News & Updates
The latest news and updates from companies in the WLTH portfolio.
Court order makes Discord add temporary child protections in Texas
The platform must change several default settings for Texas users. AUSTIN, Texas - The popular online messaging platform Discord is now temporarily required to add child protection features in Texas following a court decision. Discord restraining order The latest: The temporary restraining order (TRO) against Discord was secured after Texas AG Ken Paxton's office filed a lawsuit alleging "weak" safety settings and children being exposed to online predators. The new court order, announced by the AG's office on Friday, requires Discord to mmediately reconfigure four key default settings to their most protective state for all Texas accounts: * Blocking sensitive content rather than merely blurring it; * Disabling friend requests from "Everyone;" * Turning off direct-message social permissions; * And setting spam filtering to "Filter All." Discord is also required to change their language claiming safety, as well as suspend the automatic 90-day expiration of user violation records and preserve all enforcement and moderation data. It must also file a verified report within fourteen days disclosing its true default settings, the percentage of its workforce devoted to safety, and data on how easily banned users return. What's next: A hearing on the State's request for a temporary injunction is set for June 5, 2026, at 9:00 a.m. in Collin County District Court. What they're saying: "Discord designed a predator's paradise, switched off the safeguards by default, and looked Texas parents in the eye and called it safe. That is not negligence. That is evil dressed up as a safety policy," said Paxton in his Friday release. "A court ordered Discord to stop, and I will pursue this company with the full and unrelenting force of the law until every child in Texas is protected from the sick predators it invited in. Discord was warned again and again and did nothing. It will not get to ignore Texas." Texas vs Discord The backstory: Paxton's office filed the suit on Friday, May 22, following his office's investigation into the platform for "extremist" content after the assassination of conservative activist Charlie Kirk. What they're saying: "Discord has allowed and invited all kinds of nihilistic violence and evil. My office is taking action to protect our nation's precious children from predators," said Paxton when announcing the litigation. "We live in a time where the dangers children face online have never been greater, and every parent in Texas deserves to know their child is protected." Paxton cited cases in which teens were allegedly assaulted or traumatized as a result of using the platform.
I manage my entire home lab using Telegram and Discord and it's the coolest thing ever
Ask anyone running a home lab, and they'll tell you that it is a constant cycle of excitement around discovering cool new services, and eventually, maintenance fatigue. It starts simply enough with a single service, but before you know it, your Synology NAS is running dozens of Docker containers handling everything from media servers to network-wide ad blockers. The real challenge is not setting these services up; it is keeping them running smoothly without spending every weekend staring at a management console or container logs.
Proton-CachyOS adds low latency layer and Discord rich presence support
Proton-CachyOS version 11.0-20260519 has released bringing support for the new open source low_latency_layer, along with Discord rich presence. Anyone can run their own fork of Valve's Proton as it's open source. Check out the GamingOnLinux Guide to all the different Proton versions. Proton-CachyOS includes a lot of extras on top of Valve's Proton, based on their testing code and various patches (so in some ways it can be more unstable). The main changes for this release include: Source: GitHub To use it you can follow all the same steps as in the GE-Proton guide here on GamingOnLinux, you just pick Proton-CachyOS instead.
