North Korean hackers targeted ethnic Koreans in China with a malware disguised as a popular Android mobile game called BirdCall, allowing them to steal personal data from victims.
Beginning in May 2026, Microsoft will introduce Hotpatching as a default feature for compatible systems, allowing security updates to be applied without requiring a restart. Hotpatching updates code directly in the memory of running processes, enabling selective updates without interrupting the entire system. It does not replace monthly security updates but alters their activation process on eligible systems, categorized as security updates within the monthly B releases. Eligible systems must be running Windows 11 version 24H2 or newer and possess suitable licenses such as Enterprise, Education, Microsoft 365, or Windows 365. Management of these updates will be facilitated through Windows Autopatch or Microsoft Intune. Microsoft will continue to utilize baseline updates that require a restart, which will alternate with Hotpatch months. Hotpatching aims to reduce the frequency of restarts tied to security updates, particularly benefiting environments where uptime is critical. However, planned restarts will still be necessary, and robust telemetry and maintenance practices will be needed to ensure smooth operation.
The Pixel Launcher is built on three foundational features: visual consistency through Material You, simplicity with a minimalistic interface, and fluidity with smooth animations. However, it has limited customization options compared to other launchers. Lawnchair is an open-source project that enhances the Pixel experience by restoring customization options removed by Google, such as hiding widgets, supporting icon packs, and allowing user-defined grid layouts. Lawnchair maintains a clean interface while offering extensive control over app visibility and layout, effectively addressing the limitations of the Pixel Launcher. Lawnchair 15 provides a refined version of the Pixel experience, making it accessible to users of non-Pixel devices.
The April 2026 Steam survey results show that the NVIDIA GeForce RTX 3060 with 8GB of VRAM remains the most common discrete graphics card among users. Approximately 25% of Windows users are utilizing Microsoft's Extended Security Updates (ESU) program as Windows 10 nears its End-of-Life phase. The usage of Linux and macOS has slightly decreased, with Arch Linux identified as the leading distribution for Valve's SteamOS. Despite Microsoft's recommendation for 32GB of RAM, 16GB is still the most prevalent configuration among users.
Microsoft has acknowledged that some Windows 11 updates may require multiple reboots, particularly those related to Secure Boot certificates, which are essential for system security. These updates aim to protect against malware, especially rootkits, and ensure the effective functioning of Secure Boot. Some users have faced difficulties in receiving the new certificates due to firmware issues, but multiple reboots typically indicate that necessary security enhancements are being applied.
Google is rolling out the May 2026 software update for all supported Pixel devices running Android 16, which includes the Pixel 7a, Pixel 8 series, Pixel 8a, Pixel 9 series, Pixel 9a, Pixel 10 series, Pixel Tablet, and Pixel Fold, under the build number CP1A.260505.005. The update addresses known issues and brings enhancements to the devices listed. However, for Pixel 10, 10 Pro, 10 Pro XL, and 10 Pro Fold users, the update includes a bootloader change that prevents rolling back to previous versions of the bootloader after installation.
The Google Home app will receive a significant update in Spring 2026, focusing on enhanced performance and a more intuitive interface. The update will improve smart camera functionality, allowing cameras to work together for a clearer understanding of home events, and will feature a revamped event details page for easier navigation of recorded footage. Google Home Premium users will receive Gemini-generated event descriptions for older Nest cameras, and the camera settings menu will be simplified. The voice assistant will be upgraded to Gemini 3.1, improving reasoning capabilities for complex commands. Additionally, a new "Ask Home on Web" feature will enable users to manage devices and automations from their desktops. Privacy considerations regarding AI-generated summaries of home footage will also be a factor for users.
Upon installing the April 2026 Patch Tuesday update, some users experienced two or three reboots, which Microsoft confirmed is intentional due to the installation of Secure Boot 2023 certificates. This behavior is expected for a limited number of devices and is part of the Secure Boot update process. The Secure Boot certificates are replacing older ones issued in 2011, set to expire in June 2026. Users can check their Secure Boot status in the Windows Security app, which indicates the status with green, yellow, or red badges. A green badge means the system is up to date, while yellow and red badges indicate issues with certificate updates. Microsoft is managing Secure Boot certificates on modern PCs, but older machines without OEM support may struggle to receive updates due to firmware limitations.
After the installation of the optional April 2026 update, users may experience multiple restarts of their PCs, which is normal due to the Secure Boot certificate refresh process. This behavior may also occur with future updates as Microsoft implements Secure Boot certificate refreshes. Windows updates typically require a single reboot, but significant feature updates or firmware and driver updates may necessitate two or three reboots. Many Windows devices manufactured before 2024 have outdated Secure Boot certificates that need updating, as these certificates will expire in June 2026. Microsoft began rolling out updated Secure Boot certificates in March, but this rollout is staggered. Users can check their PC's Secure Boot certificate status in Windows Security under "Device security." The status is indicated by colored icons: green (up to date), yellow (update pending), and red (action required). Older devices may face issues with the certificate refresh if they lack up-to-date firmware or compatible BIOS updates. If Windows reports an error, the device manufacturer is typically responsible for resolving it. Users should verify that Secure Boot certificates were installed correctly after updates to ensure continued secure booting beyond June.
Meta has enhanced the security and transparency of its end-to-end encrypted backup system for WhatsApp and Messenger. The improvements focus on refining the distribution and verification of encryption keys, and allow for independent audits of certain infrastructure components. The updates are based on Meta's Hardware Security Module (HSM)-based Backup Key Vault architecture, which securely stores recovery secrets in tamper-resistant hardware, ensuring that neither Meta nor cloud service providers can access users' message archives.
For encrypted backups, users' devices generate a 256-bit encryption key locally, which encrypts all backup data before uploading it to cloud storage. The key remains on the device in an encrypted format, with the user's password not visible to Meta or third parties. An encrypted version of the backup key is stored in the HSM-based vault using the OPAQUE password-authenticated key exchange protocol, enhancing recovery security without revealing the password.
The recent updates include an over-the-air (OTA) fleet key distribution mechanism, which avoids hardcoding trusted infrastructure keys into Messenger applications. Clients receive a “validation bundle” containing the HSM fleet's public keys during runtime, with signatures verified against Cloudflare’s Key Transparency system. The vault operates across at least seven data centers using majority-consensus replication to ensure availability and integrity.
Meta plans to publish cryptographic proof of each new HSM fleet deployment, allowing advanced users and researchers to verify these deployments through the open-source “mbt” (Meta Binary Transparency) CLI tool, which conducts multiple checks to confirm that fleet keys are untampered.
