breach Archives

AppWizard

May 7, 2026

Path of Exile 2’s complete endgame redesign is great for everyone, especially newcomers

Grinding Gear Games unveiled the upcoming Path of Exile 2 patch 0.5, titled "Return of the Ancients," which includes nearly 900 words of updates. The patch features a comprehensive redesign of the endgame, introducing new systems like Atlas Ascendancies and league-specific features such as Runes of Aldur. The Runes of Aldur league involves rescuing a blacksmith and activating remnants for rewards, including over 100 new runes and a new stat called Runic Ward. A new currency type, Alloys, allows crafting modifiers on items. The endgame has a revamped structure with fixed league mechanics and unique quest lines, culminating in encounters with the Arbiter of Ash and a mysterious ultimate boss. All four launch mechanics have received upgrades, and quality-of-life improvements include in-game build guides and enhanced market features. Two new Ascendancies, the Spirit Walker Huntress and Martial Artist Monk, will be introduced, along with new unique items like Raven's Flock. The patch is scheduled for release on May 29, 2026, with a showcase at Exilecon in November.

Tech Optimizer

May 7, 2026

Bitdefender Is the Antivirus IT People Actually Install

Bitdefender is a well-regarded cybersecurity software known for its high detection rates and low impact on system performance. Its consumer plans are currently offered at a 50% discount for the first year, including Antivirus Plus, Total Security, and Premium Security. Each plan provides varying levels of protection and features, such as malware defense, password management, and unlimited VPN access. The software operates unobtrusively in the background, ensuring minimal disruption to users. Bitdefender's performance is consistently rated highly in independent tests, maintaining system efficiency during use. Customer feedback emphasizes confidence and reliability in the software. The current pricing for the plans, after the discount, starts at .99 for Antivirus Plus, .99 for Total Security, and .99 for Premium Security.

Tech Optimizer

May 7, 2026

What Is Endpoint Detection and Response?

Traditional endpoint security measures, such as antivirus software and firewalls, are increasingly ineffective against sophisticated cyberattacks, which can bypass these defenses. Endpoint Detection and Response (EDR) is a solution that emphasizes rapid detection and containment of threats, continuously monitoring endpoint activity and identifying suspicious behavior in real time. EDR platforms gather data from all connected endpoints and utilize AI-driven analytics to detect both known and unknown threats. In 2024, over 97 billion exploitation attempts were recorded, underscoring the need for robust endpoint protection. EDR tools operate in four stages: detection, containment, investigation, and elimination of threats. They collect telemetry data from endpoints to establish a baseline of normal activity, enabling the identification of anomalies that may indicate a threat. EDR can automatically isolate affected endpoints, terminate malicious processes, and execute remediation actions. EDR employs two methods for threat detection: comparing endpoint activity against indicators of compromise for known threats and using behavioral detection models for unknown threats. The system can generate reports on threat activity and response effectiveness, aiding compliance and operational decision-making. The telemetry data collected is stored in a centralized repository, supporting threat-hunting initiatives. Organizations that deployed EDR in 2024 experienced an average breach cost that was significantly lower than those that did not. EDR minimizes security blind spots, reduces the attack surface by identifying vulnerabilities, speeds up investigations and responses, blocks new threats through behavioral analysis, and strengthens other security measures when integrated with existing tools. Challenges in EDR implementation include alert fatigue, integration complexity, resource constraints, and limited scope. When choosing an EDR solution, organizations should prioritize features such as real-time threat detection, automated response capabilities, behavioral analysis, offline protection, low performance impact, and integration with existing tools. EDR functions effectively as part of a layered security strategy, complementing other tools like Endpoint Protection Platforms (EPP) and Extended Detection and Response (XDR). EDR focuses on endpoint activity, while EPP serves as a first line of defense against common threats, and XDR broadens the scope to include network traffic and cloud workloads. VPNs encrypt network traffic, providing an additional layer of protection for data in transit.

Winsage

May 6, 2026

Defender Misflags DigiCert Root Certificates, Breaking Windows SSL Trust

On April 30, 2026, Microsoft Defender misclassified two legitimate DigiCert root certificates as a severe threat, specifically Trojan:Win32/Cerdigent.A!dha, leading to their quarantine and disrupting SSL/TLS validation across affected endpoints. This misclassification was a result of new malware detections introduced by Microsoft in response to concerns over compromised certificates from a DigiCert breach. The false-positive alerts were triggered by the registry entries of the two trusted root certificates, which are crucial for validating SSL/TLS sessions. Microsoft later acknowledged the error and adjusted the alert logic. There was no actual compromise of the DigiCert certificates, as administrators confirmed that the certificate hashes matched the official values. The misclassification stemmed from a failure to properly constrain the detection to only revoked end-entity signing certificates related to a separate incident. This incident follows a pattern of Microsoft Defender misidentifying legitimate software as malicious, as seen in a 2022 incident where Microsoft Office was flagged as a virus. Organizations with restrictive update policies may continue to face SSL/TLS validation failures until they deploy the corrective Security Intelligence version or manually restore the DigiCert roots.

