NewApp Digest
search bot

patterns

Malware Has Gotten Smarter. Here's How Your Antivirus Has, Too
Tech Optimizer
June 21, 2026

Malware Has Gotten Smarter. Here’s How Your Antivirus Has, Too

Antivirus software is evolving from relying on static databases of known malware signatures to employing behavioral monitoring and machine learning for threat detection. Traditional antivirus solutions focused on recognizing known threats through unique signatures, but this approach has become inadequate due to the rapid evolution of malware, including polymorphic and metamorphic types. Modern antivirus systems now monitor program behavior, looking for suspicious activities such as unexpected file encryption or unusual network communication. Machine learning models analyze large datasets to identify patterns associated with malware, allowing for the classification of files as safe, potentially unwanted, or malicious. Techniques like sandboxing and dynamic analysis are used to preemptively neutralize threats. However, advancements in AI also present challenges, as cybercriminals can exploit these technologies to create sophisticated malware that evades detection. Despite improvements in antivirus effectiveness, modern cyberattacks increasingly target individuals through methods like phishing and social engineering, necessitating a combination of robust antivirus solutions and good cybersecurity practices.
PostgreSQL 18 on Amazon Aurora and Amazon RDS: Security, monitoring, and developer enhancements
Tech Optimizer
June 20, 2026

PostgreSQL 18 on Amazon Aurora and Amazon RDS: Security, monitoring, and developer enhancements

PostgreSQL version 18 has deprecated MD5 password authentication in favor of SCRAM-SHA-256, with a new parameter, md5_password_warnings, enabled by default to log deprecation warnings. It has enhanced monitoring capabilities by adding columns to pg_stat_database and pg_stat_statements to track parallel worker activity, with the default max_parallel_workers_per_gather set to 0 in Aurora PostgreSQL. The pg_stat_subscription_stats view now includes new columns for tracking conflict types in logical replication. Optimizer statistics are automatically transferred during upgrades, while uuidv7() generates timestamp-ordered UUIDs. The default streaming option for CREATE SUBSCRIPTION has changed to parallel, and the idle_replication_slot_timeout parameter automatically invalidates inactive replication slots. Enhancements to the COPY command include REJECT_LIMIT for error tolerance and a silent LOG_VERBOSITY level. OLD and NEW aliases have been introduced in RETURNING clauses for various DML commands.
PostgreSQL 18 on Amazon Aurora and Amazon RDS: Performance enhancements
Tech Optimizer
June 20, 2026

PostgreSQL 18 on Amazon Aurora and Amazon RDS: Performance enhancements

PostgreSQL 18 addresses common performance challenges for users, including managing query performance across composite indexes, diagnosing memory spills in materialized Common Table Expressions (CTEs), and upgrading major versions without plan regressions. Key enhancements include skip scan optimization for multicolumn indexes, improved EXPLAIN functionality, and optimizer statistics that persist through major version upgrades. Skip scan optimization allows PostgreSQL to efficiently utilize multicolumn B-tree indexes even when leading columns are not specified in the WHERE clause, significantly improving query performance. The EXPLAIN command has been enhanced to include buffer statistics by default, providing deeper insights into query execution and resource usage. PostgreSQL 18 also introduces visibility into the storage of materialized nodes in query plans, indicating whether intermediate results were stored in memory or spilled to disk. A new metric, Index Searches, has been added to EXPLAIN ANALYZE output, indicating how many times the database traversed the index tree during query execution. Additionally, Self-Join Elimination (SJE) automatically detects and removes unnecessary inner joins of a table to itself, optimizing query performance. The autovacuum mechanism has been improved with the introduction of autovacuum_vacuum_max_threshold, which caps the number of dead tuples that can accumulate before autovacuum triggers a VACUUM, addressing issues with large tables. The vacuum_truncate parameter provides a server-wide control point to disable VACUUM’s file truncation behavior, reducing locking issues on busy systems. PostgreSQL 18 also separates the allocation of autovacuum worker slots from their usage, allowing for dynamic adjustments to autovacuum_max_workers without requiring a server restart. Finally, new columns in pg_stat_all_tables track cumulative time spent on maintenance operations, providing better insights into maintenance overhead for each table.
How Five PostgreSQL Optimizations Sped Up Our Dashboard
Tech Optimizer
June 20, 2026

