default Archives

Tech Optimizer

June 23, 2026

Active Exploitation of Critical CVE-2026-20253 in Splunk Enterprise: Unauthenticated RCE via PostgreSQL Sidecar Service

A critical security vulnerability, SVD-2026-0603 (CVE-2026-20253), has been identified in Splunk Enterprise versions 10.0.0 through 10.0.6 and 10.2.0 through 10.2.3. This flaw allows unauthenticated, remote attackers to create or truncate arbitrary files on the host system by exploiting the PostgreSQL Sidecar Service endpoints. The vulnerability is actively exploited, with public proof-of-concept code available, and has been added to the CISA Known Exploited Vulnerabilities (KEV) list. Successful exploitation can lead to full remote code execution (RCE) as the Splunk user. The vulnerability arises from inadequate authentication controls on the PostgreSQL Sidecar Service endpoints, specifically /v1/postgres/recovery/backup and /v1/postgres/recovery/restore, which are accessible without authentication. It is classified under CWE-306: Missing Authentication for Critical Function and has a CVSS v3.1 base score of 9.8 (Critical). Attackers can exploit the vulnerability by sending crafted HTTP POST requests to the exposed endpoints, allowing them to create or truncate files and potentially execute malicious scripts. Indicators of compromise include unexpected files in directories such as /tmp/ or /opt/splunk/var/run/supervisor/pkg-run/, modified Splunk Python scripts, and unusual outbound connections from Splunk to unknown PostgreSQL servers. The vulnerability aligns with several MITRE ATT&CK techniques, including T1190 (Exploit Public-Facing Application) and T1059 (Command and Scripting Interpreter). Active exploitation of CVE-2026-20253 has been confirmed, and it is likely that both opportunistic cybercriminals and sophisticated threat actors will use this exploit. The affected versions of Splunk Enterprise are 10.2.0 through 10.2.3 and 10.0.0 through 10.0.6, with the issue resolved in versions 10.2.4 and 10.0.7. Organizations are advised to upgrade to fixed versions or disable the PostgreSQL Sidecar Service as a mitigation strategy.

Winsage

June 23, 2026

Tested: Microsoft just debloated Windows 11 Search without Bing, and it’s crazy fast

Windows 11 has introduced a significant enhancement to its Search functionality, allowing users to completely eliminate web results through a toggle in Insider Experimental build 26300.8697. This feature prioritizes local results and improves search speed. The new toggles for Web Searches and Microsoft Store apps can be found in the Privacy & security settings under "Show suggested search results." Users can still see past web searches if the Search history toggle is active. The web toggle's deactivation leads to local files being displayed first, while the Microsoft Store results can be toggled independently. Disabling both toggles results in a "No results found" message if there are no local matches. The feature is currently experimental and requires enabling via ViveTool. Additional improvements include typo forgiveness for app queries and enhanced search responsiveness. Microsoft is also shifting its strategy to provide users with more control over their Windows experience.

AppWizard

June 22, 2026

The Steam Machine is the most ambitious game console I’ve ever played

The Steam Machine retails starting at ,049 without a gamepad and ,128 bundled with one. Its performance does not significantly exceed that of the 5.5-year-old PS5, which offers sharper visuals in certain games. The Steam Machine operates more like a console than previous iterations, featuring a compact design and compatibility with modern gamepads. Valve claims to sell its components at cost, having negotiated with suppliers during a memory supply crisis. Users have reported technical issues, such as problems with the Steam Controller, sound output, and game downloads. The device requires manual adjustments for settings, lacks user-friendly configurations, and has questionable reliability with its sleep function. Valve plans to support AMD’s FSR 4 upscaling and is working on graphics driver updates. The Steam Machine is positioned as a versatile gaming and computing solution, but its limitations highlight the need for further refinement.

Winsage

June 22, 2026

Microsoft says it’ll force install Microsoft 365 Copilot on Windows 11 with MS 365 Business in the next 30 days

Microsoft is reintroducing the Microsoft 365 Copilot app, which will automatically install on eligible Windows PCs with Microsoft 365 desktop applications between mid-June and mid-July. Users in the European Economic Area will not be affected by this automatic installation. Admins can opt out of the automatic integration. The app will be activated by default, requiring no user intervention. Microsoft is not using the Windows Store for this installation; instead, it relies on the built-in Microsoft 365 Apps updater. Users can disable Copilot features on a case-by-case basis in specific Office apps or change privacy settings to block Copilot functionalities. Microsoft has also made Classic plans available in select regions for users who want a version without Copilot. Administrators can use Office policy settings to block connected experiences that drive Copilot functionalities but must opt out through the Microsoft 365 Apps admin center to prevent installation.

