table Archives

AppWizard

May 24, 2026

LEGO Minecraft Steve’s Desert Expedtion 21251 Review

LEGO Minecraft set Steve’s Desert Expedition (set number 21251) was released in 2024 and consists of 75 pieces, aimed at ages six and above. The set features Steve building a temporary dwelling in a desert and defending it from a Phantom. It includes a new version of the Steve minifigure with a dark azure shirt and a medium lavender enchanted axe, which is exclusive to four sets. The set also introduces a baby camel, designed with a 1X1 tan tile for its nose and constructed from two 1X2 tan bricks. The Phantom, a character in Minecraft since 2017, has a build that allows for dynamic flying poses. Steve's campsite is built on a tan plate, includes a small water source, a cactus, and a crafting table, though the campfire design could be improved for realism.

AppWizard

May 22, 2026

Dying Light’s former director believes devs are obligated ‘to focus and listen to the players’ because as soon as a game’s released ‘it stops being only your game’

Tymon Smektała, who spent 13 years directing the game Dying Light, recently stepped down from his role. At the Digital Dragons Conference, he discussed the importance of player feedback, stating that a game evolves into a shared experience with numerous stakeholders after its release. He emphasized the need for developers to engage with their community and build relationships, while also cautioning that player feedback should not be viewed as absolute truth. Smektała acknowledged that while players may not always have the right solutions, their feelings are crucial indicators of a game's direction. He highlighted the importance of understanding player sentiment and maintaining a balance between creator intent and player experience.

Tech Optimizer

May 21, 2026

PostgreSQL Flaws Expose Databases to Remote Code Execution and SQL Injection

PostgreSQL has released versions 18.4, 17.10, 16.14, 15.18, and 14.23 to address 11 security vulnerabilities and over 60 bugs. The vulnerabilities affect PostgreSQL versions 14 through 18 and include issues such as remote code execution, SQL injection, and denial-of-service risks. Specific vulnerabilities include: - CVE-2026-6472: Missing authorization in CREATE TYPE allows query hijacking. - CVE-2026-6473: Integer wraparound leads to out-of-bounds writes and server crashes. - CVE-2026-6474: Format string issue leaks server memory. - CVE-2026-6475: Symlink attack allows overwriting arbitrary files. - CVE-2026-6476: SQL injection allows execution of arbitrary SQL as superuser. - CVE-2026-6477: Memory buffer overwrite via libpq lo_* functions. - CVE-2026-6478: Timing attack exposes MD5-hashed passwords. - CVE-2026-6479: SSL/GSS recursion flaw allows denial-of-service. - CVE-2026-6575: Buffer over-read leaks memory data (PostgreSQL 18 only). - CVE-2026-6637: Refint module enables stack overflow and SQL injection, leading to possible RCE. - CVE-2026-6638: SQL injection in REFRESH PUBLICATION via table names. Organizations are advised to upgrade to the latest versions, avoid MD5 password authentication, restrict privileges, audit extensions, and monitor for abnormal activity. PostgreSQL 14 will reach its end-of-life on November 12, 2026.

Tech Optimizer

May 20, 2026

Critical PostgreSQL Flaws Enable Code Execution and SQL Injection

On May 14, 2026, PostgreSQL released critical security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, addressing 11 Common Vulnerabilities and Exposures (CVEs) related to stack buffer overflows, SQL injection, memory disclosure, and denial-of-service vulnerabilities. The most critical vulnerability, CVE-2026-6637, has a CVSS score of 8.8 and allows remote, unprivileged database users to execute arbitrary code. Other notable vulnerabilities include CVE-2026-6473, which affects memory allocation leading to potential memory corruption, and CVE-2026-6475, which allows overwriting sensitive OS-level files. Additional vulnerabilities include SQL injection flaws and authentication issues, with various CVSS scores ranging from 3.7 to 7.5. The updates can be implemented without a database dump, and PostgreSQL 14 will reach its end-of-life on November 12, 2026.

Winsage

May 20, 2026

This tool lets you purge Windows 11 of all AI bloat features

Microsoft's Copilot chatbot is integrated into various Windows 11 applications, including the Edge browser, Photos app, and Paint software. Users can manage and disable unwanted AI components using the open-source program FlyOOBE, available for free on GitHub. To use FlyOOBE, users download a ZIP file, extract it, and run FlyOOBE.exe as an administrator. The program allows users to check the activation status of AI components and disable those they do not want by selecting them and confirming the changes. If FlyOOBE freezes, users can close the "Windows PowerShell" window to re-check components. FlyOOBE also offers features for removing bloatware. While it is free, donations to the developer, Builtbybel, are appreciated.

