Looking for a mix of nature, history, and relaxation all in one spot? Hot Springs, South Dakota, is calling your name! Located at the southern end of the beautiful Black Hills, this historic town is one of the many destinations you’ll discover in our upcoming South Dakota DLC for American Truck Simulator. Scroll on down to take a closer look at our recreation of this unique getaway destination!
njs-0.9.9 version has been released, with a fix for heap buffer overflow vulnerability in js_fetch_proxy (CVE-2026-8711), featuring js_access, r.readRequestText() and friends, r.readRequestForm(), and jsVarNames().
Firefox Home (New Tab) has a fresh, new look and feel. The layout and design will enable upcoming features, from widgets to shortcuts improvements, launching between 151 and 152. Included are some new and exciting Wallpapers, such as the one below. Use the pencil icon in the lower right to check them out.
Private Browsing Mode now allows you to instantly clear all data from your current session without closing the entire window. When you select the End Private Session button (the fire icon) to the right of the URL bar, Firefox will ask you to confirm to clear your session. Once confirmed, it will wipe all of your private browsing data and open a fresh new Private Browsing Mode session for you.
Firefox now strengthens protection against fingerprinting in Standard Enhanced Tracking Protection, making it harder for websites to track you across sites by limiting the amount of information revealed about your device and browser. This reduces the number of users uniquely identifiable by common fingerprinting techniques by an average of ~14%, and by ~49% on macOS.
You can now merge multiple PDFs directly in Firefox PDF. Combine separate PDF files into a single document without ever leaving Firefox or relying on third-party tools.
The Translations page (about:translations) is now accessible through the More Tools section of the Application Menu.
Local Firefox profile backups are now available on Linux in addition to Windows, and you can restore them across platforms.
On macOS, URLs copied from iOS devices using Apple’s Universal Clipboard now paste correctly in Firefox.
On macOS, dropdown menus on web pages now use the native macOS menu style, matching the look and behavior of the rest of the system.
Address Autofill is enabled for users in the Netherlands.
Firefox’s built-in VPN now lets you choose your browsing location, giving you more control over how and where your traffic appears online. You can select from available countries or use Recommended to automatically choose the best connection for your network.
This feature is part of a progressive roll out.
Certain new Firefox features are released gradually. This means some users will see the feature before everyone does. This approach helps to get early feedback to catch bugs and improve behavior quickly, meaning more Firefox users overall have a better experience.
Fixed incorrect screen resolution reporting to websites in multi-monitor setups.
Fixed an issue on macOS where maximized Firefox windows could reopen on the wrong monitor after relaunching in multi-monitor setups.
Improved color management for copied and pasted images on macOS.
Various security fixes.
The search bar in Firefox Settings (about:preferences) is now larger and spans the full width of the settings content area, making it easier to find options.
Extensions and Themes installed in a Firefox Desktop profile directory will be restored successfully after the profile directory is moved or restored to a different location or a different operating system.
Geolocation on Windows now respects the user's Windows location permission setting, instead of overriding it, when the user grants location permission to a page. Firefox will ask users to enable the Windows permission if it is needed.
You can find information about policy updates and enterprise-specific bug fixes in the Firefox for Enterprise 151 Release Notes.
You can now manage microcontrollers that support serial communications in Firefox via the Web Serial API. This lets you program microcontrollers and development boards, such as ESP devices, Raspberry Pi Picos, 3D printers, CNC machines, and other devices. Web Serial can be used in Extensions, but not from moz-extension contexts at this time.
Local network access restrictions are now rolling out to all users. Firefox requires websites to request permission before connecting to devices on your local network or to apps and services on your device. Previously, this protection was limited to users with Enhanced Tracking Protection set to Strict.
This feature is part of a progressive roll out.
Certain new Firefox features are released gradually. This means some users will see the feature before everyone does. This approach helps to get early feedback to catch bugs and improve behavior quickly, meaning more Firefox users overall have a better experience.
The new Fullscreen Keyboard Lock API adds an optional argument to requestFullscreen that allows websites to request that while fullscreen, pressing the Escape key will no longer exit fullscreen (instead, a long-press is required), and certain formerly-reserved browser hotkeys are allowed to be default-prevented.
Firefox improves the rendering of absolutely positioned elements across multi-column containers and when printing, producing more accurate positioning and fragmentation.
@container rules now allow specifying a list of container query conditions rather than a single condition.
Firefox now supports container style queries, allowing styles to be applied to an element based on the computed values of its container's custom properties. This can be done by using one or more style() functions inside @container rules.
