Security

Dirty Frag, Copy Fail, and Fragesia show the new reality

OPINION Dirty Frag, Copy Fail, and Fragnesia are less a random cluster of Linux bugs and more the public unveiling of how AI tools can pry open security holes with just a prompt or two. What they also have in common is their shared abuse of a core kernel abstraction: The page cache. What does this mean for you and me? Is this the rainstorm before a downpour of killer Linux security problems, or is this just a shower? It depends on who you ask.

Whatever else may be true, these problems must be addressed. As Igor Seletskiy, CEO of CloudLinux, said: “The real story here is that we typically see one or two kernel-level LPE (Linux privilege escalations) vulnerabilities that affect multiple distros/versions per year. And now we see two such vulnerabilities one week apart. We should expect this trend to continue for quite a few months, meaning companies might have to reboot servers weekly.”

Ouch!

But is this the start of a trend? Linus Torvalds, who knows a thing or two about Linux, said at Open Source Summit North America in Minneapolis that until recently, the kernel community would quietly notify distributions about a bug and ask them to upgrade without detailing the vulnerability, and “most of the time, nobody would figure out what happened.” That was then. This is now. With AI‑accelerated analysis, he recalled that “last week, we fixed the bug; within three hours, there was a blog post about the implications of that bug fix, because security people love getting attention.”

As a result of this kind of thing, Torvalds has changed how the Linux security community will deal with AI-discovered security holes. “AI-detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved – and only makes that duplication worse because the reporters can’t even see each other’s reports.” 

In addition, Torvalds added, in the case of AI-discovered bugs, you need to keep in mind that just “because you found it with AI, 100 other people also found it with AI.”

That means we’re going to hear a lot more about Linux security problems. But are they getting worse? I asked Greg Kroah-Hartman, the Linux stable kernel maintainer, and he told me: “Maybe? It’s hard to tell; the ‘recent’ ones really are very minor, as the number of systems that have ‘untrusted users’ is not common anymore. I don’t see any real uptick in our actual bug fixes that I can tell.”

He continued: “We fix bugs like that on a daily basis, it’s just the rise of people wanting to ‘name a bug’ and release a public exploit seems to be all the rage at the moment.”

An important point that Chris Wright, Red Hat’s CTO, made at Red Hat Summit, the week before, is that in “security, all things aren’t created equal. There will always be a spectrum of vulnerabilities that will surface. Some of those will be really critical and we will need to respond very quickly, so that becomes a clear priority. Others will have a longer tail of lower severity.” 

Torvalds also added at Open Source Summit that just because you read stories about Linux and AI-discovered bugs, you shouldn’t think the same thing isn’t happening to proprietary software, such as Windows. “If you think that AI can’t reverse engineer closed source, you’re in for a surprise.” In fact, he warned, “closed source is even worse in this respect, because the AI can’t help you fix those problems, but the AI sure can help find those problems in the first place.”

He also discouraged security researchers from publishing working exploits: “When it comes to things that really are security issues, you may not want to make the exploit public… Don’t be that guy who then crows about it publicly and says, ‘Look, I could bring down this big company.’”

Following on this theme, Christopher “CRob” Robinson, chief security architect for the Open Source Software Foundation (OpenSSF), told The Register that thanks to AI, “roughly 30 percent of reported Linux security bugs were duplicates. That’s going to be another problem in this AI age, where everybody’s a researcher, right, with a $20 cloud code account.” That, in turn, will burden already overworked maintainers with yet more patches to deal with.

Linux, Torvalds added, is something that its maintainers can handle. Smaller open source projects, however, are all too likely to be overwhelmed.

The real problem, according to what the Google Threat Intelligence Group has discovered, is that the mean time to exploit (TTE) for vulnerabilities has continually decreased “from 63 days in 2018 to -1 day in 2024 and further downward to an estimated -7 days in 2025. A negative number indicates that exploitation of a vulnerability, on average, occurred before a patch was released.”

So what does this mean? Yes, we’re going to see a lot more security vulnerabilities showing up in Linux and other open source projects. Yes, some of them will be serious, and all too many will have exploits out before the patches arrive. It’s not, however, that Linux has suddenly become less secure. It’s that AI eyes are much better at detecting bugs than human eyes have ever been. We will catch up, and AI can help with that, too. 

