Cloud Archives

Tech Optimizer

May 4, 2026

Wiz ZeroDay.Cloud Event Reveals 20-Year-Old PostgreSQL Vulnerabilities

Cybersecurity researchers at Wiz’s ZeroDay.Cloud event in London exploited two significant vulnerabilities in PostgreSQL, tracked as CVE-2026-2005 and CVE-2026-2006, which were disclosed on May 4, 2026. The vulnerabilities were found in the pgcrypto extension, affecting public-key decryption and symmetric decryption functions. CVE-2026-2005 allows privilege escalation via a buffer overflow during public-key decryption, while CVE-2026-2006 enables attackers to corrupt memory through inadequate checks in symmetric decryption. PostgreSQL has released patches for these vulnerabilities across versions 14.21 to 18.2, and MariaDB addressed a related issue in versions 11.4.10 and 11.8.6. Database administrators are advised to apply updates and audit logs for suspicious activity.

Winsage

May 4, 2026

Microsoft confirms April Windows updates cause backup failures

Microsoft has acknowledged that the April 2026 security updates have disrupted the functionality of various third-party backup applications using the psmounterex.sys driver, raising concerns among users. The issue primarily affects software leveraging the Volume Shadow Copy Service (VSS) snapshots, leading to failures due to VSS service timeouts. Notable impacted products include Macrium Reflect, Acronis Cyber Protect Cloud, UrBackup Server, and NinjaOne Backup, used on Windows 11, Windows Server, and Windows 10 devices. Disruptions can manifest as failures to mount backup image files, errors or timeouts when browsing or restoring from backup images, and error messages related to VSS timeouts. Microsoft updated its support documentation to clarify that the April updates included a security hardening change that added psmounterex.sys to the vulnerable driver blocklist to protect against a high-severity buffer overflow vulnerability (CVE-2023-43896). Affected users are advised to upgrade to newer application versions with updated drivers and not to uninstall or pause the security update. Users can check if the Microsoft Vulnerable Driver Blocklist is blocking a driver by looking for Event ID 3077 in the Code Integrity Operational log. Additionally, Microsoft has alerted users that some Windows Server 2025 devices may boot into BitLocker recovery mode after installing the KB5082063 update and has issued out-of-band updates to address installation failures and restart loops affecting Windows Server systems after the April 2026 updates.

AppWizard

May 4, 2026

Two More ‘Day One’ Game Pass Titles Quietly Announced For 2026

Two new titles will join Xbox Game Pass in 2026: 1. Corsair Cove (PC, TBD 2026) - A city-builder set during the Golden Age of Piracy, where players battle against pirate hunters and manage a pirate haven. The exact release date is not specified but is confirmed for later this year. 2. Mariachi Legends (Xbox Series X, S, PC, Cloud, Q4 2026) - A pixel art Metroidvania game featuring intense combat in Mexico, where players control Pablo Cruz, a detective who can transform into La Sombra to fight evil. Both games will be available on day one through Xbox Game Pass.

Tech Optimizer

May 4, 2026

Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, leading to their removal from Windows systems globally. This issue arose after a Defender signature update on April 30th, with affected certificates including 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 and DDFB16CD4931C973A2037D3FC83A4D7D775D05E4. The certificates were removed from the AuthRoot store under the Registry key HKLMSOFTWAREMicrosoftSystemCertificatesAuthRootCertificates. Microsoft has addressed the issue in Security Intelligence update version 1.449.430.0, which also restored the removed certificates. The false positives were linked to detections related to a recent DigiCert breach, where threat actors obtained valid code-signing certificates used for signing malware. DigiCert revoked 60 code-signing certificates, including those linked to the "Zhong Stealer" malware campaign. The malware utilized certificates issued to companies like Lenovo and Kingston, but the certificates flagged by Microsoft Defender are root certificates and do not correspond to the revoked code-signing certificates.

Winsage

May 3, 2026

After testing LAP Photo Manager on Windows 11, I’m convinced it outperforms the built‑in Photos app in all the ways that matter

Lap is a free and open-source photo management application for Windows 11 (and 10), macOS, and Linux, designed for local photo libraries. It offers a modern interface, built-in editing tools, and supports various image and video formats, including RAW and HEIC. Lap allows users to manage extensive photo collections efficiently, with features like duplicate file detection and local AI capabilities such as natural language search and facial recognition. The app is available for download from its GitHub releases page and may trigger a SmartScreen warning during installation. It operates without requiring account setup or cloud configuration.

