Operation Archives

Winsage

April 18, 2026

OWC MacDrive 12– One Solution for Complete Mac Disk Access on Windows

OWC has launched MacDrive 12, which allows Windows users to access various Mac formats such as HFS+, APFS, APFS Encrypted, SoftRAID, and Apple RAID through Windows Explorer. Key features include full read/write access to Mac formats, disk management tools for creating and repairing Mac disks, professional performance for demanding tasks, native integration with Windows, enterprise-grade security for encrypted volumes, RAID array support, and advanced APFS crash protection. Use cases include support for creative professionals, production companies, business users, IT administrators, data recovery specialists, and remote teams. MacDrive 12 will be available at the end of April for .99, with upgrade pricing for existing users at .99.

Winsage

April 18, 2026

RedSun: Windows 0day when Defender becomes the attacker

A vulnerability has been discovered in Windows Defender that allows standard users to exploit a logic error in the file remediation process, enabling code execution with elevated privileges without administrative access. This flaw, identified by security researcher Chaotic Eclipse, occurs because Windows Defender does not verify if the restoration location of flagged files has been altered through a junction point. The exploit, named RedSun, takes advantage of a missing validation in the MpSvc.dll file, allowing attackers to redirect file restoration to the C:WindowsSystem32 directory. RedSun operates by chaining together four legitimate Windows features: Opportunistic Locks (OPLOCKs), Cloud Files API, Volume Shadow Copy Service (VSS), and Junction Points. The execution of the exploit involves monitoring shadow copies, triggering Defender's detection, synchronizing OPLOCKs, and ultimately writing malicious binaries to the System32 directory. The root cause is the lack of reparse point validation in the restoration process, and currently, no patch or CVE has been assigned for this vulnerability. It affects Windows 10, Windows 11, and Windows Server 2019 and later, and organizations are advised to implement behavioral detection strategies until a fix is available.

Tech Optimizer

April 17, 2026

Why Postgres wants NVMe on the hot path, and S3 everywhere else

Efforts to merge storage roles into a single solution are ongoing, particularly with Amazon S3's durability and cost-effectiveness. In PostgreSQL, achieving a durable commit requires flushing the Write-Ahead Log (WAL) before signaling transaction completion, which can take tens of microseconds on high-performance NVMe drives but extend to milliseconds on slower storage. This latency impacts Online Transaction Processing (OLTP) systems and user response times. Benchmark studies show that systems with faster local storage outperform those with slower alternatives as workloads exceed memory capacity. The fsync operation in PostgreSQL is a commitment rather than a simple write, with enterprise-grade SSDs performing better due to power-loss protection. Read operations also face challenges, as PostgreSQL's need for small, latency-sensitive reads conflicts with S3's design for larger, higher-latency requests. As the working set exceeds memory, storage latency becomes a critical performance factor. Modern managed PostgreSQL systems typically do not place object storage in the critical commit path, instead maintaining a fast log or cache close to the database while relegating colder data to remote storage. Recent PostgreSQL developments, such as asynchronous I/O support in version 18, aim to leverage fast storage more effectively. S3 is valuable for tasks like WAL archiving and backups, but these should be kept separate from the commit path to avoid resource contention. The solution involves using both NVMe and S3, with fast storage managing commits and cache misses, while object storage handles archives and backups. PostgreSQL performs best when hot and cold storage functions are clearly delineated.

AppWizard

April 15, 2026

This free app can get your Android phone to run PC games better than ever

Winlator v11.0 is a free Windows-on-Android emulator that allows Android devices to run Windows PC games locally without cloud streaming or subscription fees. The update features significant enhancements in GPU performance, particularly for Adreno 8-series GPUs, improving graphics and reducing crashes for demanding titles on devices with Qualcomm's Snapdragon 8 Elite. It introduces an experimental OpenGL wrapper called Gladio to extend compatibility to MediaTek and Exynos chips with Mali GPUs. The update also includes Wine 10.10 and Box64 v0.4.0, which enhance the operation of Windows software on mobile processors, promising faster load times and improved stability for 64-bit applications. Initial user feedback indicates remarkable performance improvements over previous versions and other emulators.

AppWizard

April 14, 2026

Mirax RAT Targets Android Devices Through Meta Apps

Mirax is a remote access Trojan (RAT) targeting Android devices in Spanish-speaking countries, identified by Outpost24's KrakenLabs in early March. It propagates fraudulent advertisements on Meta-owned applications, allowing cybercriminals to gain initial access. Mirax can interact with compromised devices in real time, converting them into residential proxy nodes through ads on platforms like Facebook and Instagram. It uses SOCKS5 protocol and Yamux multiplexing to establish proxy channels and uncover victims' IP addresses. The malware captures keystrokes, steals sensitive data, executes commands, and monitors user activity. It employs overlay pages to steal credentials and orchestrates distribution through Meta ads and GitHub for malicious APK files. Users are tricked into enabling installations from "unknown sources," and the malware disguises itself behind video playback features. Additionally, a threat actor has been offering Mirax as a malware-as-a-service (MaaS) on illicit forums, with subscription prices starting at ,500 for three months. This service is described as highly controlled and exclusive, primarily targeting Russian-speaking actors in underground communities.