In the meantime, system administrators and developers will have to be more security-conscious than ever before. As Wright told The Reg, it’s high time we switched from using SELinux in permissive to restrictive mode. Enforcing strict security is a pain, but what’s even more of a pain is having to rebuild your containers and servers after a serious attack gets through. ®

• Philips monitor lets two users work on opposite screens simultaneously
• Dual-sided design combines two Full HD displays in one unit
• Monitor rotates 180 degrees, and each side supports independent HDMI and USB-C connections

Philips has introduced a dual-sided business monitor which places two full HD IPS displays back-to-back inside a single rotating monitor structure.

The Philips 24B2D5300 uses two 23.8-inch panels running at 1920 x 1080 resolution with refresh rates reaching 120 Hz.

Memorial DaY brings discounts to the mattress models we test all year long, and the sales are going strong. As a seasoned deal hunter, I know that mattresses go on sale pretty often, but whenever someone asks me the best time to buy, I tell them to wait until Memorial Day or Black Friday and Cyber Monday. If you’ve been in the market for a new mattress, now’s the time to act.

The WIRED Reviews team thoroughly tests the best mattresses long-term. We don’t conduct “nap tests” or base recommendations on first impressions. Our top picks are tried-and-true, and they’re on sale right now. We’ll also include some deals on bedding, pillows, mattress toppers, and other sleep accessories as we update this story through the weekend. Prices shown are for queen sizes.

Feel free to check out our many other sleep recommendations, including the best pillows for neck pain, the best body pillows, and the best sunrise alarm cocks. You might also want to read our guide on how to choose a mattress. And finally, we have some other Memorial Day deals coverage you might be interested in.

Updated May 24: We’ve checked prices, removed expired deals, added 5 new discounts, and ensured accuracy throughout.

WIRED Featured Deals:

Helix Sleep Midnight Luxe Hybrid for $1,824 ($675 off)—Use Code WIRED27

Use our exclusive coupon code WIRED27 to get 27 percent off our very favorite mattress for most people. We’ve seen it sell for about $100 less before, and they’ve thrown in more freebies, but this is still a great deal. Just be aware that the price might drop a little later in the month. In any case, the Midnight Luxe Hybrid is springy and medium-firm and should be well suited to any style of sleeping. The individually wrapped springs are zoned so that you have more support where you need it to prevent back pain. It also doesn’t get too warm, though it’s thick enough that you’ll want deep-pocketed sheets. It’s been our favorite mattress for over eight years.

Apple will be adding support for Google Cast and other alternatives to AirPlay as part of iOS 27, in order to appease the EU’s Digital Markets Act.

The Digital Markets Act is viewed by Apple as a problem, due to a lack of clarity about regulatory requirements and their effects. While this has so far meant the blocking of some features from reaching the continent, Apple is meeting halfway by abiding by some elements.

One of those will apparently be a change to iOS 27 for connecting to other devices. While Apple already has AirPlay for that, it will be moving to add more support for other solutions.

Sources told Mark Gurman that third-party streaming support is on the way, according to his “Power On” newsletter for Bloomberg on Sunday. This would chiefly include supporting Google Cast, the Android-centric alternative.

Users will be able to set AirPlay or another framework as the default way of beaming content between devices.

It isn’t made clear whether the third-party solutions would be available as a global option or just for users in the EU. Apple hasn’t been consistent with how it implements such regulatory-based features, like with alternative app stores in the EU versus emulators being available everywhere.

There will be more changes on the way for iOS 27 to appease more EU demands, too. This apparently involves third-party app storefront support as well as sideloading.

Giving a digital inch

Apple’s compliance with the DMA with iOS 27 changes are inevitable, despite Apple’s defiance on the matter. Apple has been concerned about being pushed to comply, especially when dealing with the inherent security risks of opening up access.

The dislike of DMA and the EU’s push to comply has already led to various features not being available to European users.

This includes macOS Tahoe‘s Live Activities, mirroring those from the user’s iPhone. There’s also iPhone mirroring, a feature that displays the iPhone display on a Mac‘s screen, which has been absent since 2024.

While the iOS 27 changes won’t necessarily include already-blocked elements, it is a step on the long road for Apple to do so.

AirPods users will see different personal audio controls in iOS 27, with an improved settings menu that should make them easier to manage.

While AirPods don’t really have an operating system that gets featured at WWDC, the audio line can still be affected by changes. For WWDC 2026, that will involve iOS 27 as well as iPadOS 27, and macOS 27.

