De Pindakaasvloer is binnenkort weer te zien in Rotterdam. Museum Boijmans van Beuningen bouwt de vloer in juli op in het Depot als eerbetoon aan de overleden kunstenaar en televisiemaker Wim T. Schippers, bedenker van de vloer. Schippers overleed een week geleden op 83-jarige leeftijd.

Het Russische fregat, de Admiral Grigorovich, wilde dat het Britse jacht van koers zou veranderen. Meerdere pogingen om radiocontact tot stand te brengen waren mislukt, volgens het Russische ministerie.

Three critical flaws in Fortinet’s sandbox that allow remote attackers to bypass authentication, escalate privileges, and execute malicious code are under active exploitation, according to threat intelligence firm Defused. Fortinet patched two of the three flaws, CVE-2026-39813 and CVE-2026-39808, in April and the third, CVE-2026-25089 last week. All three bugs received 9.1 CVSS ratings, and, at the time, the vendor said that there were no reports of active exploitation. CVE-2026-39813 is a path traversal bug in the FortiSandbox JRPC API that allows an authentication bypass using specially crafted HTTP requests. It affects FortiSandbox 4.4.0 through 4.4.8 and 5.0.0 through 5.0.5. Patch to 4.4.9+ or 5.0.6+, depending on the branch, to fix the flaw. Fortinet security analyst Loic Pantano found this one. CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized code or commands via HTTP requests. It affects versions 4.4.0 through 4.4.8, and upgrading to FortiSandbox 4.4.9 or above patches the hole. Fortinet credited KPMG Spain researcher Samuel de Lucas Maroto with finding and reporting this bug. Finally, CVE-2026-25089 is another OS command vulnerability in FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS WEB UI that allows unauthenticated attackers to execute unauthorized commands using specifically crafted HTTP requests. FortiSandbox 4.4.0 through 4.4.8 and 5.0.0 through 5.0.5, FortiSandbox Cloud 5.0.4 through 5.0.5, and FortiSandbox PaaS 5.0.4 through 5.0.5 are vulnerable. Upgrading to a fixed version patches the hole. Fortinet did not respond to The Register’s inquiries about these three CVEs and if the vendor had also observed any attacks against them. According to Defused, the exploitation began over the weekend. “We are observing exploitation of multiple Fortinet FortiSandbox vulnerabilities during the past 24 hours,” the threat-intel firm said in a LinkedIn post on Monday. “Per our research a working exploit for CVE-2026-25089 has not yet been publicly disclosed,” the company added, noting that the exploit for this flaw appeared to be vibe coded and may be faulty. We do know that all manner of miscreants love to abuse Fortinet flaws, so if you haven’t already, patch now. Earlier this month, Check Point VP of research Lotem Finkelstein warned that ransomware crims had exploited a critical authentication bypass vulnerability affecting Fortinet's Remote Access VPN and Mobile Access deployments, and said that the same crew was also likely abusing other VPN-related vulnerabilities in Fortinet products. ®

Retro computing brand Commodore has brought its pre-internet sensibilities to the mobile phone market with a $500 flip handset that proudly ships without social media, email, a web browser, or most of the things people typically buy smartphones to use. The company unveiled the device, dubbed Callback, this week and pitched it as a privacy-focused antidote to doomscrolling. Built in partnership with Finnish outfit Jolla, whose Sailfish OS traces its roots back to former Nokia engineers, the Linux-based handset attempts to split the difference between a feature phone and a smartphone. If your idea of progress is deleting half the apps on your phone, Callback may be for you. Commodore has removed email, social media, web browsing, workplace chat apps, and AI assistants, while bringing back physical controls and T9-style texting. Instead, buyers get a flip phone with a 48 MP Sony camera, FM radio, HD audio support, a selection of Commodore-themed games, and enough Android compatibility to run "99 percent" of Android applications through Sailfish OS's compatibility layer. "Phones were fun. Then they got too smart for their own good, and ours," said Commodore chief executive Peri Fractic, who said the idea grew out of his own efforts to reduce screen time before becoming a father. The company leans heavily on privacy as a selling point, promising no hidden data collection, no account sign-ins, encrypted storage, and what it describes as a "private not profit" business model. For many tech veterans, however, the real selling point may simply be the badge on the front. Long before smartphones, app stores, and algorithmic feeds, Commodore systems occupied bedrooms, classrooms, and living rooms around the world. For a generation of geeks, the brand still evokes cassette tape loading screens, SID-chip soundtracks, and countless hours spent typing programs from magazine listings. That's also why the company keeps getting resurrected. Commodore International collapsed in 1994, but the brand has spent much of the intervening decades bouncing between various owners eager to capitalize on the affection still attached to the name. Callback will initially launch in five versions, ranging from a $500 BASIC Beige model to a $640 Founders Edition complete with a 24-carat gold Commodore button. Whether nostalgia translates into sales remains another matter. Privacy-focused and minimalist phones have appeared regularly over the past decade, such as Punkt, usually attracting plenty of headlines and relatively few customers compared with the hundreds of millions of mainstream smartphones sold each year. Still, for anyone nostalgic for the days when hanging up the phone actually ended the conversation, Commodore has an answer: snap it shut and walk away. ®

