June 21, 2026
Today's top tech stories, deduped across the newsletters I read and briefly summarized. Click a source to open the original article.
AI
Cloudflare launches temporary accounts for AI agents
Cloudflare introduces temporary accounts that allow AI agents to authenticate and use Cloudflare services without permanent setup or manual access management. The feature targets automated workflows where agents need short-lived network access.
AI models accused of wholesale plagiarism of The Dictionary of Obscure Sorrows
An analysis shows that AI models have plagiarized The Dictionary of Obscure Sorrows at scale, reigniting the debate over copyright and the use of protected material in AI training. The story is among the most discussed on Hacker News this week with 339 points.
MCP's real value: isolating auth outside the agent's context window
Sean Lynch, quoted by Simon Willison, argues that MCP's most important contribution is isolating the auth flow outside the agent's context window — and potentially outside the agent harness entirely. This distinguishes MCP from standard CLI tools and plugins.
Security
Microsoft links Mastra AI supply chain attack to North Korean hackers
Microsoft has attributed a supply chain attack on Mastra AI that compromised over 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. The attack is a significant example of supply chain attacks targeting AI tooling and the npm ecosystem.
New Prinz Eugen ransomware prioritizes recently modified files
A new ransomware operation called Prinz Eugen encrypts recently modified files rather than older data and leaves no ransom note on compromised systems. The unusual behavior makes the attack harder to detect and respond to.
Loupe reveals what iOS apps can see in real time
Loupe is a new iOS app that shows in real time what information installed native apps can access, including location, contacts, and camera. The app is designed as a tool for privacy awareness and app behavior research.
Dev
Linux removes the strncpy API after six years and 360 patches
Linux 7.2 removes the strncpy API from the kernel after six years of effort spanning 360 patches, eliminating a well-known source of buffer-overflow bugs. It is a rare example of successful large-scale technical cleanup in a complex open-source project.
Bun adds shared-memory threads to JavaScriptCore
Bun has an open pull request adding shared-memory threads to JavaScriptCore, potentially enabling true parallel JavaScript execution without message-passing overhead. The change could significantly benefit server-heavy workflows and performance-critical JavaScript applications.
UHF X11 brings the X Window System to visionOS and Apple Vision Pro
UHF X11 is a new app that implements X11 for visionOS and Apple Vision Pro, enabling classic Unix GUI applications to run on Apple's spatial computing platform. The project opens the door for legacy desktop environments in spatial computing.
F-15 Strike Eagle II DOS reverse-engineering project seeks test pilots
An open-source project working to reverse-engineer the 1989 DOS game F-15 Strike Eagle II is looking for volunteers to help document and reconstruct the game's behavior on real DOS hardware. It is one of the week's most engaging retro-tech stories on Hacker News.
IT
Tesco sues VMware for breach of contract
UK supermarket giant Tesco has sued VMware for breach of contract, highlighting tensions over Broadcom's acquisition of VMware and subsequent changes to its licensing practices. The case is one of several legal aftershocks following the acquisition.
Other
SMPTE opens its media technology standards library for free
SMPTE is making its media technology standards library freely accessible to everyone, lowering the barrier for developers and engineers working in broadcast and media production. Access to these standards previously required costly subscriptions.