🎓💪CS Prof Lance Fortnow showing how to fight back

"Don't preemptively change your policies and your values. Too many universities are abandoning DEI, changing their curriculum, freezing hiring of faculty and students, in anticipation of challenges to come. […] participate in Stand Up for Science, reach out to our representatives at the national & state level, and just be part of the resistance. We can't let bullies dictate our future, we must control it for ourselves. ”

https://blog.computationalcomplexity.org/2025/03/taking-stand.html

Biscuit is joining the eclipse foundation

https://www.biscuitsec.org/blog/joining-eclipse/

Good news everyone! After a lot of work and a new version of the specification, we have released new beta versions of biscuit-rust, biscuit-cli and biscuit-web-components.

- [biscuit v3.3](https://www.biscuitsec.org/blog/biscuit-3-3/)
- [biscuit-auth v6.0.0-beta.1](https://crates.io/crates/biscuit-auth/6.0.0-beta.1)
- [biscuit-cli v0.6.0-beta.1](https://crates.io/crates/biscuit-cli/0.6.0-beta.1)
- [biscuit-auth/web-components 0.7.0-beta.1](https://www.npmjs.com/package/@biscuit-auth/web-components/v/0.7.0-beta.1)

The website has been updated, so all the new features are available in the online tooling section

Hi everyone. Today we have issued a security advisory on the biscuit spec, and released security updates for all the libraries maintained by the core team.
This fixes a vulnerability related to 3rd-party blocks.

tl;dr: this affects third-party blocks containing `trusting pk` annotations, only when they're generated through an untrusted block request.

More details in the following blog post https://www.biscuitsec.org/blog/public-key-confusion/