Tech Optimizer

April 14, 2026

Fake Windows 11 24H2 Update Site Distributes Password-Stealing Malware

A recent discovery by Malwarebytes has identified a cyber threat involving a typosquatted domain that mimics official Microsoft support pages. This site uses authentic branding and KB-style reference numbers to deceive users into downloading what appears to be a legitimate cumulative update. The malware, once installed, operates stealthily, stealing passwords from browsers and active sessions, which allows attackers to bypass two-factor authentication. The stolen data is sent to external servers through encrypted channels. Initial scans showed zero detections by multiple antivirus engines due to the malware's obfuscated scripts. It also modifies system startup entries and creates disguised shortcuts for persistence. Microsoft has not yet released Windows 11 version 24H2 to general users, and updates should only be obtained through official channels to avoid potential threats.

Winsage

April 13, 2026

The engineer who built Windows Task Manager in the 90s says its 80KB footprint was a feature not an accident

David Plummer, a veteran Microsoft engineer, created the original Windows Task Manager (Taskmgr.exe) in the 1990s, which had a file size of only 80KB. This small size was crucial for its functionality during system freezes. Plummer used a mutex to check if another instance of the program was running, allowing for efficient operation without complex process lists or loops. His recent reflections in early 2026 have sparked discussions about the evolution of software, particularly criticizing Windows 11 for straying from its foundational purpose and emphasizing resource efficiency. The 1990s hardware constraints forced developers to innovate, contrasting with today's environment where abundant resources allow for less efficient applications. Plummer's mutex technique is now seen as a benchmark in application design, highlighting a generational shift in development practices. The discourse around his 80KB Task Manager raises questions about the future of software procurement and the importance of memory footprint in purchasing decisions.

Tech Optimizer

April 11, 2026

Antivirus protection built into Windows

Windows 11 includes Microsoft Defender Antivirus, which is active from the moment the device is powered on and integrated into the operating system. It continuously updates to protect against various threats, including malicious files and unsafe links. Microsoft Defender SmartScreen evaluates the safety of websites and downloads, providing warnings for dubious content. Smart App Control prevents untrusted applications from executing, while Controlled folder access protects personal files from unauthorized modifications. Users can verify the operational status of Microsoft Defender Antivirus through Windows Security settings. Best practices for maintaining security include keeping the antivirus updated, using a single real-time antivirus engine, and enhancing security habits. Microsoft Defender Antivirus is generally sufficient for everyday risks, but additional third-party antivirus solutions may be considered based on individual needs.

Tech Optimizer

April 11, 2026

Database Branching in Postgres: Git-Style Workflows with Databricks Lakebase

Database branching is a modern approach that addresses the limitations of traditional database management in development workflows. Unlike conventional database copies, which require significant time and resources to duplicate data and schema, database branching allows for the creation of isolated environments that share the same underlying storage. This method utilizes a copy-on-write mechanism, enabling branches to be created in seconds regardless of database size, with storage costs tied only to the changes made. Key features of database branching include: - Branch creation time: Seconds, constant regardless of database size. - Storage cost: Proportional to changes only, not the total data size. - Isolation: Each branch has its own Postgres connection string and compute endpoint. - Automatic scaling: Idle branches can scale compute to zero, incurring costs only when active. The architecture supporting this approach separates compute from storage, allowing multiple branches to reference the same data without conflict. This design facilitates time travel capabilities, enabling branches to be created from any point in the past for instant recovery and inspection. Database branching unlocks new workflows, such as: - One branch per developer, providing isolated environments for each engineer. - One branch per pull request, automating branch creation and deletion tied to PRs. - One branch per test run, provisioning fresh databases for each CI pipeline execution. - Instant recovery from any point in time within a designated restore window. - Ephemeral environments for AI agents, allowing programmatic database provisioning. Databricks Lakebase offers this database branching capability, transforming the database from a bottleneck into a streamlined component of the development process.

AppWizard

April 11, 2026

iBUYPOWER RDY Y70 R17 review – a fantastic RTX 5080 gaming PC

The iBUYPOWER RDY Y70 R17 is a high-end gaming PC featuring an AMD Ryzen 7 9800X3D CPU, Nvidia GeForce RTX 5080 GPU, 32GB DDR5 RAM, and a 1TB NVMe SSD. It is housed in a visually striking Hyte Y70 case that provides excellent cooling and ample upgrade potential. The system includes a 240mm AIO liquid cooler and is equipped with various front and rear ports for connectivity. It offers impressive gaming performance, achieving over 105fps in Cyberpunk 2077 at 1080p and maintaining playable frame rates at higher resolutions. The PC is priced at ,199.99 and comes with a three-year labor and two-year parts warranty. Minor shipping damage was noted, and initial CPU fan noise may require BIOS adjustments for quieter operation. The dimensions of the case are 470 x 320 x 470mm, and it weighs 13.2kg.