script Archives

AppWizard

June 11, 2026

Your dad’s favorite show might become a videogame

Taylor Sheridan is writing the script for the upcoming Call of Duty movie, directed by Peter Berg and likely featuring Mark Wahlberg. Paramount Games Studio, led by Shawn Kittelsen, plans to transform Yellowstone into a video game, alongside exploring other Paramount properties like Star Trek and Avatar: The Last Airbender. Kittelsen emphasized the importance of honoring the narratives and characters associated with these titles.

AppWizard

June 10, 2026

France’s Government Messaging App Tchap Got Breached

On June 7, 2026, Tchap, the French government's encrypted messaging platform for civil servants, experienced a significant breach detected by ANSSI. The breach resulted from a compromised user account and involved the education shard of Tchap, specifically targeting matrix.agent.education.tchap.gouv.fr. Approximately 650,000 messages, data from over 73,000 accounts, and about 13.5GB of documents and media files were allegedly scraped. The attacker also claimed to have discovered hardcoded LDAP credentials leaked through a PowerShell script shared by a regional director of the French tax authority. DINUM, the French Digital Affairs Directorate, stated that private conversations on Tchap are end-to-end encrypted and that the compromised account has been blocked. They notified CNIL about the potential exposure of personal data and reminded users to avoid sharing sensitive information in public chat rooms. The breach follows a mandate from Prime Minister François Bayrou in August 2025 requiring all civil servants to use Tchap, increasing its attractiveness as a target for cyber threats. The investigation into the breach is ongoing.

Tech Optimizer

June 9, 2026

Fake ChatGPT download site infects Windows and Mac users with malware

A counterfeit website, openew[.]app, is impersonating OpenAI's official ChatGPT download page and distributing malware. Windows users who download from this site receive a credential-stealing malware loader, while macOS users are infected with Odyssey Stealer, a variant associated with cryptocurrency theft. The fake site mimics the legitimate ChatGPT interface and uses HTTPS to appear trustworthy. The Windows malware, Chat_GPT.exe, creates a back channel to an attacker-controlled server, while the macOS malware captures sensitive data and attempts to replace legitimate cryptocurrency wallet applications with compromised versions. Users who download from official sources remain safe, but those who click on ads or unfamiliar links risk compromising their online accounts and sensitive information. Malwarebytes offers protection against this malware. Indicators of compromise include specific file hashes and network indicators associated with the malicious site.

Winsage

June 8, 2026

Microsoft answers what you must do as Windows 11 Secure Boot deadline hits in days

The expiration date of the original Microsoft Secure Boot KEK certificate is June 24, 2026. Microsoft held a live "Ask Microsoft Anything" session on June 4 to address concerns regarding this deadline. The expiration affects the KEK key, while the DB key remains valid until October. After June 24, Microsoft will not be able to sign new DBX payloads, which are necessary for revoking compromised bootloaders. Devices without the new KEK may miss future revocations, leading to decreased security but will not stop booting immediately. The June Patch Tuesday update is expected to classify most systems as high confidence. IT administrators are advised to use the Intune monitoring report for device status and updates. Devices in a "temporarily paused" status require OEM firmware updates. Administrators should not delay manual rollouts for devices outside the high confidence classification. Secure Boot must be enabled to update certificates, and re-enabling it later can pose risks. Older models may receive high confidence classification faster than newer ones due to statistical requirements. In PXE boot environments, caution is needed when updating bootloaders. The Secure Boot update mechanism is consistent across Windows 10 and 11, and event logs are important diagnostic tools. Key event log entries include 1801, 1802, and 1803, which indicate various device statuses and issues. Microsoft provides resources at aka.ms/GetSecureBoot for further guidance.

Tech Optimizer

June 6, 2026

PostgreSQL Dump and Restore: The Complete pg_dump Guide

pg_dump is a utility for exporting a PostgreSQL database into a file, which can be restored on the same or different servers. It exports a single database's tables, views, sequences, functions, indexes, triggers, and in-database grants but does not include roles, tablespaces, or server-level configurations. To capture global objects, pg_dumpall --globals-only should be executed prior to the per-database dump. pg_dump requires CONNECT and SELECT privileges on all tables and sequences within the target database, and a dedicated backup role is sufficient for single-database dumps, while superuser access is needed for global objects. pg_dump supports various output formats: plain SQL (.sql), custom binary (.dump), directory of files, and tar archive (.tar), each with different capabilities for restoration and compression. The custom format allows for selective and parallel restoration. For non-interactive use, credentials can be stored in a .pgpass file or passed via the PGPASSWORD environment variable. Restoration methods depend on the dump format: psql is used for plain SQL files, while pg_restore is used for custom and directory formats. The restoration process requires the target database to be created beforehand. Version mismatches between pg_dump and pg_restore can lead to failures, so it's essential to ensure that the binaries are version-matched. In Docker, pg_dump and pg_restore can be executed within containers, but care must be taken to manage credentials and ensure version compatibility. Exit codes from pg_dump should be checked to confirm successful operations.

