cybersecurity

Winsage
July 16, 2026
Approximately 16.9 percent of monitored Windows devices are still running Windows 10, a decline from about half a year ago. Windows 10 will receive updates until October 12, 2027, for consumer devices and until October 10, 2028, for commercial customers. Small and medium-sized businesses (SMBs) have 21.4 percent of their machines on Windows 10, with 23 percent in healthcare and pharmaceutical sectors and 22.7 percent in consumer and retail. A Windows 10 device has an average of 1,903 active Common Vulnerabilities and Exposures (CVEs), compared to 652 on Windows 11. Only 14 percent of Windows 10 assets have Extended Security Updates (ESU) patches applied. Many devices are tied to vendor certifications that complicate upgrades, and the rising cost of new PC hardware is a concern. The stagnation of Windows 11 adoption continues, with minimal change in market share distribution.
AppWizard
July 16, 2026
Max, a messaging application launched by VK in 2025 and endorsed by Russian President Vladimir Putin, was removed from Google’s Play marketplace on July 16, 2023. The app does not provide end-to-end encryption, raising concerns about government access to user communications. This removal is part of a trend affecting other VK-owned applications, coinciding with recent EU sanctions targeting VK Company and its subsidiary Communication Platform LLC, which oversees the Max app. The EU characterized Max as having extensive surveillance features used against critics of Russia's military actions in Ukraine. Apple also removed Max from its App Store in June without explanation. Max aims to be an all-encompassing platform for messaging, social media, digital identification, payments, banking, and government services, which critics say could enhance government monitoring of citizens. The Russian government has implemented strict measures against foreign social media platforms and previously enacted a ban on Telegram in 2026, which faced public backlash.
Winsage
July 16, 2026
Microsoft has released its July 2026 Patch Tuesday updates, addressing 570 new security vulnerabilities, bringing the total for the month to over 620. The cumulative count of vulnerabilities patched this year has reached 1,380, exceeding the total of 1,250 for the entire year of 2020. Over 400 vulnerabilities are related to various versions of Windows, and the Windows 10 Extended Security Update program has been extended until October 12, 2027. Notable vulnerabilities include CVE-2026-56155 in Active Directory Federation Services, which allows attackers to gain administrator rights, and several critical Remote Code Execution vulnerabilities, including CVE-2026-57092 in Hyper-V and CVE-2026-56190 in Remote Desktop Protocol. Microsoft has also patched 97 vulnerabilities in Office products, with 17 classified as critical RCE vulnerabilities, and four vulnerabilities in Exchange Server, including CVE-2026-55008. The latest Microsoft Edge update addresses 27 vulnerabilities related to Chromium, and a vulnerability in Minecraft Bedrock servers has been patched.
Winsage
July 15, 2026
Microsoft released its July Patch Tuesday updates, addressing 570 security vulnerabilities in Windows, a record number for the company. This update includes three zero-day vulnerabilities, two of which have been exploited in real-world attacks, affecting Microsoft’s Active Directory and SharePoint, while the third concerns BitLocker encryption. The update also enhances Windows features, including changes to the Widgets app, improvements in File Explorer speed, refined Bluetooth connectivity, and a new feature allowing users to pause updates until a specific date. However, the update has been temporarily halted for certain Dell computers due to compatibility issues, with Microsoft working on a fix.
Tech Optimizer
July 15, 2026
Cybersecurity firm ArcticWolf has identified 292 malicious GitHub repositories that impersonate legitimate software tools, part of a campaign to deliver a new variant of the BoryptGrab infostealer. This malware can extract sensitive information from 19 web browsers, 32 cryptocurrency wallets, messaging applications like Telegram and Discord, gaming platforms such as Steam, and Windows Credential Manager. It can also exfiltrate files from users' Desktop and Documents folders and capture screenshots. This variant bypasses Chrome’s App-Bound Encryption using direct code injection and does not include an anti-analysis layer or conceal itself, aiming to harvest data quickly without persistence. The malicious activity began in late June, with most repositories removed from GitHub, though several dozen remain active. GitHub's status as a key platform in the open-source community makes it a target for cybercriminals, emphasizing the need for developers to thoroughly vet code before integration.
Winsage
July 14, 2026
Microsoft's July 2026 security update addresses 622 vulnerabilities, with 57 classified as "critical." Two critical vulnerabilities, CVE-2026-56155 (Active Directory Federation Services) and CVE-2026-56164 (Microsoft SharePoint Server), have been exploited in the wild. The critical vulnerabilities include 48 remote code execution (RCE) vulnerabilities, seven elevation of privilege (EoP) vulnerabilities, one spoofing vulnerability, and one security feature bypass vulnerability. RCE vulnerabilities affect various Microsoft services, including Windows Media, Microsoft Office, and SQL Server, with eleven rated as "more likely" to be exploited. Additional important vulnerabilities include CVE-2026-49170, CVE-2026-49795, and CVE-2026-50325. Talos is releasing a new Snort ruleset to detect these vulnerabilities, and Cisco Security Firewall customers are advised to update their ruleset.
Tech Optimizer
July 13, 2026
The digital landscape is increasingly threatened by scams and cyberattacks, necessitating robust antivirus solutions for various devices. Modern antivirus software has evolved into comprehensive security suites that include features like VPNs, email protection, and dark web monitoring. Users must balance feature richness with system performance, as costs can vary significantly after initial promotional rates. The best antivirus software includes: - Bitdefender Premium: Rated 4.5/5, priced from £49.99 per year, known for strong performance and a comprehensive feature set but limited to a single device for the free version. - Surfshark One: Rated 4/5, priced from £1.99 per month, recognized for its user-friendly interface but lacking some central features. - Norton 360 Deluxe: Rated 4/5, priced from £29.99 per year, praised for excellent performance and light system impact, though its interface is less polished. - Avira Free Security: Rated 3/5, free option available, offers basic protection but prompts users to upgrade frequently. - Avast One: Rated 4/5, free option available, features a modular design but includes persistent upgrade prompts. Each antivirus package provides solid protection against cyber threats, with many offering free trials for evaluation.
Search