Tech Optimizer

May 19, 2026

Critical PostgreSQL Vulnerabilities Enables Code Execution and SQL Injections

The PostgreSQL Global Development Group has released security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, addressing 11 vulnerabilities, including critical issues related to arbitrary code execution and SQL injection flaws. All supported branches from 14 through 18 are affected by vulnerabilities, necessitating updates. Database administrators can perform in-place upgrades without needing a dump/restore. Key vulnerabilities include: - CVE-2026-6637: Stack buffer overflow in the refint module allowing arbitrary code execution. - CVE-2026-6472: Privilege bypass and arbitrary SQL execution. - CVE-2026-6473: Potential remote code execution and memory corruption. - CVE-2026-6474: Server memory information leak. - CVE-2026-6475: Arbitrary file overwrite vulnerability. - CVE-2026-6476: SQL injection with superuser execution. - CVE-2026-6477: Client-side code execution risk. - CVE-2026-6478: MD5 credential timing leak. - CVE-2026-6479: SSL/GSS denial-of-service flaw. - CVE-2026-6575: Limited memory disclosure issue. - CVE-2026-6638: SQL injection in logical replication. Organizations using PostgreSQL 14 should upgrade to version 14.23 and plan migration to a newer version before the end-of-life on November 12, 2026. The updates are urgent for deployments exposed to the internet or in multi-tenant environments.

AppWizard

May 19, 2026

Warren Spector’s Thick As Thieves encapsulates the joys of the heist, but I’m not convinced it’ll steal my attention long-term

In Elway Manor, a master thief uses the Vistara Diamond to detect guards and navigates security measures while executing a heist. The game, Thick As Thieves, is set in an alternate early 1900s Scottish city, Kilcairn, where players aim to join the Thieves' Guild. It features two launch maps with dynamic security layouts and three difficulty levels. Stealth mechanics are crucial, with players utilizing various gadgets from the Black Market. The game has shifted to a cooperative format, allowing players to team up. After about ten hours of gameplay, some repetition may occur, but the experience remains polished with quick load times and smooth performance. The game is priced modestly, promising future content from OtherSide Entertainment.

AppWizard

May 17, 2026

We Pick Minecraft’s 5 Best Updates Ever on Its 17th Anniversary

Minecraft has maintained its prominence for over 17 years due to a steady stream of updates that enhance gameplay and mechanics. Key updates include: - Minecraft 1.5 Redstone Update: Introduced components like hoppers, droppers, and redstone comparators, enabling automated systems for resource collection and item sorting, and introduced quartz blocks for architectural designs. - Minecraft 1.21 Tricky Trials: Released in 2024, this update focused on combat and replayability with Trial Chambers, introduced the Breeze enemy and the Minecraft Mace weapon, and added the Wind Burst enchantment for advanced Parkour maps. - Minecraft 1.14 Village and Pillage: Revitalized villages with unique architectural styles and specialized villager professions, introduced new workstation blocks, and added Pillagers and raid mechanics. - Minecraft 1.0 – Full Release: Marked the end of the beta phase, introduced brewing potions, enchanting, strongholds, and the End dimension, enhancing survival progression and gameplay experience. - Minecraft 1.16 Nether Update: Transformed the Nether dimension with new biomes like Crimson and Warped Forests, introduced Piglins for bartering, and shifted player focus towards acquiring Netherite gear. The Minecraft 1.16 Nether update is widely regarded as one of the best updates for its comprehensive transformation of the Nether dimension. The Elytra was introduced in Minecraft 1.9 Combat update, alongside End Cities and Shulkers.

AppWizard

May 17, 2026

It’s time for Garfield’s official Magic: The Gathering crossover now

The Magic: The Gathering franchise is releasing a "Cats are the Best" set, which includes 15 Garfield-themed cards in three drops of five cards each. The set reimagines classic cards like Swords to Plowshares and Counterspell with humorous Garfield-themed artwork. Collectors and players are encouraged to purchase these limited-run reprints from the Secret Lair website.

Winsage

May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher disclosed two new zero-day vulnerabilities affecting Microsoft systems: YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that operates as a backdoor within the Windows Recovery Environment, impacting Windows 11 and Windows Server 2022/2025. Exploiting YellowKey involves copying specially crafted files to a USB drive, connecting it to a Windows computer, and rebooting into WinRE. The researcher expressed skepticism about Microsoft's response time to this vulnerability, noting that using TPM+PIN does not mitigate the risk. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to obtain a shell with SYSTEM permissions through arbitrary section creation in Windows CTFMON. The proof-of-concept for this exploit is incomplete but indicates potential manipulation of trusted privileged services or drivers. Additionally, a related attack against BitLocker was detailed by French cybersecurity firm Intrinsec, which exploits a boot manager downgrade using CVE-2025-48804 to bypass encryption protections on fully patched Windows 11 systems. This method allows attackers to boot from a controlled WIM while the boot manager checks the legitimate one, executing with the decrypted BitLocker volume. Despite Microsoft releasing fixes for this defect in July 2025, a flaw in Secure Boot verification allows a vulnerable boot manager to bypass BitLocker safeguards. To mitigate these risks, enabling a BitLocker PIN at startup and migrating to a new boot manager certificate is recommended.