A new CSSContainerRule.conditions property was introduced, holding an array of all container query conditions. This new property is intended to replace CSSContainerRule.containerName and CSSContainerRule.containerQuery, which only supported a single name and query, making them deprecated.
Updated the behavior of implicit anchors in CSS Anchor Positioning. The position-anchor property now defaults to normal. When using position-area, implicit anchors are applied automatically, while popovers using anchor() or anchor-center now require position-anchor: auto to opt in.
Firefox now supports the Document Picture-in-Picture API, which allows web pages to place content in an always-on-top popup.
Temporary site permissions are now correctly reflected in the Permissions API.
Firefox now supports the declarative definition of slot assignment behavior for shadow roots.
With the release of Firefox 151, we are pleased to welcome the developers who contributed their first code change to Firefox in this release, 37 of whom were brand new volunteers. Please join us in thanking each of these diligent and enthusiastic individuals, and take a look at their contributions:
HMS Blueberry
Royals are my favourite ships in No Man's Sky. The HMS Blueberry is not my first Exotic/Royal ship (that was the Gravity Hirakao XVI, and a story for another time).
After years of on-off playing, I recently found my first Royal multitool: Blue, with gold detailing. I have a Royal-style jetpack (I don't remember where I got that). I thought I'd try and colour-match my multitool, ship, jetpack and outfit. Since I only had one multitool, I matched the others to it. And the HMS Blueberry (credit for the name goes to Beatrice) was the Exotic in my collection which matched.
The HMS Blueberry is in viewable in my showroom, Honest Jon's Lightly-Used Starships.
We are often asked if we prioritize “Big Tech” firms in the Works with program, but we’ve always been clear that newer companies are just as important to our certification as household names. Start-ups are innovators, and have their fingers on the pulse of community needs much more than brands that are only at the mercy of their investors.
That’s just one reason we’re thrilled to welcome zunzunbee to the program! They really stood out from the crowd at CES 2026 this January with their new product, the Slate Switch. This battery-powered smart scene controller simply snaps over existing switches – ideal if you rent your home, or don’t fancy working with wiring. We’re always on the lookout for devices that make setting up your smart home easier, so we’re delighted to have zunzunbee on board!
While zunzunbee are newcomers to the market, founder Harish Raman has more than 18 years’ experience in lighting and connected systems – including senior engineering roles at Leviton and Philips. Harish designed the Slate Switch to cut the complexity sometimes found in smart homes, by bringing back simple, tactile control without any installation headaches. And because it builds on top of your existing switches rather than replacing them, it means less waste and more value from the things you already own.
"At zunzunbee, we believe smart home control should feel natural, reliable, and stay under the user's control. The Home Assistant community shares that same philosophy, with a focus on local control, flexibility, and deep customization.
Slate Switch was designed to solve everyday friction in smart homes, and we are excited to bring it to a community that values thoughtful automation and truly understands how homes should work."
- Harish Raman, FounderThe Slate Switch isn’t just a low-barrier entry point for beginners. It also tackles an issue that can crop up in more complex smart home setups: someone flipping a wall switch that controls your smart bulbs so all your carefully configured automations stop working 😩. Slate Switch keeps those bulbs permanently powered, while giving everyone in the household a familiar, physical button right where they expect it. If you prefer, you can also make use of the snap-on snap-off magnetic function to pick up the switch and take it with you. You can use it as a remote, and each of the zones can support both a tap or long-press action, making it a perfect partner to have in a pocket.
A cost-effective device is also a low-risk way to experiment, with plenty of possibilities to explore without a big outlay. And once you’re hooked, multipacks of two or four are available so you can roll them out across your home.
Two bs and a lot of zs: it’s no coincidence that zunzunbee uses Zigbee for the Slate Switch. If you’ve not heard of Zigbee before, it’s an open wireless standard built for low-power smart home devices – which describes the Slate Switch to a tee, since it runs on a single CR2450 coin cell with up to two years of battery life.
Zigbee works entirely locally with no dependency on the cloud, so your smart home stays in your hands and the Slate Switch keeps working even if you lose internet connection. If you want that same security and control when you’re away, Home Assistant Cloud offers fully encrypted remote access – and as an added bonus 😉 subscribing directly funds the Open Home Foundation’s fight for privacy, choice and sustainability for smart homes (and this very program too!).
By choosing Zigbee, zunzunbee support that fight… and they’ve been proactive contributors to our community as well. They’ve published official Home Assistant blueprints to make setup as smooth as possible, and contributed code to Zigbee2MQTT (another popular community-maintained open source project) on GitHub. It’s exactly what we love to see from our partners!
The Slate Switch simply snaps over your existing wall switches.
