remote Archives

Winsage

June 24, 2026

Windows 11 Adds Point‑in‑Time Restore for System Recovery

Point-in-time restore is a new feature for Windows 11 that allows administrators to revert systems to a previous stable state, streamlining recovery from issues like problematic updates or software conflicts. It automatically generates restore points every 24 hours, retaining them for up to 72 hours and using a maximum of 2 percent of disk space. This feature is available on Windows 11 version 24H2 and later across all editions, including Enterprise, Pro, and Home. Administrators can initiate the restore process through the Windows Recovery Environment (Windows RE) by selecting a restore point. Future enhancements will include remote restore capabilities through Microsoft Intune.

Winsage

June 24, 2026

Windows RAT Uses Encrypted HTTP C2 and Registry Persistence After npm Infection

A malware campaign targets Windows systems through a malicious npm package named postcss-minify-selector-parser, which mimics the legitimate postcss-selector-parser. This counterfeit package installs a Remote Access Trojan (RAT) on developer machines, beginning with a multi-stage attack triggered by the installation of the package. The RAT can steal credentials, execute shell commands, and communicate with a remote attacker. Security researchers at JFrog identified this threat and reported it on June 22, 2026, noting that two additional related packages, postcss-minify-selector and aes-decode-runner-pro, are linked to the same publisher and remain live on the npm registry. The RAT employs encrypted HTTP communication with a command-and-control (C2) server and ensures persistence by creating a registry key under the Windows Run key. It has capabilities for remote shell execution, file uploads and downloads, and can steal saved login data from Google Chrome using Windows decryption APIs. The malware is designed for organized batch exfiltration of stolen data. Indicators of compromise include specific IP addresses, domains, file paths, and SHA-256 hashes associated with the malware components. JFrog advises users to remove the malicious packages, inspect their dependency trees, and treat any stored credentials as compromised.

Tech Optimizer

June 23, 2026

Active Exploitation of Critical CVE-2026-20253 in Splunk Enterprise: Unauthenticated RCE via PostgreSQL Sidecar Service

A critical security vulnerability, SVD-2026-0603 (CVE-2026-20253), has been identified in Splunk Enterprise versions 10.0.0 through 10.0.6 and 10.2.0 through 10.2.3. This flaw allows unauthenticated, remote attackers to create or truncate arbitrary files on the host system by exploiting the PostgreSQL Sidecar Service endpoints. The vulnerability is actively exploited, with public proof-of-concept code available, and has been added to the CISA Known Exploited Vulnerabilities (KEV) list. Successful exploitation can lead to full remote code execution (RCE) as the Splunk user. The vulnerability arises from inadequate authentication controls on the PostgreSQL Sidecar Service endpoints, specifically /v1/postgres/recovery/backup and /v1/postgres/recovery/restore, which are accessible without authentication. It is classified under CWE-306: Missing Authentication for Critical Function and has a CVSS v3.1 base score of 9.8 (Critical). Attackers can exploit the vulnerability by sending crafted HTTP POST requests to the exposed endpoints, allowing them to create or truncate files and potentially execute malicious scripts. Indicators of compromise include unexpected files in directories such as /tmp/ or /opt/splunk/var/run/supervisor/pkg-run/, modified Splunk Python scripts, and unusual outbound connections from Splunk to unknown PostgreSQL servers. The vulnerability aligns with several MITRE ATT&CK techniques, including T1190 (Exploit Public-Facing Application) and T1059 (Command and Scripting Interpreter). Active exploitation of CVE-2026-20253 has been confirmed, and it is likely that both opportunistic cybercriminals and sophisticated threat actors will use this exploit. The affected versions of Splunk Enterprise are 10.2.0 through 10.2.3 and 10.0.0 through 10.0.6, with the issue resolved in versions 10.2.4 and 10.0.7. Organizations are advised to upgrade to fixed versions or disable the PostgreSQL Sidecar Service as a mitigation strategy.

AppWizard

June 22, 2026

The Steam Machine is the most ambitious game console I’ve ever played

The Steam Machine retails starting at ,049 without a gamepad and ,128 bundled with one. Its performance does not significantly exceed that of the 5.5-year-old PS5, which offers sharper visuals in certain games. The Steam Machine operates more like a console than previous iterations, featuring a compact design and compatibility with modern gamepads. Valve claims to sell its components at cost, having negotiated with suppliers during a memory supply crisis. Users have reported technical issues, such as problems with the Steam Controller, sound output, and game downloads. The device requires manual adjustments for settings, lacks user-friendly configurations, and has questionable reliability with its sleep function. Valve plans to support AMD’s FSR 4 upscaling and is working on graphics driver updates. The Steam Machine is positioned as a versatile gaming and computing solution, but its limitations highlight the need for further refinement.

Tech Optimizer

June 22, 2026

pgAdmin 4 Released With Fixes for Seven Security Vulnerabilities and New Features

pgAdmin 4 version 9.16 has been released, featuring 64 bug fixes and addressing seven security vulnerabilities (CVE-2026-12044 to CVE-2026-12050). Key vulnerabilities include SQL injection flaws and cross-site scripting issues. CVE-2026-12044 involved SQL injection risks in dialog templates, while CVE-2026-12045 allowed attackers to bypass read-only transaction restrictions in the AI Assistant feature. Authentication issues were fixed in CVE-2026-12046, and client-side vulnerabilities were addressed in CVE-2026-12048 and CVE-2026-12047. Additional vulnerabilities included an open redirect in multi-factor authentication (CVE-2026-12049) and another SQL injection flaw in restore point functionality (CVE-2026-12050). Usability improvements include colorized panel headers, middle-click tab closing, and enhancements to OAuth2 login. The release supports new PostgreSQL storage parameters and includes dependency upgrades. Stricter access controls have been enforced, and pgAgent has been marked for removal. The update is available for download on multiple platforms.

