API Archives

Tech Optimizer

April 16, 2026

Deploy Postgres and MySQL databases with PlanetScale + Workers

Cloudflare has deepened its partnership with PlanetScale to enhance the developer experience by providing Cloudflare Workers with access to Postgres and MySQL databases. Users will be able to create PlanetScale databases directly from the Cloudflare dashboard and API, with billing handled through their Cloudflare accounts. Cloudflare credits can be applied towards PlanetScale databases. The integration allows developers to link their PlanetScale accounts and create Postgres databases from the Cloudflare dashboard. Starting next month, new PlanetScale databases will be billed directly to Cloudflare accounts. The integration uses Hyperdrive for database connectivity, managing connection pools and query caching. PlanetScale offers performance and reliability, allowing developers to choose between Postgres and Vitess MySQL. Cloudflare users can deploy PlanetScale databases directly from Cloudflare, with features like query insights and usage breakdowns included. A single node on PlanetScale Postgres starts at a specified monthly rate. Developers can configure Workers to minimize latency by placing them near the primary database, with future plans to automate this process. Currently, billing for existing PlanetScale databases is processed through PlanetScale, but new databases will be billed through Cloudflare starting next month. Further enhancements and API integration are planned, with community feedback encouraged.

Tech Optimizer

April 15, 2026

Connecting .NET Lambda to Amazon Aurora PostgreSQL via RDS Proxy

Many organizations are modernizing legacy .NET applications while reducing database costs and enhancing scalability, particularly during migrations to AWS Lambda and transitions from SQL Server to Amazon Aurora PostgreSQL-Compatible Edition. The process involves connecting Lambda functions to Aurora PostgreSQL using Amazon RDS Proxy, with AWS Secrets Manager managing secure credential storage. The architecture includes a .NET Lambda function interfacing with Aurora PostgreSQL via RDS Proxy, which provides connection pooling to minimize database connection overhead. The solution requires a CloudFormation template to provision resources such as a VPC with private subnets, an Aurora PostgreSQL cluster, RDS Proxy, and Secrets Manager. The RDS Proxy is configured with parameters including PostgreSQL engine family, idle client connection timeout, and Secrets Manager secret. A Windows EC2 instance is provisioned, and access is facilitated through AWS Systems Manager Fleet Manager. The solution includes creating a sample table named "employee" in the database and a new .NET Lambda project that utilizes Npgsql for database connections. The Lambda function is deployed using the AWS CLI, and testing involves invoking the function and retrieving logs from Amazon CloudWatch. Finally, resources created during the process should be deleted to prevent ongoing charges.

AppWizard

April 13, 2026

Android Fax Apps (2026): Top picks for medical, business and industrial use

In 2026, the top Android fax apps are evaluated based on compliance, reliability, and cost-effectiveness for various sectors. The Municorn Fax App is identified as the best overall due to its unlimited fax sending, HIPAA-compliant infrastructure, and user-friendly interface. iFax is noted for its security features and compliance, making it ideal for healthcare providers, though its pricing can increase with usage. Fax.Plus is recommended for enterprises needing structured workflows and compliance, while eFax is recognized for its brand familiarity and occasional faxing needs. The FAX App is a simple, budget-friendly option for basic faxing tasks. Key factors for ranking include compliance, pricing models, ease of use, scalability, and integration capabilities.

Tech Optimizer

April 11, 2026

Database Branching in Postgres: Git-Style Workflows with Databricks Lakebase

Database branching is a modern approach that addresses the limitations of traditional database management in development workflows. Unlike conventional database copies, which require significant time and resources to duplicate data and schema, database branching allows for the creation of isolated environments that share the same underlying storage. This method utilizes a copy-on-write mechanism, enabling branches to be created in seconds regardless of database size, with storage costs tied only to the changes made. Key features of database branching include: - Branch creation time: Seconds, constant regardless of database size. - Storage cost: Proportional to changes only, not the total data size. - Isolation: Each branch has its own Postgres connection string and compute endpoint. - Automatic scaling: Idle branches can scale compute to zero, incurring costs only when active. The architecture supporting this approach separates compute from storage, allowing multiple branches to reference the same data without conflict. This design facilitates time travel capabilities, enabling branches to be created from any point in the past for instant recovery and inspection. Database branching unlocks new workflows, such as: - One branch per developer, providing isolated environments for each engineer. - One branch per pull request, automating branch creation and deletion tied to PRs. - One branch per test run, provisioning fresh databases for each CI pipeline execution. - Instant recovery from any point in time within a designated restore window. - Ephemeral environments for AI agents, allowing programmatic database provisioning. Databricks Lakebase offers this database branching capability, transforming the database from a bottleneck into a streamlined component of the development process.

