• Bitcoin
• Lightning
• Nostr
• Freedom Tech
• Privacy
• AI
• Other

§Bitcoin

• Bull Bitcoin Secure Storage Rescue. Bull Bitcoin Secure Storage Rescue
• Arkade TS SDK Boltz Swap 0.3.39. What’s Changed Boarding HD rotation + default/boarding collision fix by @pietro909 in https://github.com/arkade-os/ts-sdk/pull/542 (chore) Upgrade regtest submodule to latest master by @pietro909 in https://github.com…
• Arkade TS SDK 0.4.34. What’s Changed Boarding HD rotation + default/boarding collision fix by @pietro909 in https://github.com/arkade-os/ts-sdk/pull/542 (chore) Upgrade regtest submodule to latest master by @pietro909 in https://github.com…

§Lightning

• Lightning Terminal 0.17.0-alpha.rc1. This version of Lightning Terminal (LiT) ships lnd v0.21.0-beta , tapd v0.8.0 and pool v0.7.1-beta .

§Nostr

• Signet 1.11.0. Security - Kill switch NIP-17 command forgery fixed : the NIP-17 (gift-wrap) admin-command path only checked the unsigned inner rumor’s claimed author, never verifying the signed seal.

Upgrade immediately if running Signet relays that accept NIP-17 admin commands. The forgery allowed unsigned inner rumor impersonation.

• NYM Chat 3.70.479. Hotfix: warrant canary system added to about modal

§Freedom Tech

• OnionShare 2.6.4. 2.6.4 - Security fix: Prevent symlink traversal - Security fix: Prevent upload of files when file upload mode is disabled.

Upgrade to close symlink traversal and unauthorized upload vectors. Both allow attackers to bypass intended file-sharing constraints.

• XSAs released on 2026-06-09. The Xen Project has released one or more Xen security advisories (XSAs) .

§Privacy

• Bitwarden Server Version 2026.6.0. Overview - Removed feature flag for consolidated session timeout component - Removed feature flag for disabling type zero decryption - Removed feature flag for migration of My Vault to My Items - Removed feature flag…
• BasicSwap DEX 0.16.5. Updated docker base images to Debian Trixie.
• Tuta Calendar 350.260608.0. Bugfixes - fixed continue button on plan selector 10905 - fix snackbar position 10867 - extract calendar-related post-login action from PostLoginActions 10864 Milestone https://github.com/tutao/tutanota/milestone/439?…
• Tuta 350.260608.0. Bugfixes - fixed continue button on plan selector 10905 - fix snackbar position 10867 - extract calendar-related post-login action from PostLoginActions 10864 Milestone https://github.com/tutao/tutanota/milestone/439?…
• Payjoin Dev Kit Release 1.0.0-rc.3. Summary This release introduces sender and receiver cancel() APIs, fallback typestates for both sender and receiver, merges Cancel/Failure error variants and carves out dedicated errors (CoinSelectionError, Decapsulat…
• NewPipe 0.28.8. This release fixes issues that were caused by YouTube enforcing its SABR protocol, except for videos made for kids due to a limitation of the workaround.

Update if YouTube playback broke. The SABR workaround does not cover videos made for kids.

• NewPipe Extractor 0.26.3. Improved - YouTube Use formats xTags to extract audio track type 1504 Fixed - YouTube Workaround SABR enforcement by using another player client 1508 - YouTube Fix extraction of playlist items and some properties in l…
• restic 0.19.0. Changelog for restic 0.19.0 (2026-06-09) ======================================= The following sections list the changes in restic 0.19.0 relevant to restic users.
• Mullvad VPN loader 1.2.1. Here is a list of changes since last release 1.2.0: Changed - Write logs to mullvad paths::logs::frontend log dir instead of a temporary directory.
• Vexl 1.43.3. Vexl 1.43.3 (770)
• Bitwarden Clients Web 2026.6.0. Various under-the-hood improvements and minor bug fixes
• Obscura VPN 1.163. - Add option to allow local network access.
• Delta Chat Android 2.52.0. Fix: avoid crashes in Media preview sometimes Fix: Incorrect total time when attaching audio files as draft Fix: Audio files in draft showing total time from wrong file Fix: Update the channel title after joining if t…
• How to use Google Photos Locked Folder (and a safer alternative). Learn how to use Google Photos’ Locked Folder, how it exposes your photos to Google, and a safer way to store sensitive images privately.

§AI

• langchain-openai== 1.3.0. Changes since langchain-openai==1.2.2 hotfix(openai): min core dep ( 37990) release(openai): 1.3.0 ( 37989) feat(openai): support apply patch built-in tool ( 37157) chore(model-profiles): refresh model profile data (…
• Cline 3.89.0. Added - Add Claude Fable 5 model support.
• langchain-groq== 1.1.3. Changes since langchain-groq==1.1.2 release(groq): 1.1.3 ( 38009) hotfix(openai): min core dep ( 37990) test(langchain,partners): disable pytest-benchmark under xdist to silence PytestBenchmarkWarning ( 37901) chore(m…
• AnythingLLM 1.14.0. Improvements - x Cerebres provider - x The default chat thread is now killed when you create a new thread.
• llama.cpp b9587. speculative : fix “ngram-map-k4v” name in logging ( 24253) This is a non-functional change.
• Anthropic Cli 1.11.0. 1.11.0 (2026-06-09) Full Changelog: v1.10.0…v1.11.0 Features api: add support for claude-mythos-5 and claude-fable-5, with support for server-side fallbacks on refusal ( 8302a45 ) api: manual updates ( c5d792d ) api…
• Kimi Code 0.13.1. Patch Changes 610 b747c6a - Add Claude Fable 5 support to the Anthropic provider.
• llm CLI 0.32a3. Driven by the needs of Datasette Agent’s human-in-the-loop ask user() feature, made the following improvements to how tool calls work: - Tool implementations can declare a parameter named llm tool call in order to be…
• ClaudeForFoundationModels 0.1.1. Put ClaudeForFoundationModels/{version} first and move the embedding app’s bundle id and version into the comment, so first-token User-Agent parsers attribute traffic to the package regardless of which app embeds it.

§Other

• Comment to FinCEN on AML/CFT Programs. A PDF version of this filing is available here.

Read this brief on the web: https://freedomtech.news/posts/2026-06-10-bitcoin-daily-brief/