command Archives

Tech Optimizer

June 23, 2026

Active Exploitation of Critical CVE-2026-20253 in Splunk Enterprise: Unauthenticated RCE via PostgreSQL Sidecar Service

A critical security vulnerability, SVD-2026-0603 (CVE-2026-20253), has been identified in Splunk Enterprise versions 10.0.0 through 10.0.6 and 10.2.0 through 10.2.3. This flaw allows unauthenticated, remote attackers to create or truncate arbitrary files on the host system by exploiting the PostgreSQL Sidecar Service endpoints. The vulnerability is actively exploited, with public proof-of-concept code available, and has been added to the CISA Known Exploited Vulnerabilities (KEV) list. Successful exploitation can lead to full remote code execution (RCE) as the Splunk user. The vulnerability arises from inadequate authentication controls on the PostgreSQL Sidecar Service endpoints, specifically /v1/postgres/recovery/backup and /v1/postgres/recovery/restore, which are accessible without authentication. It is classified under CWE-306: Missing Authentication for Critical Function and has a CVSS v3.1 base score of 9.8 (Critical). Attackers can exploit the vulnerability by sending crafted HTTP POST requests to the exposed endpoints, allowing them to create or truncate files and potentially execute malicious scripts. Indicators of compromise include unexpected files in directories such as /tmp/ or /opt/splunk/var/run/supervisor/pkg-run/, modified Splunk Python scripts, and unusual outbound connections from Splunk to unknown PostgreSQL servers. The vulnerability aligns with several MITRE ATT&CK techniques, including T1190 (Exploit Public-Facing Application) and T1059 (Command and Scripting Interpreter). Active exploitation of CVE-2026-20253 has been confirmed, and it is likely that both opportunistic cybercriminals and sophisticated threat actors will use this exploit. The affected versions of Splunk Enterprise are 10.2.0 through 10.2.3 and 10.0.0 through 10.0.6, with the issue resolved in versions 10.2.4 and 10.0.7. Organizations are advised to upgrade to fixed versions or disable the PostgreSQL Sidecar Service as a mitigation strategy.

Winsage

June 23, 2026

Tested: Microsoft just debloated Windows 11 Search without Bing, and it’s crazy fast

Windows 11 has introduced a significant enhancement to its Search functionality, allowing users to completely eliminate web results through a toggle in Insider Experimental build 26300.8697. This feature prioritizes local results and improves search speed. The new toggles for Web Searches and Microsoft Store apps can be found in the Privacy & security settings under "Show suggested search results." Users can still see past web searches if the Search history toggle is active. The web toggle's deactivation leads to local files being displayed first, while the Microsoft Store results can be toggled independently. Disabling both toggles results in a "No results found" message if there are no local matches. The feature is currently experimental and requires enabling via ViveTool. Additional improvements include typo forgiveness for app queries and enhanced search responsiveness. Microsoft is also shifting its strategy to provide users with more control over their Windows experience.

AppWizard

June 22, 2026

The Steam Machine is the start of an even more expensive future for game consoles

Valve's Steam Machine is priced at ,049 for the 512GB model and ,128 with a Steam Controller. The 2TB version costs ,349 or ,428 with the controller. In comparison, the 2TB Xbox Series X retails for 9.99, the PS5 Pro for 9.99, and the upcoming Switch 2 is expected to launch at 9.99. The Steam Machine offers access to Steam's extensive library of games and is positioned as a premium option in a market with rising hardware prices. Recent data shows a 46% decline in PS5 sales year-over-year, coinciding with a price increase to 9.99. Xbox is developing "Project Helix," a device between a console and a PC, but pricing concerns have led to a reevaluation of its vision.

Winsage

June 22, 2026

MSYS2 And The No-Fuss Way To Get More GNU Into Your Windows

The Windows desktop experience has a streamlined interface, but its command line interface (CLI) offerings, particularly the cmd.exe shell, have been criticized for lacking the features found in UNIX/BSD/Linux environments. Microsoft’s transition to PowerShell has disappointed users who prefer a more traditional CLI experience. Despite Windows NT operating systems being POSIX compliant, they have historically lacked a suitable shell. MSYS2 provides a solution by offering a Linux-like experience with a Bash shell and the pacman package manager, allowing users to run shell scripts and access various tools. However, binaries compiled in MSYS2 may depend on shared libraries not included in the Windows system path. Upon installation, users can choose from different terminal options, with the UCRT terminal recommended for its usability. MSYS2 facilitates a streamlined development workflow, enabling the use of familiar tools across multiple platforms, but it does not achieve perfect integration within Windows and has some limitations, such as issues with stdout output in Bash.

BetaBeacon

June 22, 2026

Scopely is Making a New Marvel Co-Op Gacha Action Game for Android, iOS

Marvel and Scopely are collaborating on a new co-op mobile game codenamed Project Comet, featuring action-packed gameplay, co-op modes, and gacha systems.