AppWizard

June 21, 2026

The Useful Privacy Feature That Isn’t Enabled By Default On Your Android Phone

Private Space is a privacy feature available on Pixel and select Android devices, while Secure Folder is exclusive to Samsung devices. Both create a secure area within the smartphone for sensitive applications and data storage, operating independently from the primary user profile. Users can install apps and store files in these secure spaces without compromising their main profile's integrity. To activate Private Space, users navigate to Settings > Security and Privacy > Private Space, requiring a Google Account sign-in and a unique lock. For Samsung devices, the path is Settings > Security and Privacy > More Security Settings > Secure Folder, requiring a Samsung account. Private Space cannot be used on managed devices or with supervised accounts, and only the primary user can manage these secure areas. The Private Space or Secure Folder icon can be hidden for added security. The private area is distinctly separated from the core user profile, preventing open communication between the two spaces to safeguard against data harvesting. Android allows granular control over app permissions, and users are advised to isolate questionable apps within Private Space or Secure Folder to protect sensitive information.

AppWizard

June 21, 2026

I changed one Android 17 setting and made my Pixel home screen so much cleaner

Google Pixel phones have received an update that enhances home screen customization, allowing users to remove the At a Glance widget and eliminate app names for a cleaner aesthetic. The Android 17 update introduces five app icon styles and shapes, including a Minimal option that aligns icons with a color palette, and a Create option for custom designs with six styles. The Google Pixel 10 is highlighted as the ideal device to experience these features and future updates.

Winsage

June 21, 2026

I used Windows 11 exactly the way Microsoft wanted, and it drove me crazy

The author has customized Windows for years, resisting Microsoft's default settings by changing the default browser, decluttering the Start menu, and preventing OneDrive from managing files. Upon acquiring a new mini PC, the author decided to experience Windows 11 with the default settings, allowing OneDrive to manage files and using Windows Search without workarounds. This led to frustration as files saved locally were often stored in OneDrive-synced folders, making the Desktop feel cloud-based. The author also found Windows Search to be cluttered with mixed results and promotional content, which detracted from its utility. The overall experience felt less tailored to personal workflow and more aligned with Microsoft's ecosystem. After three days, the author reverted to their usual practices, adjusting defaults and decluttering the interface, leading to a more user-friendly environment that matched their preferences.

AppWizard

June 20, 2026

Google Messages Just Solved The Biggest Problem With Smart Replies

Google Messages has introduced a "Tap to draft" option within its Smart Replies feature, allowing users to review and edit suggested responses before sending them. This feature is part of app version 2026052200RC00 and can be enabled by updating to the latest version and adjusting settings in the app. Smart Replies use AI to generate quick response suggestions based on user interactions, while ensuring that no message content or data is transmitted to Google, thus maintaining user privacy.

Winsage

June 20, 2026

I used Windows 11 exactly the way Microsoft wanted, and it drove me crazy

The author customized their Windows experience by changing the default browser, decluttering the Start menu, and preventing OneDrive from managing their files. They recently set up Windows 11 on a new mini PC and initially allowed OneDrive to back up their files, which led to confusion about file locations. They found Windows Search frustrating, as it redirected them to Microsoft's web version despite choosing a different search provider. The author refrained from altering Microsoft's recommended defaults, which made the system feel more aligned with Microsoft's agenda rather than their own needs. After three days, they reverted to their usual practices to regain control over their Windows experience.

Tech Optimizer

June 20, 2026

PostgreSQL 18 on Amazon Aurora and Amazon RDS: Security, monitoring, and developer enhancements

PostgreSQL version 18 has deprecated MD5 password authentication in favor of SCRAM-SHA-256, with a new parameter, md5_password_warnings, enabled by default to log deprecation warnings. It has enhanced monitoring capabilities by adding columns to pg_stat_database and pg_stat_statements to track parallel worker activity, with the default max_parallel_workers_per_gather set to 0 in Aurora PostgreSQL. The pg_stat_subscription_stats view now includes new columns for tracking conflict types in logical replication. Optimizer statistics are automatically transferred during upgrades, while uuidv7() generates timestamp-ordered UUIDs. The default streaming option for CREATE SUBSCRIPTION has changed to parallel, and the idle_replication_slot_timeout parameter automatically invalidates inactive replication slots. Enhancements to the COPY command include REJECT_LIMIT for error tolerance and a silent LOG_VERBOSITY level. OLD and NEW aliases have been introduced in RETURNING clauses for various DML commands.