permission Archives

Tech Optimizer

February 11, 2026

Hackers Used Hugging Face to Distribute Android Banking Trojans

Cybersecurity researchers have identified a malware campaign that exploited Hugging Face's AI infrastructure to distribute Android banking trojans. The attackers used a deceptive app called TrustBastion, which tricked users into installing what appeared to be legitimate security software. Upon installation, the app redirected users to an encrypted endpoint that linked to Hugging Face repositories, allowing the malware to evade traditional security measures. The campaign generated new malware variants every 15 minutes, resulting in over 6,000 commits in about 29 days. It infected thousands of victims globally, particularly in regions with high smartphone banking usage but lower mobile security awareness. The operation is believed to be linked to an established cybercriminal group. Security experts warn that this incident highlights vulnerabilities in trusted platforms and calls for improved security measures, including behavioral analysis systems and verification of application authenticity. The incident has also sparked discussions about the need for enhanced security protocols for AI platforms.

Winsage

February 11, 2026

Microsoft tightens Windows security with app transparency and user consent

Microsoft is enhancing the security of its Windows operating system through two initiatives: User Transparency and Consent, and Windows Baseline Security Mode. The User Transparency and Consent initiative will notify users when applications request access to sensitive resources and log every permission granted, allowing users to review and modify their choices. Applications and AI agents will adhere to higher transparency standards. Windows Baseline Security Mode will enable runtime integrity safeguards by default, allowing only properly signed applications, services, and drivers to run. Users and IT administrators can approve exceptions for specific applications. These updates are part of Microsoft’s Secure Future Initiative, which aims to help organizations prevent, manage, and recover from security incidents. The rollout will occur in phases, with collaboration from developers, enterprises, and partners to ensure a smooth transition.

Tech Optimizer

January 29, 2026

Aurora PostgreSQL 13 Deadline: Four Upgrade Paths to Beat February Cutoff

Standard support for Amazon Aurora PostgreSQL-Compatible Edition and Amazon RDS for PostgreSQL version 13 will end on February 28, 2026. PostgreSQL 13 will be deprecated by the community in November 2025, ceasing to receive bug fixes or security patches. AWS recommends upgrading to newer versions, such as 16 or 17, which offer significant performance enhancements and improved security. PostgreSQL 17 can achieve up to twice the write throughput and consumes 20 times less memory during vacuum operations. Version 16 introduces pg_stat_io for detailed I/O statistics, while version 14 includes a vacuum emergency mode. Aurora-specific enhancements in version 14.9 and later can lead to faster query latency and reduced costs. Version 14 introduces new roles for access control, and version 15 revokes certain permissions. Major upgrades in logical replication include automatic slot synchronization in version 17 and support for parallel apply in version 16. Transitioning between major versions requires careful examination of catalog changes, as some views and configuration parameters will evolve. Extensions must be verified, as most do not auto-upgrade. An in-place major version upgrade can be performed via the AWS Console or CLI, with downtime varying based on database size. AWS recommends snapshot-based testing beforehand. The CLI command can check valid upgrade targets, leading from version 13 to 14, 15, 16, or 17. Preparation involves validating instance classes and dropping replication slots. Amazon RDS Blue/Green deployments allow for near-zero downtime by synchronizing production with a staging environment, enabling application testing before traffic switching. This feature is supported from Aurora PostgreSQL version 13.12 onward. Logical replication through pglogical offers flexibility for minimal downtime, while AWS DMS supports homogeneous migration with Change Data Capture. Extended Support is available for a fee, providing up to three years of security patches. Best practices include replicating production environments in staging, conducting load tests, and validating queries against new catalogs. Recent minor releases, including Aurora PostgreSQL 17.6 and 16.10, showcase ongoing improvements. Engaging AWS Support is advisable for complex setups to ensure seamless transitions before the deadline.

Tech Optimizer

January 28, 2026

Strategies for upgrading Amazon Aurora PostgreSQL and Amazon RDS for PostgreSQL from version 13

Standard support for PostgreSQL version 13 will end on February 28, 2026. Upgrading to newer PostgreSQL versions can enhance database performance and introduce new features. Notable enhancements in recent versions include: - Vacuum emergency mode (v14+) to manage old row versions. - Improved I/O performance (v17) with better write throughput. - Enhanced query optimization (v17+) for IN clauses and parallel BRIN index builds. - Memory efficiency improvements (v17) reducing vacuum memory usage. - Advanced monitoring features like pg_stat_io (v16+) and pg_wait_events (v17+). - Logical replication improvements such as failover support and slot migration (v17+). - Developer experience enhancements including JSONB subscripting (v14+) and SQL/JSON JSON_TABLE (v17+). - Security enhancements with new roles for access control (v14+) and maintenance tasks (v17+). For Amazon Aurora PostgreSQL-Compatible, upgrading to versions v14.9+, v15.4+, v16.1+, and higher can yield performance optimizations, including faster query latency and cost savings. Changes in system catalog views and configuration parameters have occurred in PostgreSQL versions 14 to 17, impacting application compatibility. Upgrade strategies include in-place upgrades, blue/green deployments, logical replication, and using AWS Database Migration Service (AWS DMS). If an immediate upgrade is not possible, Amazon RDS Extended Support offers up to three years of continued security patches and bug fixes beyond the standard support end date.