AppWizard

May 3, 2026

New World of Warcraft Midnight update throws Hunters an essential lifeline, with Warriors and Shamans also on the rise

Blizzard is releasing a World of Warcraft Midnight class tuning update that includes significant buffs for Marksmanship Hunters, doubling the damage of Explosive Shot and Steady Shot, and increasing Rapid Fire by 20%. Warriors will receive various damage boosts, including 20% for Execute and 50% for Ground Current. Unholy Death Knights will face damage nerfs, while Frost Death Knights will gain a 5% damage increase. Devourer Demon Hunters will see a 3% damage reduction, and Guardian Druids will experience reduced burst potential but increased damage for Thrash. Augmentation Evokers will have a 5% reduction in ability and pet damage. Paladins will benefit from a 15% healing increase for Holy Paladins and a 10% armor increase for Protection Paladins. Discipline Priests will see a slight adjustment to Atonement mechanics, while Holy Priests will receive a 6% healing boost. Outlaw and Subtlety Rogues will enjoy damage increases of 5% and 7%, respectively. Enhancement Shamans will receive a 5% boost to ability damage and a 10% increase to auto attacks. Affliction Warlocks will benefit from a 20% damage increase on Unstable Affliction and Corruption. In PvP, player health will be increased to slow down combat pace. Significant nerfs are also planned for the Alleria encounter in the Mythic Voidspire raid, including a 5% health reduction and an extended berserk timer. The update will launch with the weekly maintenance on May 5.

Winsage

May 1, 2026

Windows 11’s April update is now breaking third-party backup apps

Microsoft rolled out update KB5083769 for Windows 11 to enhance security, but users have reported issues such as BitLocker lockouts, boot loops, and problems with Remote Desktop functionality. The update is causing compatibility problems with third-party backup applications, including Acronis Cyber Protect Cloud, Macrium Reflect, NinjaOne Backup, and UrBackup Server, due to a bug in the Volume Shadow Copy Service (VSS). Users experiencing backup failures are advised to uninstall update KB5083769 as a temporary solution until Microsoft releases a patch. The timeline for resolving these issues is currently unclear.

AppWizard

May 1, 2026

Google flips the script, reportedly considers putting ads in Gemini app

Philipp Schindler, Google's chief business officer, indicated during Alphabet's earnings call that the company is revisiting the possibility of integrating advertisements into the Gemini platform as it explores new advertising formats for its AI Mode. Discussions about incorporating ads into Gemini first emerged in late 2025 but were previously dismissed. While there are ongoing discussions about ad integration, Ginny Marvin, Google Ads product liaison, stated that there are currently no ads in the Gemini app and no plans to change that. Alphabet reported .9 billion in revenue, a 22% increase year-over-year, with the success of Gemini contributing to growth in Search, Cloud, and subscription services.

Tech Optimizer

May 1, 2026

Ghost: A Database for Our Times?

Ghost, developed by ghost.build, is an "agent-first" Postgres database platform designed for AI-related applications, allowing developers and AI agents to create, fork, inspect, query, manipulate, and delete databases easily. It is free to use and hosted on Ghost’s Cloud infrastructure, making it suitable for testing, prototyping, and disposable database environments. Users can create databases on demand, execute SQL queries, and discard them when finished, contrasting with traditional managed databases. Ghost integrates with AI tools like Codex and Claude Code, providing direct database management capabilities through its MCP server. To install Ghost, users need a supported coding agent and a GitHub account. Installation commands differ for Linux, macOS, and Windows. After installation, users can verify the Ghost MCP server and interact with it through their coding agents. Examples of using Ghost include creating a sales data database, utilizing Ghost CLI commands, and experimenting with databases through AI agents. Ghost allows for rapid database manipulation and is ideal for proofs of concept and experimentation, although caution is advised before using it for production data.

Winsage

May 1, 2026

April KB5083769 Windows 11 update causes backup software failures

The KB5083769 security update released in April 2026 has disrupted the functionality of various third-party backup applications on Windows 11 versions 24H2 and 25H2, primarily due to issues with the Volume Shadow Copy Service (VSS). Affected applications include Acronis Cyber Protect Cloud, Macrium Reflect, NinjaOne Backup, and UrBackup Server. Users have reported receiving an error message indicating that backups have failed due to VSS timeouts. Acronis has acknowledged the issue, stating it affects both Windows 11 Pro and Home editions, and warns of potential broader system issues. A temporary solution involves uninstalling the KB5083769 update or pausing Windows updates. Additionally, Microsoft has issued out-of-band updates for critical issues affecting Windows Server systems and warned that some Windows Server 2025 devices may encounter BitLocker recovery prompts after installing the KB5082063 update.