Winsage

June 22, 2026

I forced Windows 11’s CPU boost on a 10-year-old PC, and it feels surprisingly new

Windows 11 has introduced the Low Latency Profile to enhance the responsiveness of the Start menu, Search, and Action Center by rapidly increasing CPU frequency during user interactions. Testing on a Lenovo ThinkCentre M700 Mini Desktop with a 6th Generation Intel Core i3-6100 processor showed that the Low Latency Profile could be activated via the June 2026 Patch Tuesday update (KB5094126) and the third-party tool ViVeTool. Initially, no significant CPU frequency spike was observed, but after enabling the feature, the CPU frequency increased from approximately 800MHz to 3.0GHz and then to 3.7GHz almost instantaneously during interactions. This resulted in a marked improvement in the responsiveness of the Start menu and Action Center, with the latter showing the most significant enhancement. The Low Latency Profile effectively improved performance on older systems without adverse effects on battery life or thermal output.

Winsage

June 21, 2026

Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

Microsoft has confirmed the rollout of Windows 11 version 26H2, with build 26300.8697 now available for testing in the experimental Insider channel. This version will be delivered through an enablement package over the existing Windows 11 25H2. A key feature is the enhancement to the Search functionality, prioritizing local file search over web results, with the option to disable web suggestions in settings. Users can enable the new Search experience using feature IDs: 61267302, 61344081, 61482515, 61532758, 61760679, and ensuring ID 48433719 is enabled. Steps to enable the new Search functionality include downloading ViveTool, using Command Prompt to enable the relevant IDs, and restarting the computer. Users have reported improved responsiveness in the Search feature after disabling web search.

Tech Optimizer

June 20, 2026

PostgreSQL 18 on Amazon Aurora and Amazon RDS: Security, monitoring, and developer enhancements

PostgreSQL version 18 has deprecated MD5 password authentication in favor of SCRAM-SHA-256, with a new parameter, md5_password_warnings, enabled by default to log deprecation warnings. It has enhanced monitoring capabilities by adding columns to pg_stat_database and pg_stat_statements to track parallel worker activity, with the default max_parallel_workers_per_gather set to 0 in Aurora PostgreSQL. The pg_stat_subscription_stats view now includes new columns for tracking conflict types in logical replication. Optimizer statistics are automatically transferred during upgrades, while uuidv7() generates timestamp-ordered UUIDs. The default streaming option for CREATE SUBSCRIPTION has changed to parallel, and the idle_replication_slot_timeout parameter automatically invalidates inactive replication slots. Enhancements to the COPY command include REJECT_LIMIT for error tolerance and a silent LOG_VERBOSITY level. OLD and NEW aliases have been introduced in RETURNING clauses for various DML commands.

AppWizard

June 20, 2026

Rockstar Games Launcher 2026: 18.3M Players, GTA 6 PC Signals

As of January 2026, the Rockstar Games Launcher has 18.3 million monthly active users engaged with Grand Theft Auto V. A software update on March 31, 2026, introduced support for Windows 11 and various performance improvements. The anticipated launch of GTA 6 is scheduled for November 19, 2026. Since its launch in September 2019, the launcher has focused exclusively on Rockstar titles, facing competition from platforms like Steam and Epic Games Store. As of March 2026, GTA Online recorded 17.9 million players across major platforms, with 4.2 million daily active users. In 2026, PC players accounted for 42% of GTA V's global player base, translating to approximately 7.7 million monthly active PC players. The March 2026 update included enhancements such as an upgraded embedded browser and a new Discord Social SDK. Players in Brazil faced restrictions on purchasing through the launcher due to local consumer protection laws. The GTA+ subscription service had 878,284 active subscribers as of early 2026.

Tech Optimizer

June 20, 2026

PostgreSQL 18 on Amazon Aurora and Amazon RDS: Performance enhancements

PostgreSQL 18 addresses common performance challenges for users, including managing query performance across composite indexes, diagnosing memory spills in materialized Common Table Expressions (CTEs), and upgrading major versions without plan regressions. Key enhancements include skip scan optimization for multicolumn indexes, improved EXPLAIN functionality, and optimizer statistics that persist through major version upgrades. Skip scan optimization allows PostgreSQL to efficiently utilize multicolumn B-tree indexes even when leading columns are not specified in the WHERE clause, significantly improving query performance. The EXPLAIN command has been enhanced to include buffer statistics by default, providing deeper insights into query execution and resource usage. PostgreSQL 18 also introduces visibility into the storage of materialized nodes in query plans, indicating whether intermediate results were stored in memory or spilled to disk. A new metric, Index Searches, has been added to EXPLAIN ANALYZE output, indicating how many times the database traversed the index tree during query execution. Additionally, Self-Join Elimination (SJE) automatically detects and removes unnecessary inner joins of a table to itself, optimizing query performance. The autovacuum mechanism has been improved with the introduction of autovacuum_vacuum_max_threshold, which caps the number of dead tuples that can accumulate before autovacuum triggers a VACUUM, addressing issues with large tables. The vacuum_truncate parameter provides a server-wide control point to disable VACUUM’s file truncation behavior, reducing locking issues on busy systems. PostgreSQL 18 also separates the allocation of autovacuum worker slots from their usage, allowing for dynamic adjustments to autovacuum_max_workers without requiring a server restart. Finally, new columns in pg_stat_all_tables track cumulative time spent on maintenance operations, providing better insights into maintenance overhead for each table.