data Archives

Tech Optimizer

May 21, 2026

Nvidia tells users to update GPU drivers now or face possible attack — here’s what we know

NVIDIA has released an update to its GPU display drivers that addresses 14 vulnerabilities across its product lines, including GeForce, RTX, Quadro, Tesla, NVS, vGPU, and Cloud Gaming software. The most critical vulnerability is CVE‑2026‑24187, a high-severity use-after-free bug rated 8.8 out of 10, which could allow code execution, privilege escalation, data theft, or system crashes. Linux systems are vulnerable due to improper access to GPU resources at the kernel level, while Windows systems are at risk from a timing flaw. Two vulnerabilities in NVIDIA’s Unified Virtual Memory subsystem on Linux could lead to denial-of-service attacks without elevated permissions. The vGPU software also received patches for vulnerabilities in its virtual GPU manager component. Users can download the updated drivers from the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal, with Windows users needing version 569.49 or newer and Linux users needing version 590.48.01. Users are advised to maintain their antivirus programs for enhanced security. NVIDIA thanked external security researchers for their responsible disclosure of these vulnerabilities.

Tech Optimizer

May 21, 2026

What the Tech: Antivirus Software for Smartphone

Many users believe that smartphones need antivirus software, similar to computers. However, most users can navigate their mobile experience without it due to built-in security features in operating systems like iOS and Android, which include regular updates, app store security, and user awareness. Antivirus apps may be necessary for users who download apps from third-party sources or engage in risky online behavior. The decision to install antivirus software should depend on individual usage patterns and risk tolerance.

AppWizard

May 21, 2026

Google expands AI Studio with Android & cloud tools

Google has expanded its AI Studio with new app-building and deployment features, including seamless integration with Google Workspace, allowing developers to create dashboards and applications using data from Google Sheets and Drive. A direct export feature to Google Antigravity has been introduced for local development, enabling teams to export conversation history and project files. New visual design capabilities include automatic image generation through Nano Banana and the ability to edit app previews directly within the platform. A mobile app for AI Studio is available for pre-registration, allowing users to build and preview apps on smartphones. AI Studio now supports direct creation of native Android applications, generating Kotlin code and providing a browser-based emulator. Users can connect to a Google Play Developer account for easy app publishing. New users can deploy their first two apps to Google Cloud for free, while existing users benefit from the Cloud Run Free Tier.

AppWizard

May 21, 2026

Google AI Studio now builds Android apps from simple prompts

Google has expanded its AI Studio with new features for building native Android applications. Users can now generate production-ready Kotlin code within the "Build" tab by entering prompts, and a browser-based Android emulator allows for instant previews. A one-click publishing feature enables direct submission to Google Play’s Internal Test Track. The platform now integrates with Google Sheets and Google Drive for creating custom dashboards and applications. A new export feature facilitates the transition from cloud to local environments, ensuring smooth transfers of project files and API secrets. Automatic design tools include an AI agent for generating custom interface images, and users can make real-time visual adjustments. New creators can deploy their first two applications to Google Cloud via the Cloud Run Free Tier at no cost. Additionally, a mobile app for AI Studio is in pre-registration, allowing developers to work on application builds from their smartphones.

Tech Optimizer

May 21, 2026

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal has announced critical security updates for a vulnerability in Drupal Core, identified as CVE-2026-9082, which allows attackers to execute remote code, escalate privileges, or disclose sensitive information. The vulnerability has a CVSS score of 6.5 and affects only sites using PostgreSQL databases. It can be exploited by anonymous users and is rooted in a database abstraction API used for query validation and SQL injection prevention. Updates have been released for the following versions: - Drupal 11.3.10 - Drupal 11.2.12 - Drupal 11.1.10 - Drupal 10.6.9 - Drupal 10.5.10 - Drupal 10.4.10 Drupal 7 is not impacted by this vulnerability. Users on unsupported versions 9 and 8 can access manual patches for: - Drupal 9.5 - Drupal 8.9 Drupal has stated that versions 11.1.x, 11.0.x, and 10.4.x and below are end-of-life and do not receive security coverage, and that both Drupal 8 and 9 have reached end-of-life status. Patches for unsupported versions are provided as a best effort, but users should be aware of potential other vulnerabilities.