AppWizard

May 6, 2026

Google just gave me the best reason ever to uninstall Chrome

Google has installed a 4GB AI model called Gemini Nano on users' computers without their explicit consent. This model enhances user experience with features like "Help me write," AI-assisted browsing, and scam detection, but was integrated without prior notification to users. The AI scam detection features have been available on Android and desktop platforms for some time. The deployment of the Nano model has raised concerns about user autonomy and trust, as it was done without user consultation or approval.

AppWizard

May 6, 2026

Android Apps Get Public Verification System to Stop Supply Chain Attacks

Google has launched an enhanced Binary Transparency initiative for Android to strengthen the ecosystem against supply chain attacks. This initiative builds on the Pixel Binary Transparency framework introduced in October 2021, which ensures Pixel devices operate on verified OS software through a public cryptographic log of factory images. The new initiative aims to address the increasing sophistication of binary supply chain attacks, emphasizing that a binary's digital signature alone is insufficient for guaranteeing its authenticity. Starting May 1, 2026, all production Android applications released by Google will include a cryptographic entry confirming their authenticity. This initiative covers various Google applications and provides a transparent 'Source of Truth' for users to verify the software on their devices. Google is also offering verification tools for users and researchers to confirm the transparency state of supported software types, enhancing user privacy and security.

Tech Optimizer

May 5, 2026

Open Source Tamper-Proof Database Adds Immutable Audit Logging and Expands PostgreSQL Compatibility

Codenotary has released immudb 1.11, an open-source database that enhances immutable audit logging and compatibility with PostgreSQL. This version features integrated audit logging that captures database activities in a tamper-proof manner, eliminating the need for external logging systems. It allows organizations to create unalterable audit trails, streamline compliance processes, and maintain a reliable history of data interactions. Immudb 1.11 is compatible with existing PostgreSQL code, enabling seamless integration with various applications and tools. The database is particularly beneficial for sectors requiring trust and accountability, such as finance, software development, cybersecurity, regulated industries, AI systems, and supply chain management. Immudb has over 50 million downloads and supports a zero-trust approach to data management. The open-source version is available on GitHub.

AppWizard

May 5, 2026

New dark fantasy tactical RPG Prelude Dark Pain is scratching my Mewgenics itch in all the right ways

A father sends his daughter into an escape tunnel for safety as enemy forces approach, while he prepares to confront a commander. In the game "Prelude: Dark Pain," players engage in tactical turn-based RPG combat, controlling Soren, a blacksmith whose wife has been abducted. Players traverse an overworld map, engaging in grid-based battles with a squad of four characters, each with unique abilities. The game features various mechanics, including character-specific skills and strategic positioning for enhanced damage. It is set to launch on Steam Early Access in the third quarter of 2026, offering approximately 15 hours of gameplay and introducing nine heroes with 63 skills. The final version will include all acts of the story, over 20 heroes, 20 factions, 70 enemy types, and a crafting system.

Tech Optimizer

May 5, 2026

The best mobile antivirus software of 2026: Expert tested and reviewed

Bitdefender Mobile Security is currently regarded as the best mobile antivirus software, achieving a 100% detection rate for malware on Android devices according to AV-TEST's August 2025 report. The 2026 version introduces App Anomaly Detection and includes features like Scam Alert and anti-theft tools. Sophos Intercept X for Mobile offers a free version with a perfect score in AV-TEST's comparisons and features such as multi-factor authentication and a Privacy Advisor. Surfshark Antivirus, part of the Surfshark One package, scored six out of six in AV-TEST's evaluations and includes various security tools, but is only available for Android, macOS, and Windows. Avast Mobile Security is a popular free option with robust features and achieved perfect scores in protection and usability in AV-TEST's September-October 2025 report. AVG Antivirus, operating on the same engine as Avast, also detected 100% of malware in AV-TEST's March-April 2025 evaluations and includes anti-theft tools.

Tech Optimizer

May 4, 2026

Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, leading to their removal from Windows systems globally. This issue arose after a Defender signature update on April 30th, with affected certificates including 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 and DDFB16CD4931C973A2037D3FC83A4D7D775D05E4. The certificates were removed from the AuthRoot store under the Registry key HKLMSOFTWAREMicrosoftSystemCertificatesAuthRootCertificates. Microsoft has addressed the issue in Security Intelligence update version 1.449.430.0, which also restored the removed certificates. The false positives were linked to detections related to a recent DigiCert breach, where threat actors obtained valid code-signing certificates used for signing malware. DigiCert revoked 60 code-signing certificates, including those linked to the "Zhong Stealer" malware campaign. The malware utilized certificates issued to companies like Lenovo and Kingston, but the certificates flagged by Microsoft Defender are root certificates and do not correspond to the revoked code-signing certificates.