AppWizard

April 11, 2026

Roblox unveils new Roblox Plus monthly subscription that pays creators who get players to sign up for the new Roblox Plus monthly subscription

Roblox has contributed over 60% to the net growth in consumer spending within the games industry, excluding China, since 2021. The company has launched a new subscription plan called Roblox Plus, aimed at enhancing user experience and providing creators with additional revenue opportunities. Roblox will absorb the costs of discounts, ensuring creators earn the same amount on individual purchases. The platform's API documentation includes a script that encourages players to subscribe to Roblox Plus, offering immediate rewards and access to exclusive areas. Roblox has indicated that this launch is just the beginning of their plans for expansion.

Tech Optimizer

April 10, 2026

Popular Monitor Utilities, CPU-Z And HWMonitor, Have Been Infected With Malware

Recent reports indicate that the hardware monitoring tools HWMonitor and CPU-Z have been compromised, leading to users downloading malware instead of the legitimate software. Users reported receiving suspicious executable files and antivirus alerts when attempting to download the latest versions. A specific incident involved a user who downloaded HWMonitor from the official CPUID website, only to find the file was labeled incorrectly and flagged as a virus by Windows Defender. Cybersecurity experts confirmed that this is a serious issue involving a multi-stage trojanized attack from a compromised domain. The developer of CPU-Z and HWMonitor acknowledged that a secondary feature linked to the website was compromised for about six hours, causing the main website to display incorrect files. Users are advised to refrain from downloading or updating these utilities until the issue is resolved.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

AppWizard

April 9, 2026

Minecraft 26.2 Snapshot 1

- The upcoming release is titled "Chaos Cubed." - Players can explore the Overworld and sulfur caves, seeking sulfur springs and new resources. - A new mob called the Sulfur Cube has been introduced, which absorbs blocks and can be interacted with using Shears. - The Sulfur Cube can detect nearby block items and will follow players holding absorbable blocks. - Upon defeat, the Sulfur Cube splits into two smaller versions, which can be fed to grow larger. - New Cinnabar and Sulfur block sets have been added, including various variants like Polished and Bricks. - The sulfur caves biome has been added, featuring sulfur pools and the Sulfur Cube mob. - Potent Sulfur is a new block that produces nausea-inducing gas when placed under water. - Sulfur Springs generate naturally above the sulfur cave biome in various sizes. - Vulkan support has been added for improved visual experience, with a new "Graphics API" option in Video Settings. - Players can toggle between OpenGL and Vulkan, with Vulkan being the default if supported. - New attributes related to bounciness and friction have been introduced for entities. - New sounds and textures for Sulfur, Potent Sulfur, Cinnabar, and the Sulfur Cube have been added. - Various bugs have been fixed to improve gameplay stability.

Tech Optimizer

April 6, 2026

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Cybersecurity researchers have discovered 36 malicious packages in the npm registry that impersonate Strapi CMS plugins. These packages exploit Redis and PostgreSQL, deploy reverse shells, harvest credentials, and establish persistent implants. Each package consists of three files—package.json, index.js, and postinstall.js—without descriptions or repositories, and all use version 3.6.8 to mimic legitimate Strapi plugins. The malicious packages follow a naming convention starting with "strapi-plugin-" and were uploaded by four accounts within 13 hours. The identified packages include names like strapi-plugin-cron, strapi-plugin-database, and strapi-plugin-server. The malicious code is embedded in the postinstall script, executing automatically upon installation with the same privileges as the user. The payloads evolve from exploiting Redis for remote code execution to attempting direct PostgreSQL database exploitation and deploying persistent implants for remote access. The campaign appears to target cryptocurrency platforms, as indicated by the focus on credential theft and digital assets. Users of these packages are advised to assume compromise and rotate credentials. This incident reflects a broader trend of supply chain attacks in the open-source ecosystem, with recent examples including credential exfiltration payloads in GitHub repositories and compromised GitHub Actions workflows. Group-IB reported that software supply chain attacks are increasingly reshaping the cyber threat landscape, targeting trusted vendors and open-source software to gain access to downstream organizations.

Winsage

April 6, 2026

ResokerRAT Hijacks Telegram API to Command Infected Windows PCs

A newly discovered Windows malware called ResokerRAT uses Telegram’s Bot API for its command-and-control operations, allowing it to monitor and manipulate infected systems without a conventional server. It obscures its communications by integrating with legitimate Telegram traffic, complicating detection. Upon execution, it creates a mutex to ensure only one instance runs and checks for debuggers to avoid analysis. It attempts to relaunch with elevated privileges and logs failures to its operator. ResokerRAT terminates known monitoring tools and installs a global keyboard hook to obstruct defensive key combinations. It operates through text-based commands sent via Telegram, allowing it to check processes, take screenshots, and modify system settings to evade detection. Persistence is achieved by adding itself to startup and altering UAC settings. The malware retrieves additional payloads from specified URLs and uses URL-encoded data for communication. Researchers have confirmed its Telegram traffic, and its behavior aligns with various MITRE ATT&CK techniques. Security teams are advised to monitor for unusual Telegram traffic and scrutinize registry keys related to startup and UAC.