DigiNews Briefing — Wednesday, April 8, 2026

General

CVE-2026-34078: Complete sandbox escape leading to host file access and code execution in the host context

A critical Flatpak security advisory discloses a sandbox escape (CVE-2026-34078) that could allow host file access and code execution from within a Flatpak sandbox. The vulnerability affects versions before 1.16.4 and is patched in 1.16.4; mitigation includes upgrading and, if needed, disabling the flatpak portal. The post highlights patch timing and recommended mitigations for system administrators.

Post-Quantum Cryptography for the PHP Community

Paragon Initiative Enterprises announces two open source PHP projects to mitigate post-quantum cryptography risks in PHP applications: ext-pqcrypto, a Rust-based PHP extension wrap…

Surelock: Deadlock-Free Mutexes for Rust

An in-depth overview of Surelock, a Rust crate designed to prevent deadlocks in multi-mutex code. It explains Coffman conditions, introduces two complementary mechanisms (LockSet a…

EU Migration to and from the UK (Since Brexit)

The Migration Observatory briefing analyzes EU migration to and from the UK since Brexit, presenting key statistics on net migration, EU-born populations, EUSS uptake, visas, emplo…

Under the hood of MDN's new frontend

MDN details a frontend rewrite that replaces a React-based SPA with web components and server-side rendering. The post explains architecture, per-component CSS loading, Declarative…

Development

What programming/technical projects have you been working on?

A recurring community post invites members to share recent programming or technical projects, spanning software tooling, embedded hardware, and infrastructure work. The discussion showcases a wide range of projects and experiences, illustrating practical problem-solving and learning in both professional and personal contexts.