According to Mark Gurman in Sunday’s “Power On” newsletter for Bloomberg, Apple will be altering how the AirPods are controlled within the operating systems. A revamp for the settings menu will apparently make it more functional and better organized.

The change will make it easier for users to manage AirPods overall. There’s also a claim that major features will be better highlighted to users, however details were not disclosed in the report.

Apple is updating the controls after hearing feedback from users, who have apparently urged for there to be a separate AirPods control app. Such an app would copy the versions available to the Apple Watch and Apple Vision Pro.

However, it is doubtful that such an app would make its way to iOS and iPadOS anytime soon.

The Apple Watch helped define the modern smartwatch industry when it launched in 2015. It transformed wearables from niche gadgets into mainstream consumer products, generated billions in revenue for Apple, and eventually became a gateway into the company’s broader health and wearables ecosystem. But more than a decade later, Apple now appears to be entering a far more uncertain phase in the category it once dominated.

According to Mark Gurman’s PowerOn Bloomberg newsletter, watchOS 27 is expected to focus largely on stability improvements, performance refinements, and smaller upgrades rather than major new features. While Apple is reportedly improving heart-rate tracking behind the scenes, the update may lack the kind of headline innovations that once defined the Apple Watch platform.

Apple’s wearables strategy is facing new pressure

The slowdown comes as the broader wearables market is changing rapidly. Consumers are increasingly moving away from screen-heavy devices and toward simpler products focused on passive health tracking, longer battery life, and AI-driven wellness insights.

Companies like Oura Health and Whoop have built major businesses around screenless rings and fitness bands that prioritize recovery, sleep analysis, and actionable coaching over notifications and apps. Even Google is reportedly pushing toward lighter, minimalist wearable experiences through Fitbit products.

Apple still holds major advantages through its ecosystem integration, hardware design, and health sensors. But critics increasingly argue that the company risks becoming too cautious while rivals move faster in AI-powered health technology.

The issue may not only be hardware. Apple’s Health app, despite years of development, is often criticized for presenting large amounts of medical data without delivering meaningful insights or personalized coaching. Competitors like Oura and Whoop are increasingly focusing on turning raw health information into practical recommendations and behavioral guidance.

Leadership changes add more questions

Apple’s health division has also seen major leadership turnover. Former COO Jeff Williams, long associated with Apple’s health strategy, retired last year, while multiple senior executives tied to Apple Watch, health, and Fitness+ initiatives have recently departed the company.

Incoming CEO John Ternus is expected to keep health and AI central to Apple’s long-term roadmap, but many of the company’s more ambitious health projects remain years away. One of the most closely watched efforts is Apple’s noninvasive glucose monitoring project, which aims to measure blood sugar levels without finger pricks or blood draws.

For now, though, watchOS 27 may reflect a company choosing refinement over experimentation. That strategy helped Apple avoid many Silicon Valley-style missteps in the past. But in areas like AI and digital health, where competitors are evolving rapidly, playing it safe may no longer be enough.

[Ken Shirriff] does some of the most interesting teardowns. This time, he’s looking at a French-built minicomputer called the Mitra 125 MS from around 1980. In particular, it was the computer inside Spacelab, a European lab that could fit in the back of the Space Shuttle.

As you might expect, the computer doesn’t contain a microprocessor. Instead, it is a series of cards and, in this post, [Ken’s] looking at the ALU that allows the computer to perform math operations.

The Mitra was a descendant of a 1971 computer, and the “MS” indicated it was a military-grade variant of the computer. Spacelab had three of these. One operated the lab, another handled experiments, and the third was a backup.

At the heart of the board was the 74181 ALU. Well, actually, the 54S181, which was the military-grade high-speed part. Each chip handled four bits of addition, subtraction, or a few other logical operations. No multiply. No divide. Oddly, no right shift, either.

Although the computer is a 16-bit machine, it has a 32-bit ALU built from eight ‘181 chips, spread across several boards. Multiplexers allow the ALU to read different operands, and the result can go several different directions, also.

By 1991, these computers were obsolete. The IBM AP-101SL replaced the Mitra. It was basically the Shuttle’s new AP-101S computer with special microcode to pretend to be a Mitra 125.

We love [Ken’s] teardowns both at the macro and micro level.