Claude Code Plugins Get Official Directory: Anthropic Flags Unverified MCP Risks
The 20,000-star repository ships two-tier plugin verification and a one-command install path. Anthropic has formalized its Claude Code plugin ecosystem with an official, company-managed directory on GitHub -- giving the tool's fast-growing developer community a single vetted source for extensions, while issuing an explicit warning that even listed plugins may load unverified third-party software. The repository, anthropics/claude-plugins-official, launched May 22 and has accumulated over 20,000 stars as developers seek a reliable alternative to the scattered community marketplaces that preceded it. The directory organizes two classes of plugins. An internal /plugins folder contains extensions built and maintained by Anthropic's own team, covering 12-language language server protocol support, pull-request review tooling, git workflow automation, output formatting, and code quality checks. A separate /external_plugins folder holds third-party contributions from partners including GitHub, GitLab, Linear, Asana, Firebase, Playwright, Terraform, and Discord. Third-party submissions must pass quality and security screening before inclusion and can be submitted via a form at clau.de/plugin-directory-submission. Before this week's launch, Claude Code's extension landscape was fragmented. Useful plugins existed, but locating and evaluating them required digging through independent GitHub repositories, community forums, and informal word-of-mouth recommendations. The new official directory changes that by giving developers a single, authoritative starting point. The structural shift mirrors what happened to other developer platforms when centralized marketplaces arrived. When the Visual Studio Code marketplace consolidated extensions in one place, adoption of the editor accelerated substantially. The official claude-plugins-official repository now functions as that consolidation point for Claude Code -- a curated index rather than an unfiltered firehose. Installation is a single terminal command: /plugin install {plugin-name}@claude-plugins-official. Developers who already have Claude Code running will find the official marketplace pre-registered by default -- no additional setup is required before browsing. The full plugin catalog is also viewable at claude.com/plugins. Anthropic applies two levels of scrutiny to plugins in the directory. All submissions go through basic automated screening before inclusion. Plugins that pass a stricter, additional review earn an "Anthropic Verified" badge, which signals higher confidence in both quality and safety. Plugins without that badge have cleared automated checks only. This distinction matters, and Anthropic says so directly. The official plugin page states: community plugins "may install unverified, third party software that could be malicious or result in unintended behavior." Users are advised to review each plugin's linked source code before installing. That caveat has real-world precedent. Research published in January 2026 by SentinelOne documented a class of attack in which a malicious Claude Code marketplace plugin redirects a developer's dependency installation to an attacker-controlled source, embedding trojanized code that persists silently across sessions. In the same period, security firm PromptArmor demonstrated how an injected plugin could steer Claude Code into performing unauthorized actions without triggering standard security tooling. Earlier still, in December 2025, Cato Networks researcher Inga Cherny showed that a modified Claude Code skill plugin could download and execute ransomware -- specifically the MedusaLocker variant -- by inserting a single seemingly benign function into an otherwise legitimate extension. A February 2026 security audit by Snyk of the broader Claude Code agent-skills ecosystem found that 13 percent of agent-skills packages contained critical security flaws. These findings do not implicate the official directory specifically -- none of the documented attacks involved claude-plugins-official listings. They do establish that plugin installation is a supply-chain decision, not a convenience one, and that the official directory's curation reduces but does not eliminate risk. A Claude Code plugin is a packaging format, not a single type of extension. Each plugin can bundle any combination of four components: slash commands (custom shortcuts for recurring operations), agents (purpose-built subagents for specialized tasks), Model Context Protocol (MCP) servers (connections to external tools and data sources), and hooks (automated behaviors that fire at specific points in the coding workflow, such as after a file edit or before a commit). The plugin system was first introduced as a public beta in October 2025 via an Anthropic announcement. The official directory now centralizes the best-vetted examples of that system in action. Developers who want to understand the plugin format in detail can consult the official plugin documentation. Because plugins execute with the installing user's system permissions, they can read and write files, access environment variables, and connect to external network services. This is what makes them powerful -- and what makes permission review essential before installation. Anthropic's official security documentation recommends reviewing what permissions a plugin requests before installation and verifying that those permissions are proportionate to the plugin's stated function. A plugin that formats commit messages has no legitimate reason to request broad filesystem access or network connectivity. A plugin that connects to a cloud infrastructure provider will, by definition, need both -- and the source code should make clear exactly where those connections go. For plugins listed in the official directory, each entry links directly to its source repository, making code review straightforward. For community-sourced plugins from outside the official directory, the due-diligence bar is higher, because automated screening is not guaranteed. The "Anthropic Verified" badge is the most reliable signal currently available within the directory. It does not guarantee that a plugin is free of all risk -- Anthropic's own language stops short of that claim -- but it does indicate the plugin has passed a human review stage that automated scanning alone does not cover. How do I install Claude Code plugins from the official directory? Open Claude Code and run /plugin install {plugin-name}@claude-plugins-official in the terminal, replacing {plugin-name} with the name of the plugin you want. The official marketplace is pre-registered in all current Claude Code installations, so no additional setup is required before browsing. You can also view all available plugins at claude.com/plugins. Are Claude Code plugins in the official directory safe to install? Anthropic applies automated security screening to all directory submissions and awards an "Anthropic Verified" badge to plugins that pass additional human review. However, Anthropic explicitly states it cannot verify all software that a plugin may install or connect to, particularly third-party MCP servers bundled by external plugins. Users should review each plugin's source code, check what permissions it requests, and install only from developers they trust. What is the Anthropic plugin directory and how is it different from community marketplaces? The anthropics/claude-plugins-official GitHub repository is Anthropic's curated, company-maintained index of Claude Code plugins. Every listing has passed at minimum an automated security review before inclusion, and Anthropic-built internal plugins appear alongside vetted third-party submissions. Community marketplaces exist outside this directory and may or may not apply consistent review standards. How does a Claude Code plugin differ from a Claude Code skill? A plugin is a distribution and packaging format; a skill is a specific type of content a plugin can contain. Installing a plugin gives you everything bundled inside it -- which may include skills (instruction sets Claude applies automatically to relevant tasks), slash commands, agents, MCP server configurations, and hooks. Skills are the reusable instruction sets; plugins are how those sets get installed and managed.