Tech Optimizer

May 21, 2026

PostgreSQL Flaws Expose Databases to Remote Code Execution and SQL Injection

PostgreSQL has released versions 18.4, 17.10, 16.14, 15.18, and 14.23 to address 11 security vulnerabilities and over 60 bugs. The vulnerabilities affect PostgreSQL versions 14 through 18 and include issues such as remote code execution, SQL injection, and denial-of-service risks. Specific vulnerabilities include: - CVE-2026-6472: Missing authorization in CREATE TYPE allows query hijacking. - CVE-2026-6473: Integer wraparound leads to out-of-bounds writes and server crashes. - CVE-2026-6474: Format string issue leaks server memory. - CVE-2026-6475: Symlink attack allows overwriting arbitrary files. - CVE-2026-6476: SQL injection allows execution of arbitrary SQL as superuser. - CVE-2026-6477: Memory buffer overwrite via libpq lo_* functions. - CVE-2026-6478: Timing attack exposes MD5-hashed passwords. - CVE-2026-6479: SSL/GSS recursion flaw allows denial-of-service. - CVE-2026-6575: Buffer over-read leaks memory data (PostgreSQL 18 only). - CVE-2026-6637: Refint module enables stack overflow and SQL injection, leading to possible RCE. - CVE-2026-6638: SQL injection in REFRESH PUBLICATION via table names. Organizations are advised to upgrade to the latest versions, avoid MD5 password authentication, restrict privileges, audit extensions, and monitor for abnormal activity. PostgreSQL 14 will reach its end-of-life on November 12, 2026.

AppWizard

May 21, 2026

Google Health 5.0 rolling out with new stats widget on Android

Google Health has started rolling out version 5.0 of the Fitbit app for Android devices, introducing a new homescreen Quick Access Widget that replaces the previous Steps widget. This widget can display up to six different metrics simultaneously and allows users to customize their interface by removing certain elements. It includes a heart icon for direct app access, quick navigation to the Health Coach feature, and indicates the last update time. The update also features a new Google Health icon, phasing out Fitbit branding for software, while Fitbit branding remains for hardware. Version 5.0 is necessary for setting up the upcoming Fitbit Air, with the rollout starting on May 19 and expected to be fully available by May 26.

AppWizard

May 21, 2026

Binance’s Android app privacy fight is back in the spotlight

Binance is facing scrutiny regarding the data collection practices of its Android app, which some users believe functions more as a data collection tool than a trading platform. Concerns have been raised about the app's extensive permissions and tracking capabilities, with a report indicating the presence of numerous tracking components, including SDKs from TikTok and WeChat, and over 50 system permissions. Binance's privacy portal states that data is collected for account management, security, marketing, fraud prevention, and legal compliance. Despite this, there are questions about whether the data collection practices are proportionate to the app's intended functions. Binance has a history of legal issues, including a guilty plea in November 2023 that resulted in a .32 billion penalty for anti-money laundering violations. The exchange claims to tailor its privacy framework to regional regulations, but user concerns about the app's tracking capabilities persist. As of early 2026, Binance has over 300 million registered users, making any privacy-related disputes potentially impactful. The ongoing scrutiny may lead to gradual adjustments in Binance's practices rather than a complete overhaul.

AppWizard

May 20, 2026

Google adds Android app generation and Managed Agents to Gemini developer tools

Google unveiled enhancements to its Gemini technology at the I/O 2026 event, introducing new developer tools in AI Studio and the Gemini API. Key features include the ability to generate native Android applications directly from AI Studio, which produces Kotlin code using Jetpack Compose patterns and supports hardware features like camera and GPS. The platform includes an embedded Android Emulator and allows direct publishing to the Google Play Console while adhering to Google Play's quality standards. Additionally, Google introduced Antigravity 2.0, an agent-first development platform with a revamped desktop application and SDK for custom workflows. Projects from AI Studio can be exported to Antigravity for local development. The Managed Agents feature in the Gemini API enables developers to create agents with a single API call, allowing them to reason and execute code in a secure Linux environment. This feature is available in Public Preview and simplifies infrastructure tasks for production-grade agents. Custom agents can be defined and registered, with Google encouraging developers to create their own managed agents.

Winsage

May 20, 2026

Windows multi-monitor HDR bug: Why do your displays share the wrong calibration?

Windows has a bug that affects HDR calibration for multi-monitor setups, causing incorrect peak brightness data to be applied across different displays. This results in distorted colors and highlights, particularly impacting gaming experiences where games draw settings from Windows. The issue is suspected to be triggered by the device entering standby mode, waking from sleep, or physically swapping display cables. Microsoft has not officially recognized or fixed this problem, leaving users to manually check their display profiles or restart their systems as a workaround.