As with every device in the Works with Home Assistant program, the Slate Switch has been through our full certification process: tested for performance, reliability, and compatibility with our principles. By joining the program, zunzunbee also commits to providing long-term support and firmware updates, so you can purchase with confidence.
It may be just one small device, but it gives you mighty choice! 💪The Slate Switch arrives as a blank canvas, with two sheets of stickers so you can label and arrange up to eight tappable zones exactly how you want them, and reconfigure just as easily if your needs change. And it’s not only about switching scenes or triggers: there’s a built-in ambient temperature sensor in the switch too, opening up even more automation possibilities straight out of the box.
Jimmy over at the Automated House YouTube channel has a great hands-on walkthrough if you want to see it all in action.
We love it when a fresh idea from a new face lands in our orbit (and passes muster!) – and we have a feeling the Home Assistant community is going to have a lot of fun with this one. Whether you’re just dipping your toe into smart home control, or looking for new ways to push your existing setup further, the Slate Switch has you covered. Check out our certified device list to see what else is out there!
Q: If I have a device that is not listed under “Works with Home Assistant” does this mean it’s not supported?
A: No! It just means that it hasn’t gone through a testing schedule with our team or doesn’t fit the requirements of the program. It might function perfectly well but be added to the testing schedule later down the road, or it might work under a different connectivity type that we don’t currently test under the program.
Q: OK, so what’s the point of the Works with program?
A: It highlights the devices we know work well with Home Assistant and the brands that make a long-term commitment to keeping support for these devices going. The certification agreement specifies that the devices must have the functionality you would expect within Home Assistant, operate locally without the need for cloud, and that they will continue to do so long-term.
Q: How were these devices tested?
A: All devices in this list were tested using a standard Home Assistant Green as a hub with the Home Assistant Connect ZBT-2, and with ZHA, our Zigbee integration. If you have another hub/adapter set-up/integration that’s not a problem, but we test against these as they are the most effective way for our team to certify within our ecosystem.
Q: Will you be adding more zunzunbee devices to the program?
A: Why not! We’re thrilled to foster a close relationship with the team at zunzunbee and we’re excited to see how they grow their product line in the future. We’re looking forward to working together on any upcoming releases or adding in further products that are not yet listed here.
The Debian LTS Team, funded by Freexian’s Debian LTS offering, is pleased to report its activities for April.
During the month of April, 21 contributors have been paid to work on Debian LTS (links to individual contributor reports are located below).
The team released 37 DLAs fixing 145 CVEs.
The team continued preparing security updates in its usual rhythm. Beyond the updates targeting Debian 11 (“bullseye”), which is the current release under LTS, the team also proposed updates for more recent releases (Debian 12 (“bookworm”) and Debian 13 (“trixie”)), including Debian unstable. We highlight several notable security updates here below.
Contributions from outside the LTS Team:
The LTS Team has also contributed with updates to the latest Debian releases:
Some milestones in the lifecycle of two Debian releases are just around the corner. The support of Debian 12 will be handed over to the LTS team on June 11th 2026. After August 31st, support for Debian 11 will move from Debian LTS to ELTS managed by Freexian.
Sponsors that joined recently are in bold.
Back when we started with a signed shim in Debian, the tooling was Windows-only and required me to do a reboot dance and it was all quite tedious. Over time, more and more of the tooling has migrated to Linux and it all works quite well.
The signing is done with an EV code signing cert from SSL.com and stored on a Yubikey. Getting the certificate onto the key is a bit tedious, but reasonably well-explained in the ssl.com docs.
Microsoft wants the shim binaries uploaded to their partner portal
wrapped in a .cab file, which should be signed.
The wrapping in a .cab file is easy enough: lcab shim.efi shim-unsigned.cab. It’s fine to put shims for multiple architectures
in the same .cab file.
Signing of the file is a little bit of a rune:
Log inosslsigncode sign -pkcs11module /usr/lib/x86_64-linux-gnu/libykcs11.so -key "pkcs11:serial=XXX" -askpass -certs chain.crt -h sha256 -ts http://ts.ssl.com shim-unsigned.cab shim-unsigned.signed.cab
chain.crt contains first our EV code signing cert, then the ssl.com
intermediate EV code signing cert, then the ssl.com EV root cert. The
naming of the packages is a tiny bit confusing, but it’s because the
package name in Debian is shim-unsigned.
Occasionally, processing of uploaded binaries just stops in the validation stage in the portal, but I’ve so far been able to unstuck them by re-signing and uploading again, and I saw the same with the MS/Windows toolchain, so I suspect it’s just flakiness on the portal side.
