publication Archives

Tech Optimizer

May 28, 2026

CertiK Launches AI Skill Scanner, An Antivirus Software for the AI Age

CertiK has launched the CertiK Skill Scanner, a security solution designed to protect AI Agents and third-party AI Skills. It targets AI Skill marketplaces, enterprises, developers, and users, focusing on identifying risks during execution, particularly in financial transactions. The scanner can be integrated into publishing pipelines for automatic reviews and provides a scored assessment of risks with verdicts of “pass,” “warn,” or “fail.” It boasts a 90.5% precision rate in identifying security risks. The scanner is already deployed in select Web3 environments and aims to expand its integrations. CertiK, founded in 2017, is a leading Web3 security service provider, having worked with over 5,000 enterprise clients, including Binance and Ant Group.

Winsage

May 28, 2026

Microsoft’s GitHub bans security researcher who posted zero-day Windows exploits because company ‘ruined their life’ — expert claims action is vindictive and promises further retaliation

Researcher Nightmare-Eclipse, also known as Chaotic Eclipse, has had their GitHub account banned by Microsoft, leading them to move their operations to GitLab. Microsoft also deleted Eclipse's Microsoft account used for reporting vulnerabilities. Eclipse claims that they have not received any financial rewards from Microsoft's bug bounty program, despite having reported multiple zero-day vulnerabilities. They possess a portfolio of six zero-day exploits and have hinted at revealing more on July 14. Eclipse has criticized Microsoft for their handling of vulnerability reports and suggested that the company's recent requirement for video evidence of exploits has contributed to tensions. Microsoft has not commented on the specifics of the situation. Eclipse's zero-day exploits include BlueHammer, RedSun, UnDefend, GreenPlasma, MiniPlasma, and YellowKey, with BlueHammer, RedSun, and UnDefend confirmed as actively exploited in the wild.

Winsage

May 27, 2026

Your PC’s trust in Windows has an expiration date

Microsoft will change Secure Boot certificates in June 2026, impacting Windows 11 PCs. If users do not update the certificates, their PCs may still function but will lack critical boot updates and malware blacklists, potentially compromising security. Without the new certificates, systems cannot run the latest Windows Boot Manager, making them vulnerable to bootkit malware and hindering future Windows feature updates. Older computers using BIOS are exempt from this issue. The new Secure Boot certificates are valid until 2038. Users can check their Secure Boot status in the Windows Security app; a green circle indicates readiness for the deadline.

Winsage

May 26, 2026

Windows 11’s latest patch is both the problem and the fix

Microsoft's KB5089549 update for Windows 11 addresses taskbar freezing and blank desktop displays but has installation issues due to error code 0x800f0922. The update aims to improve performance related to the taskbar and explorer.exe, with expected enhancements by May 2026. Users report taskbar freezing occurring after login or during desktop interactions. The update also creates a new folder on the user's computer. For those who successfully install it, performance improvements are noted, particularly after logging in. The update targets reliability during log-in, taskbar menu interactions, and Quick Access in File Explorer, aiming to enhance overall performance during the initial boot phase.

AppWizard

May 23, 2026

Don’t pay $30 for Tomb Raider I–III Remastered. It’s free right now

Tomb Raider I-III Remastered Starring Lara Croft is currently available for free on the Epic Games Store, a significant reduction from its usual price of .99. The remastered collection includes Tomb Raider I (1996) with the Unfinished Business expansion, Tomb Raider II (1997) with the Golden Mask expansion, and Tomb Raider III (1998) with The Lost Artifact expansion. Developed by Crystal Dynamics in collaboration with Aspyr, the remasters use the original game code but feature enhanced visuals and refined controls. Players can toggle back to classic graphics and access a special challenge mode with level modifications and ten new outfits for Lara. The collection has a Metacritic score of 75 and retains many hallmark features of the series. It is distinct from the upcoming Tomb Raider: Legacy of Atlantis. To claim the game, users need to log in to their Epic account, add it to their cart, and then to their library, where it will remain after the promotional period ends.