How Five PostgreSQL Optimizations Sped Up Our Dashboard

The dashboard operates on a Django monolith with PostgreSQL and is transitioning to ClickHouse for denormalization. The initial p50 metric was 0.7 seconds, but the p95 was 8 seconds, which was reduced to 1 second. Observability tools were established to monitor performance, and slow HTTP requests were identified using OpenTelemetry traces. Optimization techniques included late joining, asynchronous counting, creating a PostgreSQL replica for read operations, and improving full-text search. Denormalization was explored to enhance filtering performance by creating composite indexes. The production stack was upgraded to PostgreSQL 18, which provided incremental performance improvements. The final p95 value achieved was 1 second, below the target of 3 seconds.
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2
Winsage
June 19, 2026

Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2

Microsoft has identified a Windows-based cryptocurrency clipper campaign that has been active since February 2026. This campaign uses clipboard-intercepting malware with self-spreading capabilities and operates through the Tor network. The clipper malware employs Windows Script Host and ActiveX to launch a Tor proxy and connect to a hidden command-and-control server. It focuses on stealing clipboard data, particularly cryptocurrency wallet addresses, and can exfiltrate screenshots. The malware is distributed via malicious Windows Shortcut (LNK) files on USB drives, which activate a worm that checks for existing infections and fetches the payload from a remote server. The clipper monitors the clipboard every 500 milliseconds for sensitive information and can replace copied wallet addresses with those controlled by attackers. Microsoft recommends behavioral detections, disabling AutoRun for removable media, blocking LNK execution from drives, and monitoring clipboard-related activities as mitigations against this threat.
Android 17 is making Pixel widgets vanish, but Google already has a fix in the works
AppWizard
June 19, 2026

Android 17 is making Pixel widgets vanish, but Google already has a fix in the works

Users of Android 17 have reported that home screen widgets are disappearing after the latest stable update, specifically on devices with a work profile. Google is aware of the issue and is working on a fix, which may be included in the next month's security update. Currently, there is no effective workaround other than removing the work profile, which allows users to restore their widgets by restarting the device and re-adding them.
Microsoft and Adobe team up and make Photoshop 20% faster on Windows
Winsage
June 19, 2026

Microsoft and Adobe team up and make Photoshop 20% faster on Windows

Microsoft is collaborating with Adobe to enhance the performance of Photoshop, a widely used image editing software. The partnership focuses on optimizing operations within Photoshop, which is primarily developed in C++ and compiled using Microsoft’s Visual C++ (MSVC) compiler. Microsoft aims to improve performance for CPU-intensive tasks, particularly those that are latency-sensitive, such as brush responsiveness and file-opening tasks. The engineering team activated MSVC’s "peak-performance" compilation mode and explored profile-guided optimization (PGO) to refine executables. However, due to the complexity PGO introduced, they shifted to Sample-based Profile Guided Optimizations (SPGO), which uses hardware performance samples from actual release binaries. This method allows for greater flexibility in data collection and typically yields performance improvements of 5% to 15%. By combining MSVC’s peak-performance mode with SPGO, the teams achieved a 20% performance boost on x64 Windows systems and a 13% enhancement on Arm architecture. These optimizations resulted in improved responsiveness for critical tasks in Photoshop, enhancing the user experience in professional creative workflows.
Here’s What Actually Happens When Antivirus Software Scans Your PC
Tech Optimizer
June 18, 2026

Here’s What Actually Happens When Antivirus Software Scans Your PC

Interactions with antivirus software occur during installation and when issues arise, while the software operates quietly in the background. Modern antivirus solutions continuously monitor for threats using various detection methods, including real-time scanning, which actively scrutinizes files as they are downloaded or accessed. The signature database is essential for identifying malware by comparing files against known signatures, but it can only detect documented threats. Heuristic detection and behavioral analysis help catch unknown malware by evaluating suspicious characteristics and monitoring file actions during execution. Sandboxing allows suspicious files to run in a controlled environment, logging their behavior to determine if they are malicious. Quarantine neutralizes threats by locking files in a secure location, allowing users to review them before deletion. Full scans are resource-intensive and can slow down system performance, while real-time scanning is less demanding. Users can schedule scans during idle times, exclude trusted folders, or consider cloud-based solutions to mitigate performance impacts.
Search