Winsage

June 22, 2026

Windows 11 version 26H2: Microsoft details rollout strategy

Microsoft is enhancing its enterprise offerings with Microsoft Intune, a cloud-based service for managing mobile devices and applications. Intune allows IT administrators to control device usage, ensuring compliance with corporate policies, securing sensitive data through application management, and providing employees with flexible access to corporate resources from personal devices. Additionally, Microsoft promotes Microsoft Learn, an educational platform to help users understand Intune and other services.

AppWizard

June 21, 2026

“Subscription-based gaming is the final boss of piracy”: Why I think we’re on track to own nothing and be happy we get to play at all

A study published in the Entertainment Computing journal analyzed 86 games released on Steam from 2014 to 2022, finding that games with cracked versions available within the first week of launch experienced a 20% drop in revenue. If DRM delayed cracks by at least six weeks, the revenue decline was only 5%, and if DRM withstood cracks for three months, there was no significant loss in revenue. Denuvo's defenses have been breached within hours of game releases, and the future of DRM may rely more on contractual agreements than technology. Subscription-based gaming models, like Xbox's PC Game Pass, are emerging, allowing players to access games without owning them, which raises concerns about game ownership and the potential for titles to be removed from libraries. The rise of cloud gaming is seen as a solution to affordability issues for gamers, but it also leads to questions about the future of game ownership and piracy.

Tech Optimizer

June 20, 2026

Chinese police bust cybercrime ring behind ‘Silver Fox’ Trojan virus

Chinese law enforcement has dismantled cybercrime operations linked to a new variant of the Silver Fox Trojan virus, which targets employees in enterprises and public institutions, particularly in financial roles. The malware allows cybercriminals remote access to steal account credentials, intercept SMS verification codes, and harvest personal information. A criminal syndicate in Jilin province, led by an individual named Chen, developed this Trojan and conducted mass phishing campaigns, resulting in losses exceeding 7 million yuan. Police have taken action against Chen and 26 accomplices, with ongoing investigations. Recommendations for enhancing personal cybersecurity include downloading software from official websites, scrutinizing website domains, verifying links before clicking, and disconnecting compromised computers from the internet. Under China's Criminal Law, unauthorized access to computer systems and data theft can lead to imprisonment and financial penalties.

TrendTechie

June 20, 2026

Что такое торрент, как он работает и можно ли им пользоваться

Downloading a Linux distribution from the official website typically takes about half an hour, but during high-demand periods, such as new Ubuntu releases, speeds can drastically decrease due to server overload. Torrents, which use a peer-to-peer file-sharing protocol, allow users to download and share data simultaneously, reducing the load on a single server. Torrents operate by enabling direct exchanges between users through the BitTorrent protocol, where files are divided into smaller pieces and downloaded in parallel from multiple sources. Key terms include peers (users with parts of the file), seeds (users who have fully downloaded the file), .torrent files (metadata files), and magnet links (text-based alternatives to .torrent files). The BitTorrent protocol does not rely on a central server, enhancing resilience as files can continue to circulate as long as at least one seed is available. To use torrents, a torrent client is needed, with recommended options for 2026 including qBittorrent, Transmission, and BiglyBT. The BitTorrent technology itself is legal, but legality depends on the content being shared. Legal uses include downloading Linux distributions, open-source software, and scientific datasets, while unlicensed movies and cracked software are illegal. In Russia, while torrent technology is not prohibited, downloading copyrighted content without permission is a violation. Risks of using torrents include exposure to viruses and malware, copyright infringement, fake distributions, and IP address exposure. To protect oneself, users should choose moderated trackers, avoid suspicious files, use antivirus software, and limit upload speeds. Common problems include slow speeds, connection issues, and disappearing files, which can often be resolved by checking settings or ensuring there are seeds available. Sharing files after downloading is not legally mandatory but is considered good etiquette in the torrent community.

TrendTechie

June 20, 2026

Выпуск qBittorrent 5.2.2

On May 15, 2026, qBittorrent version 5.2.2 was released. It is an open-source torrent client developed using the Qt toolkit, with source code available on GitHub under the GPLv2+ license. The software supports Linux, Windows, and macOS. The project started with version 4.0 in November 2017, followed by versions 5.0 in September 2024 and 5.1 in April 2025. The 5.2.2 update focuses on bug fixes and stability improvements, including D-Bus utilization for file display, header mismatch correction in Safari, magnet link sending issue fix, correct string identifier implementation for RSS Downloader, 64-bit binary installation on ARM64 systems, prevention of SSRF attacks, and mitigation of proxy interference in multi-threaded processing. Key features include an integrated search engine, RSS feed subscription, support for BEP extensions, remote management, sequential downloading, advanced torrent settings, bandwidth scheduling, IP filtering, torrent creation interface, and UPnP/NAT-PMP support.