BERLIJN (ANP) - Tennisster Serena Williams heeft haar tweede wedstrijd na haar rentree niet weten te winnen. De 44-jarige Amerikaanse strandde met haar Tsjechische partner Karolína Muchová in de eerste ronde van het dubbelspel op het grastoernooi van Berlijn. Het duo verloor met 6-4 6-4 van de Mexicaanse Giuliana Olmos en Erin Routliffe uit Nieuw-Zeeland.

Williams won vorige week met de Canadese Victoria Mboko bij haar rentree van Routliffe en de Amerikaanse Nicole Melichar-Martinez op Queen's. De twee kwamen vervolgens niet in actie in de tweede ronde door een blessure van Mboko.

Eerder op dinsdag werd bekend dat Williams met haar zus Venus gaat uitkomen op Wimbledon. De veelvoudig grandslamkampioenen hebben van de organisatie een wildcard gekregen. De zussen wonnen samen zes keer het dubbelspel op Wimbledon, voor het laatst in 2016. Serena Williams stopte in 2022 voor het eerst met tennis.

OSTRAVA (ANP) - Femke Broeders-Bol is bij haar outdoordebuut op de 800 meter in het Tsjechische Ostrava tweede geworden in een tijd van 1.57,13. De wedstrijd werd gewonnen door de Zwitserse Audrey Werro in een razendsnelle 1.54,45. Met haar tijd is Bol ruim anderhalve seconde langzamer dan het Nederlands record dat Ellen van Langen tijdens haar gouden olympische race in Barcelona in 1992 noteerde.

Bol liep in de eerste ronde op de derde plaats in het spoor van Werro. In de rug van Werro schoof ze op naar plek 2. Ze wist lang in het spoor van de Zwitserse te blijven, maar moest haar in de laatste bocht laten gaan. "Het was zo cool", zei Bol na de wedstrijd in een flashinterview. Ze was blij dat ze tegen Werro, die in uitstekende vorm verkeert, mocht lopen. "Het was zwaar, maar ik heb ervan genoten."

Broeders-Bol maakte eind 2025 de overstap van de 400 meter horden naar de 800 meter. Op haar nieuwe onderdeel debuteerde ze in februari tijdens het indoorseizoen. Ze liep in Metz direct naar het Nederlands indoorrecord met 1.59,07. Daarna werd ze gehinderd door een peesblessure.

De tweevoudig wereldkampioen op de 400 meter horden heeft stevige concurrentie op haar nieuwe afstand. Werro liep op 7 juni in Stockholm de derde tijd ooit. Met haar 1.53,98 was ze de snelste vrouw op de 800 meter in 43 jaar. De Britse olympisch kampioen Keely Hodgkinson liep in februari op de 800 meter indoor het 23 jaar oude wereldrecord uit de boeken.

With the World Cup expanding to a massive 104 matches, navigating the "morass of endless football" can feel a bit overwhelming. Thankfully, the Guardian’s chief sports writer, Barney Ronay, has done the heavy lifting. He breaks down the group stage fixtures you absolutely cannot miss - from historic David v Goliath battles to high-stakes political showdowns.

Continue reading...