security framework Archives

Winsage

June 13, 2026

Windows Server is getting new network safety capabilities with DNS over HTTPS

Microsoft has introduced DNS over HTTPS (DoH) on Windows Server 2025, enhancing network security by encrypting DNS traffic for client-to-server communications. This feature, previously available only in Windows client editions, is now part of Microsoft's Zero Trust architecture. DoH routes DNS traffic through HTTPS secured with TLS certificates, preventing eavesdropping and safeguarding DNS data from tampering. It adheres to the IETF DNS over HTTPS standard (RFC 8484) and can integrate with existing infrastructure, allowing organizations to maintain unencrypted DNS traffic if needed. DoH is available for Windows Server 2025 systems updated to the latest Patch Tuesday release, and Microsoft has provided guidance on enabling this feature. However, DNS traffic exchanged between two DNS servers will not be encrypted by DoH.

AppWizard

June 10, 2026

France’s Government Messaging App Tchap Got Breached

On June 7, 2026, Tchap, the French government's encrypted messaging platform for civil servants, experienced a significant breach detected by ANSSI. The breach resulted from a compromised user account and involved the education shard of Tchap, specifically targeting matrix.agent.education.tchap.gouv.fr. Approximately 650,000 messages, data from over 73,000 accounts, and about 13.5GB of documents and media files were allegedly scraped. The attacker also claimed to have discovered hardcoded LDAP credentials leaked through a PowerShell script shared by a regional director of the French tax authority. DINUM, the French Digital Affairs Directorate, stated that private conversations on Tchap are end-to-end encrypted and that the compromised account has been blocked. They notified CNIL about the potential exposure of personal data and reminded users to avoid sharing sensitive information in public chat rooms. The breach follows a mandate from Prime Minister François Bayrou in August 2025 requiring all civil servants to use Tchap, increasing its attractiveness as a target for cyber threats. The investigation into the breach is ongoing.

Winsage

June 3, 2026

Grep this: Microsoft grafts (most) Linux commands onto Windows

Microsoft has integrated over 75 Unix commands into Windows CMD and PowerShell through the introduction of coreutils, a multi-call binary file created in Rust. This includes commands like cat, ls, grep, and head, enhancing the command experience across various platforms. Grep is now available natively on Windows, allowing users to search through large files efficiently. Coreutils aims to provide memory safety and cross-platform compatibility, and can be downloaded via CMD WinGet. While some Linux commands overlap with existing Windows commands, coreutils simplifies the transition for users moving from Linux to Windows. Additionally, Microsoft is focusing on AI technologies and has introduced tools like OpenClaw and Microsoft Execution Containers to enhance developer capabilities.

Winsage

June 3, 2026

Build 2026: Furthering Windows as the trusted platform for development

Build is an annual event focused on connecting with the global developer community and sharing innovations. Feedback from developers emphasizes the need for a frictionless and adaptable platform for seamless development across various environments. Key announcements include: - Coreutils for Windows: A suite of Linux-like command line utilities available natively on Windows. - WSL containers: A forthcoming public preview feature for creating and interacting with Linux containers. - Windows Development Skills: Structured knowledge for building native Windows apps using WinUI3 and WinApp CLI, now generally available. - Intelligent Terminal: An experimental feature integrating context-aware intelligence into the terminal for improved debugging and task execution. - Windows Developer Configurations: A WinGet-powered setup for distraction-free development, now generally available. - Windows 365 with Developer Configuration: A pre-configured cloud-based development environment in public preview. For security, the announcements include: - Microsoft Execution Containers (MXC) SDK: A policy-driven execution layer for agent access and containment, available in early preview. - Agent 365 integration: Enhances security for agents with protections from Defender, Entra, Intune, and Purview, available in preview. - OpenClaw: Runs securely on Windows using MXC for easy installation of agent connections. - NVIDIA's OpenShell: A deployment package for autonomous agents on Windows, built on MXC. - Windows 365 for Agents: Secure Cloud PCs for executing enterprise workflows, now generally available. For AI capabilities: - Aion 1.0 Instruct: An on-device small language model for local workloads, available soon. - Expanded Windows AI APIs: Now accessible on more Windows 11 PCs, enhancing local AI capabilities. - Surface RTX Spark Dev Box: A device for developers featuring NVIDIA RTX Spark silicon for local AI workloads. - DGX Station for Windows: A powerful AI supercomputer for developing agents, coming in Q4. - Project Solara: A platform for agent-driven experiences, simplifying development across environments. - New Speech Recognition API: Real-time, on-device transcription capabilities. - Expansion of Windows AI APIs across GPUs and CPUs: Now available for broader hardware support. Windows is enhancing its security framework to reduce risks and ensure robust protection for applications.

Winsage

June 3, 2026

Microsoft (MS) has unveiled a blueprint to turn Windows into a key operating system for artificial i..

Microsoft is transforming Windows into an "AI operating system" that will enable AI agents to perform tasks traditionally managed by humans, such as sending emails and scheduling meetings. During the Build 2026 developer conference, Microsoft introduced 'Scout,' an AI secretary that autonomously manages tasks and integrates with a system called MSIQ for organizational workflows. CEO Satya Nadella emphasized the creation of a workspace for AI agents within Windows, supported by a security framework called "MXC" to ensure controlled operation. Each AI agent will have a unique identity for accountability. Microsoft also unveiled seven proprietary AI models, including "MAI-Thinking-1," and a semiconductor called 'Maia 200,' which outperforms Nvidia's chips. Additionally, Microsoft is developing 'Project Solara,' a prototype for dedicated devices to facilitate AI interactions.

