adjustments. Read more