
A global domain takedown order sounds neat on paper, but the web is stitched together by registries, registrars, proxies, and hosts, each with their own limits. I have seen enough of DNS controls to know the messy bit is always in the gaps, not the headline.
ESPHome 2026 5 1: toolchain and build fixes, IDF warnings demoted, ESP32 and ESP8266 runtime and peripheral fixes, core API stability, dependency bumps
rclone v1 74 2: patch release focused on stability, bug fixes and backend tweaks, upgrade and verify from changelog and release metadata
rclone v1 74 2: patch release focused on stability and fixes, see changelog and GitHub, backup configs and verify downloads before upgrading
authentik 2026.5.0: consolidated docs updates, SAML and integration fixes, enterprise security and cryptography changes, web API and infra bug fixes
authentik 2026 5 0: major docs and website updates, SAML and integrations improvements, enterprise SCIM and Outposts work, web UI and backend bug fixes
Home Assistant Core 2026 5 4: strips web search citations for GPT5, dependency bumps, device stability fixes, integration bug fixes and translations

A GitHub internal repositories breach rarely starts with the code itself, it starts with a weak boundary and ends in places people forgot to check. I care less about the headlines than the tokens, deploy keys, and audit logs that tell you how far the damage really ran.
k3s v1 36 1 k3s1: upgrades Kubernetes to v1 36 1, May backports, Go 1 26 2, image and embedded component bumps for security and stability, support and docs
AdGuard Home v0 107 76: Hotfix repairs broken cache, fixes DNS caching with DNSSEC disabled, YAML adds d for days, thanks to community testers
k3s v1 36 1 k3s1: Upgrades Kubernetes to v1 36 1, updates core components and Go 1 26 2, includes backports and image fixes, see docs and community channels
AdGuard Home v0 107 76: hotfix restores DNS cache when DNSSEC disabled, YAML adds day unit d, downgrades require converting d to hours, see changelog for credits
n8n v2 21 7: safer scheduled poll isolates, manual webhooks include manual user id for auditability, AI nodes validate non empty prompts
Do not have web access: paste release notes or attach changelog, and choose 3, 4, or 5 key posts, default 4

Malicious VS Code extensions do not need to look suspicious to do damage. I care less about the marketplace listing and more about what the thing can reach once it is installed, because that is where a normal editor turns into a quiet source code leak.
Gitea v1 26 2: security hardening, token and OAuth fixes, Actions and workflow stability, API and permission fixes, UI polish and dependency updates
Flux v2 8 8: gogit CVE fixes, k8s client updates, Helm and source controller reliability, OCI registry and image controller updates, upgrade recommended
OTel Collector v0 152 1 released 2026 05 20: package version bump, check core and contrib changelogs, run staging tests, update deployment images
Gitea v1 26 2: security and token OAuth hardening, workflow and runner reliability, repo and permission fixes, UI API bugfixes, automatic cloud upgrades
Flux v288: go git and k8s client CVE fixes, Helm v420, helm controller reliability fixes, source and registry improvements, upgrade recommended
OTel Collector v0 152 1: patch release with version bump, see core and contrib changelogs, review component notes, run CI and monitor after upgrade
n8n 2 21 5: patch stabilizes editor credential state, fixes credential loss in workflow setup, released May 20 2026, recommended update, commit 8c58173

Agentic AI is easiest to trust when it has very little to do, and even less power. I prefer to treat tool calling like any other risky admin path, with tight permissions, short-lived credentials, and human approval where it matters.
AdGuard Home update: fixes critical DoH DoQ request ID leak, updates Go toolchain, removes axios and ports charts to Recharts, plus reliability and UI fixes
Vault v2 0 1: security, stability fixes, CLI and API tweaks, upgrade guidance for ops, update exposed hosts now, see release for CVEs and patches