Winsage

June 1, 2026

Nvidia’s RTX Spark could caplitalize where Qualcomm’s Arm-based efforts have not — following the expiration of Qualcomm’s Windows on Arm deal, Nvidia stands poised to pick up the slack

Nvidia unveiled its RTX Spark superchip on May 31st, combining a 20-core Arm-based Grace CPU with a Blackwell RTX GPU, marking its entry into the Windows PC market. The chip features up to 128GB of unified memory, 1 petaflop of AI compute capability, and 6,144 CUDA cores. It will debut in laptops and compact desktops from manufacturers like ASUS, Dell, HP, Lenovo, Microsoft Surface, and MSI, with Acer and GIGABYTE expected to follow. Microsoft collaborated with Nvidia to develop new Windows security features for on-device AI agents. The RTX Spark, previously known as N1X, has been in development for three years, with initial reports in 2023 and delays attributed to advancements in Arm technology and notebook demand. Microsoft's Windows on Arm initiative, previously exclusive to Qualcomm, has opened opportunities for MediaTek, Nvidia, and AMD. The RTX Spark aims to enhance local AI applications, with Adobe reengineering its software for the platform and over 100 software vendors supporting it. However, challenges remain, including reliance on x86 emulation and delays in the next-generation Windows on Arm platform. Pricing details are scarce, but the RTX Spark is expected to be positioned at a premium price point.

AppWizard

May 25, 2026

Over 200 Fake Android Apps Are Quietly Stealing Money From Phone Bills

Zimperium identified a sophisticated malware campaign that exploited nearly 250 Android applications, posing as popular games and social media platforms. The malware ensnared users into premium subscription services without consent, using techniques like JavaScript injection and interception of one-time passwords. The campaign primarily targeted users in Malaysia, Romania, Thailand, and Croatia, with the malware capable of reading SIM cards and activating for specific mobile carriers. Zimperium first detected the scam in March 2025 and monitored it until at least January 2026. Google stated that none of the compromised applications were available on its app store and emphasized that Android users are protected by Google Play Protect. The hackers deployed three malware variants, with the first using an automated subscription engine, the second targeting users in Thailand with premium SMS messages, and the third combining SMS fraud with real-time notifications to attackers via Telegram. The campaign primarily affected Malaysian SIM card users, with significant activity also in Thailand and Romania. Despite the campaign's last known activity in January, parts of its infrastructure remain operational. The attacks highlight vulnerabilities in application security and the challenges of policing app downloads from third-party marketplaces.

Tech Optimizer

May 22, 2026

What the Tech: Phone antivirus apps |Helpful protection or a scam?

Most individuals do not require antivirus apps on their smartphones, as the primary threats have shifted from traditional viruses to scams and deceptive practices. iPhones utilize app isolation, making them less susceptible to conventional viruses but vulnerable to scams like phishing and fraudulent messages. Android phones allow sideloading, increasing the risk of malware from unofficial sources. The main threats include phishing texts, fake login pages, scam calls, reused passwords, and social engineering tactics. To enhance security, users should keep their phones updated, use strong passwords, enable two-factor authentication, avoid suspicious links, and refrain from installing apps from unknown sources. Antivirus apps may be helpful in specific situations, such as frequent link tapping or downloading files from unfamiliar websites, with reputable companies offering mobile security solutions focused on scam detection and account safety.

Winsage

May 19, 2026

Introducing new Surface devices built for business and AI acceleration

IT leaders face challenges from the rise of artificial intelligence, sophisticated security threats, and scrutiny over investment decisions regarding PC fleets. Microsoft has introduced the Surface line to address these demands, integrating advanced silicon and software for enhanced security and AI capabilities. The new Surface Pro for Business and Surface Laptop for Business, powered by Intel Core Ultra Series 3 processors, offer significant performance improvements, including up to 35% better graphics than the MacBook Air with M5 and over 90% faster than the Laptop 5 on select configurations. The Surface Laptop for Business is available in 13-inch and 15-inch models, starting at 9.99, featuring a high-resolution touchscreen, advanced haptic touchpad, and up to 23 hours of battery life. The 13-inch Surface Pro for Business, also starting at 9.99, combines multiple input methods with on-device AI processing. All Surface devices are designed with security as a core principle, shipping as Secured-core PCs, and include an optional integrated privacy screen. They support AI applications both in the cloud and on-device, enhancing productivity. Devices can be managed through Microsoft Intune for operational efficiency. The new Surface devices are made from recycled materials, designed for energy efficiency, and certified by ENERGY STAR.

AppWizard

May 4, 2026

Google’s got a new tool for making sure your phone is running the Android apps it should

Google is expanding its Binary Transparency initiative, originally focused on verifying Pixel firmware, to include its Android applications and Mainline updates. This initiative aims to enhance user trust by providing a publicly auditable record of all official app and Mainline updates, ensuring that only certified Google-approved releases are documented. The updated system began implementation in May, allowing users to track every officially published Google Android app and Mainline module.