Tech Optimizer

June 6, 2026

Hackers Use Fake Purchase Orders to Deploy JS.MonoGlyphRAT Targeting US Enterprises

Researchers have identified a new malware called JS.MonoGlyphRAT, which disguises itself as business documents to infiltrate corporate networks. It is primarily spread through phishing emails targeting various sectors in the U.S. and has been reported in countries like Germany, Sweden, and Australia. The malware is classified as "Unknown malware" on threat intelligence platforms, making traditional antivirus solutions ineffective. It establishes a persistent presence in the network by executing a JavaScript file and communicating with command-and-control (C2) servers over HTTP. Key indicators of compromise include unusual HTTP traffic, registry changes, and the execution of specific JavaScript files. The malware can download additional payloads and execute commands without leaving traces on disk. Indicators of compromise include specific IP addresses, URLs, file hashes, and registry keys associated with the malware's operation.

Winsage

June 5, 2026

Unofficial script lets you install unreleased Windows 11 features without Microsoft Account

Microsoft's Windows Insider Program allows users to preview upcoming features, requiring enrollment via a Microsoft account. OfflineInsiderEnroll is a third-party tool that enables access to Insider builds without a Microsoft account by configuring Insider settings locally. It uses a Registry value called TestFlags to prevent communication with Microsoft's enrollment services, allowing users to switch between preview channels. The latest version, 2.6.6, supports new Insider channels and retains functionalities for managing Insider settings. Elevated privileges are required to run the script, which can be downloaded from its official GitHub repository.

Winsage

June 2, 2026

Microsoft outs new Windows 11 native command-line utility. Revolutionizes native app making.

Microsoft has announced the general availability of Coreutils for Windows, introducing a native suite of Linux-style command-line utilities designed to enhance cross-platform development workflows. Coreutils includes essential commands for file, shell, and text manipulation, such as ls, cp, mv, rm, cat, and pwd, and will function similarly to its GNU counterpart, allowing seamless use across Windows, Linux, macOS, containers, and the Windows Subsystem for Linux (WSL). Microsoft has excluded certain utilities that rely on POSIX-specific functionality to avoid disrupting Windows operations. Additionally, Microsoft introduced "Windows Development Skills," a set of AI-powered tools aimed at improving the development and maintenance of Windows applications, built on WinUI 3 and the Windows App SDK, and available through a dedicated GitHub repository.

Winsage

May 28, 2026

Your Windows PC has a security deadline in June 2026

A Secure Boot certificate refresh is being deployed across supported Windows devices via Windows Update. The Secure Boot certificates from 2011 will begin to expire in June 2026, prompting Microsoft to introduce new 2023-dated certificates to maintain security. Most users will require minimal action if their PCs are updated, but older devices may face challenges. The current certificates include: - Microsoft Corporation KEK CA 2011: expires June 24, 2026 - Microsoft UEFI CA 2011: expires June 27, 2026 - Microsoft Windows Production PCA 2011: expires October 19, 2026 The new certificates will remain valid until 2038, with plans for post-quantum cryptography around 2030. While PCs using the 2011 certificates will continue to function, they will lose access to new security protections, making them vulnerable to emerging threats. A notable example of such a threat is the BlackLotus bootkit, which exploited vulnerabilities to bypass Secure Boot. Microsoft's rollout strategy involves a staged update process that typically takes around 48 hours and may require restarts. Users are advised to keep Windows updated and check their Secure Boot status. Known issues may arise for older PCs, systems that bypassed Windows 11 requirements, Legacy BIOS systems, and custom firmware configurations. IT teams managing devices should inventory their systems, monitor specific event IDs, test updates, and document devices that cannot be updated.

Winsage

May 27, 2026

Windows Users Targeted in New Phishing Campaign

Research from FortiGuard Labs has identified a phishing campaign that disguises itself as purchase orders, prompting recipients to open harmful attachments. The campaign begins with a phishing email containing a malicious JavaScript file. When executed, this JavaScript decrypts and runs a PowerShell script that uses process hollowing to inject a .NET downloader module into the trusted Windows process MsBuild.exe. This downloader connects to a remote command and control (C2) server to download and execute additional modules, allowing the attacker to alter the malware's behavior after the initial compromise. The campaign poses significant detection challenges for Windows users due to its use of multiple encryption layers, fileless execution techniques, and process hollowing strategies. Security experts emphasize the need for organizations to enhance their detection capabilities beyond traditional methods, focusing on identifying suspicious activity across various devices and applications. The phishing attack exploits social engineering tactics and blends malicious actions with legitimate administrative tools, complicating detection efforts. Additionally, the human element plays a crucial role in breaches, highlighting the importance of effective communication and collaboration between security teams and other departments to improve security awareness and behavior.