Winsage

May 21, 2026

A Windows 11 bug blocks all updates since February. Here’s what to do

A segment of Windows 11 users has been unable to receive updates since February due to issues stemming from the January Preview Update, which caused download timeouts. This has resulted in missed security patches and critical updates related to Secure Boot certificates. Users may experience crashes during the update process, indicated by the error code 0x80010002. To check if affected, users can view their update history in Settings; if no updates have been installed since January and updates have not been paused, they are likely impacted. Microsoft is working on a fix linked to download timeout changes and firewall settings. A Known-Issue Rollback (KIR) can be executed to revert to a previous state before the problematic update, restoring normal functionality. This rollback is available for specific Windows 11 versions and Windows Server 2025.

Tech Optimizer

May 21, 2026

PostgreSQL Flaws Expose Databases to Remote Code Execution and SQL Injection

PostgreSQL has released versions 18.4, 17.10, 16.14, 15.18, and 14.23 to address 11 security vulnerabilities and over 60 bugs. The vulnerabilities affect PostgreSQL versions 14 through 18 and include issues such as remote code execution, SQL injection, and denial-of-service risks. Specific vulnerabilities include: - CVE-2026-6472: Missing authorization in CREATE TYPE allows query hijacking. - CVE-2026-6473: Integer wraparound leads to out-of-bounds writes and server crashes. - CVE-2026-6474: Format string issue leaks server memory. - CVE-2026-6475: Symlink attack allows overwriting arbitrary files. - CVE-2026-6476: SQL injection allows execution of arbitrary SQL as superuser. - CVE-2026-6477: Memory buffer overwrite via libpq lo_* functions. - CVE-2026-6478: Timing attack exposes MD5-hashed passwords. - CVE-2026-6479: SSL/GSS recursion flaw allows denial-of-service. - CVE-2026-6575: Buffer over-read leaks memory data (PostgreSQL 18 only). - CVE-2026-6637: Refint module enables stack overflow and SQL injection, leading to possible RCE. - CVE-2026-6638: SQL injection in REFRESH PUBLICATION via table names. Organizations are advised to upgrade to the latest versions, avoid MD5 password authentication, restrict privileges, audit extensions, and monitor for abnormal activity. PostgreSQL 14 will reach its end-of-life on November 12, 2026.

BetaBeacon

May 20, 2026

Mid-week Android app deals and freebies: Halls of Torment, Warpledge, Little Nightmares, more

Last Survivor: Survival Pro is currently available for free, with a regular price of .

Tech Optimizer

May 20, 2026

Critical PostgreSQL Flaws Enable Code Execution and SQL Injection

On May 14, 2026, PostgreSQL released critical security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, addressing 11 Common Vulnerabilities and Exposures (CVEs) related to stack buffer overflows, SQL injection, memory disclosure, and denial-of-service vulnerabilities. The most critical vulnerability, CVE-2026-6637, has a CVSS score of 8.8 and allows remote, unprivileged database users to execute arbitrary code. Other notable vulnerabilities include CVE-2026-6473, which affects memory allocation leading to potential memory corruption, and CVE-2026-6475, which allows overwriting sensitive OS-level files. Additional vulnerabilities include SQL injection flaws and authentication issues, with various CVSS scores ranging from 3.7 to 7.5. The updates can be implemented without a database dump, and PostgreSQL 14 will reach its end-of-life on November 12, 2026.

AppWizard

May 20, 2026

Google can now vibe-code you an Android app

Google has enhanced its coding platform, AI Studio, allowing users to create native Android applications. Developers can prompt the system and preview their apps through an integrated Android emulator, with an option to install on actual devices via a connection to an Android phone. The initial rollout focuses on "personal utility" apps, "hardware-enabled experiences," and "AI-powered experiences" using the Gemini API. Google maintains that all applications must adhere to existing review processes and quality benchmarks before publication on Google Play. Additionally, Google has released a 1.0 version of its command-line interface for building Android applications and plans to integrate app recommendations into Gemini queries, along with a short-form video feed titled "Play Shorts" for user engagement.