Tech Optimizer

January 27, 2026

EDB Announces Industry-First Book for Building Sovereign Data and AI Platforms with PostgreSQL

EnterpriseDB (EDB) has released a publication titled "Building a Data and AI Platform with PostgreSQL," authored by experts in PostgreSQL and data platforms. The book aims to guide executives and architects in transitioning generative and agentic AI into production-ready platforms. Research from EDB shows that while 95% of organizations plan to establish AI platforms in the next three years, only 35% currently use PostgreSQL for complex workloads, with just 13% achieving success at scale. The book emphasizes the importance of foundational platform design for successful AI deployment and offers a framework for establishing a platform mindset, identifying necessary architecture and governance, and mitigating data challenges. It has received endorsements from industry leaders, highlighting its practical guidance for moving AI from pilot projects to production. The book is available for purchase and will be distributed at the NVIDIA GTC 2026 conference.

AppWizard

January 20, 2026

How to Get Samsung Galaxy’s Best Feature on Your Pixel (or Any Android)

The Panels app developed by Fossor Coding is an alternative to Samsung's Edge Panels, offering features such as custom icon packs, quick search shortcuts, and floating widgets. Users can customize the app by repositioning the trigger point, setting up multiple columns (up to seven), and adding various items to the sidebar, including applications, shortcuts, app pairs, accessibility options, system preferences, websites, floating widgets, folders, contacts, and quick search. The free version allows for three columns and nine rows, while the paid version offers additional capabilities for .50. To customize, users must install the app, grant permissions, and use the View button to set up their panel. A pro tip for efficiency includes keeping a thumb on the screen after swiping in to quickly select and launch apps or shortcuts.

AppWizard

January 20, 2026

A fan managed to run Windows 95 and classic Minecraft inside Hytale

Hytale launched in Early Access on January 13, 2026, and quickly gained popularity, achieving over 2 million mod downloads within 72 hours. A 15-year-old developer, @iamcxv711, successfully ran a fully functioning instance of Windows 95 and classic Minecraft (version 0.30) within Hytale, showcasing the game's modding capabilities. This was accomplished through map pixel data manipulation without external assets. The game's developers have emphasized its mod-friendly nature, supported by partnerships like CurseForge to facilitate user-generated content integration.

AppWizard

January 13, 2026

This Free Android App Blocks Useless Notifications and Lets Important Ones Through

DoNotNotify is a free Android application that allows users to create custom filters for their notifications, helping to reduce distractions while maintaining access to important messages. Users can filter notifications by creating blacklists or whitelists. A whitelist allows users to receive only selected notifications, such as alerts about specific topics or keywords, while a blacklist enables users to block notifications from certain individuals or subjects. The app requires permission to access notifications and has a privacy policy that states it does not collect personal information or share data with third parties.

Tech Optimizer

January 10, 2026

Protect Yourself From the macOS Flaw that Bypasses Apple Privacy Controls

A newly identified macOS vulnerability, tracked as CVE-2025-43530, poses a significant risk by circumventing Apple’s privacy controls, potentially exposing users to malicious actors. This flaw arises from two vulnerabilities that allow hackers unauthorized access to systems by exploiting Apple-signed services and a timing gap in process verification. Hackers can execute AppleScript commands and access user files and microphone audio without triggering warnings. The VoiceOver screen reader service is a primary target for exploitation. Users are advised to update to macOS Tahoe 26.2, review app permissions, consider third-party antivirus solutions, and avoid downloading untrusted files to enhance security.

Winsage

January 9, 2026

Use These Windows Registry Hacks to Tame the Disruptive Windows Updates

Many users are frustrated with Microsoft's management of Windows updates, which can disrupt workflows during critical tasks. While completely disabling updates poses security risks, users can modify the Windows Registry to regain control. To prevent automatic downloading and installation of updates, users can create a key in the Registry at HKEYLOCALMACHINESOFTWAREPoliciesMicrosoftWindows, naming it WindowsUpdate, and then create another key named AU. A DWORD value named AUOptions can be set to 2 to prompt for permission before updates. To stop automatic restarts during logged-in sessions, users can navigate to HKEYLOCALMACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU and create a DWORD value named NoAutoRebootWithLoggedOnUsers, setting its value to 1. To lock Windows to a specific version and avoid feature upgrades, users can access HKEYLOCALMACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate and create a DWORD value named TargetReleaseVersion set to 1, along with two String values: ProductVersion for the current version and TargetReleaseVersionInfo for the desired version. To prevent automatic driver updates, users can go to HKEYLOCALMACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate and create a DWORD value named ExcludeWUDriversInQualityUpdate, setting its value to 1. To extend the pause limit for updates beyond five weeks, users can access HKEYLOCALMACHINESOFTWAREMicrosoftWindowsUpdateUXSettings and create a DWORD value named FlightSettingsMaxPauseDays, setting its value to 365 or any preferred duration. These modifications allow for greater control over Windows updates, although emergency updates may still occur.