TX sues Discord, arguing online messaging platform endangered children
The state's spot review found Texas public colleges were not using diversity, equity and inclusion efforts on campuses. Discord is an online messaging service generally used by people to communicate while playing video games. It also includes chat functions and the ability for users to create topic-based servers. Paxton has sued other video game and social media platforms, like Snapchat, Tiktok and Roblox, in recent months over similar concerns that they are violating users' data privacy and allowing their platforms to be used to exploit children.
Discord Now Encrypts Voice and Video Calls by Default, but Not Your DMs
Reports suggest Discord had quietly implemented E2EE for voice calls as far back as March this year, but the company is only now officially announcing it. As concerns around AI training and data privacy continue to grow, tech companies are rushing to prove that users' conversations are actually private. One of the biggest tools for that has been end-to-end encryption, which means no one except the people in the conversation can access the data. Now, Discord is finally bringing that protection to voice and video calls. The platform has rolled out end-to-end encryption (E2EE) for all voice and video calls, with no opt-in required since it is enabled by default. There is one caveat, though: Stages, Discord's more public broadcast-style channels, are excluded from the feature. Reports suggest Discord had quietly implemented E2EE for voice calls as far back as March this year, but the company is only now officially announcing it. In a blog post announcing the feature, Mark Smith, Discord's vice president of core technologies, said, "End-to-end encryption is now standard for every voice and video call on Discord, outside of stage channels. No opt-in required." The part that may disappoint some users is that Discord still has no plans to add E2EE to text messages. So, while your calls are now encrypted, your DMs and text chats still do not have the same level of privacy protection. The move comes just days after Google and Apple announced expanded end-to-end encryption support for RCS messaging. Even more interestingly, some companies are moving in the opposite direction. Meta removed end-to-end encryption from Instagram DMs earlier this year, while TikTok has also said it will not offer the feature for direct messages. So yes, your private Discord calls are now far more private than before, and that is meaningful progress. But if privacy matters to you beyond voice and video, the lack of encryption for text messages is still something worth paying attention to.
Discord Voice and Video Calls Now End-to-End Encrypted by Default
Discord says it has switched on end-to-end encryption (E2EE) by default for every voice and video call across its platforms, including desktop, mobile, web, and consoles like PlayStation and Xbox. The rollout covers DMs, group DMs, voice channels, and Go Live streams. There's no opt-in required, or any setting to change. Stage channels are the only exception, given that they're built for broadcasting to larger audiences rather than personal chats. The protection runs on DAVE, an open-source protocol Discord first introduced in September 2024. In a blog post, Discord's Mark Smith said building it was slow and complicated, partly because a single Discord call can mix people on phones, laptops, browsers, and game consoles in the same conversation. Announcing the change, Smith said: "Building an E2EE protocol that works seamlessly across all of those surfaces simultaneously is, to my knowledge, unlike anything else that's been shipped. DAVE is likely one of the internet's most platform-diverse E2EE voice and video implementations." Discord says it's now stripping out the remaining client code that allowed unencrypted fallback, so that encrypted calls will be the only option rather than a default. "We have no current plans to extend E2EE to text messages," added Smith. The completed rollout stands in stark contrast to policy changes by Meta, which recently removed its encryption feature for Instagram DMs.
