Vigilance Archives

Winsage

May 15, 2026

For May, Patch Tuesday means 139 updates

Microsoft has released an extensive update for Azure Linux 3.0 and CBL Mariner 2.0, addressing 191 open-source Common Vulnerabilities and Exposures (CVEs) across various technologies, including the Linux kernel, Go runtime, Apache httpd, PHP, CoreDNS, Valkey, Ruby, GnuTLS, Apache Thrift, Node.js, Rust, Java implementations, Vim, Postfix, Expat, Nmap, Prometheus, KEDA, and PgBouncer. Additionally, Microsoft has fixed a critical vulnerability (CVE-2026-41103) in its Single Sign-On (SSO) Plugin for Jira and Confluence, which allows an attacker to forge a Microsoft Entra ID identity through a manipulated SAML response; however, patching this vulnerability is the responsibility of the users of Atlassian's platforms.

AppWizard

May 13, 2026

There’s a free life-size Minecraft map of the biggest suspension bridge in Japan, and it lets you live a day in the life of a bridge maintenance guy

The Honshu-Shikoku Bridge Expressway Company (HSBE) has launched a Minecraft world featuring a replica of Japan’s Akashi Kaikyo Bridge, the second longest suspension bridge in the world, created using approximately 530,000 blocks. This initiative serves as an educational tool for players to explore bridge infrastructure management through four stages: bridge girder, main tower, inspection walkway, and deck. Players can engage in tasks such as photographing abnormalities, clearing debris, and inspecting for deterioration using vehicles. The HSBE has made the map available for free download.

Winsage

May 10, 2026

Official JDownloader site served malware to Windows and Linux users between May 6 and May 7

Between May 6 and May 7, 2026, the official JDownloader website was compromised in a supply chain attack, leading to the distribution of malicious installers for Windows and Linux users. Attackers altered download links, redirecting users to harmful files, specifically targeting the Windows “Alternative Installer” and the Linux shell installer. A Reddit user reported the issue after Microsoft Defender flagged the installers as malicious, noting unusual developer names instead of the expected publisher, AppWork GmbH. JDownloader developers confirmed the breach and temporarily took down the website for investigation, revealing that an unpatched vulnerability in the content management system allowed the attackers to modify download pages. The genuine installer packages were not altered, and the malicious links were removed. The website was restored on May 8–9, 2026, with verified clean installer links. Indicators of compromise included specific hashes and compromised URLs related to the attack.

Winsage

May 6, 2026

New Trojan attacks Windows and steals data from smartphones via Phone Link

Cisco Talos experts have discovered a trojan that has been operational since at least January 2026, which installs the CloudZ RAT (Remote Access Tool) on Windows systems along with the Pheno plugin. The attack starts with an undisclosed initial access vector and involves executing a counterfeit SmartConnect update to deploy the CloudZ RAT. This RAT establishes an encrypted connection to its command and control (C2) server, allowing attackers to extract sensitive information. The CloudZ RAT assists in harvesting credentials from web browsers and downloads the Pheno plugin, which accesses Phone Link app data and transmits it to the C2 server. The Phone Link feature synchronizes critical data, including SMS messages with one-time passwords and account login details, which are the primary targets of the attackers.

Winsage

April 30, 2026

Windows AI Recall is pushing data destruction upstream

The introduction of Copilot+ PCs has created new complexities in IT asset disposition (ITAD), as these devices may contain a comprehensive, time-stamped archive of user activity, which was not present on corporate laptops two years ago. Microsoft's Recall feature captures user activity screenshots and stores them securely, but recent research by Alexander Hagenah suggests that the safeguards may be ineffective, as his tool can extract sensitive data without breaking encryption. Microsoft defends the security of Recall, stating that observed access patterns align with intended protections. This situation presents challenges for ITAD operators, as pre-collection now constitutes a data-destruction event, requiring devices to be powered down or purged before leaving the client’s environment. Certificates of sanitization must evolve to address the specific destruction of Recall snapshot stores, and conversations with clients should differentiate between managed and unmanaged fleets regarding Recall settings. The presence of Recall shifts some data-destruction responsibilities upstream to clients, complicating traditional ITAD value propositions.

AppWizard

April 30, 2026

Neverness to Everness tier list and best characters

Players in Neverness to Everness experience a gacha system that allows for mid and endgame progression without constant meta monitoring. Building a strong team of characters improves combat efficiency, with each character having unique roles and Esper types. The game features a tier list for character optimization, which includes: - S Tier: Daffodil, Fadia, Haniel, Nanally, Sakiri, Zero - A Tier: Baicang, Chiz - B Tier: Jiuyuan, Hathor, Adler - C Tier: Mint, Skia, Aurelia - D Tier: Edgar Daffodil, classified as S-Tier, is a burst DPS character with a Chaos Esper type and Liquid Arc weapon. She excels in diminishing the Break bar and is essential for activating Psyche, Incantation, and Discord Esper Cycle reactions. Daffodil benefits from quick character swaps and is currently the only Chaos character in the game. Additionally, Lacrimosa is being promoted as a DPS character with a Chaos Esper Cycle and Liquid Arc weapon, although her final role may change.

AppWizard

April 29, 2026

How to turn off Meta AI (Facebook, Instagram, and WhatsApp)

Meta AI has been integrated into Facebook, Instagram, WhatsApp, and Messenger, enhancing user experiences with features like search functionalities, chat interactions, and content generation. Users express a desire to limit their interactions with Meta AI due to concerns about transparency, privacy, and data security. The AI model is trained on diverse data sources, including public posts and user interactions, raising issues regarding data control. On WhatsApp, personal messages and calls are end-to-end encrypted, while Instagram may share past messages with Meta AI for context. Security vulnerabilities have been reported, including incidents of data mishandling. Currently, there is no comprehensive option to disable Meta AI across all platforms, but users can take steps to limit interactions, such as muting AI prompts and adjusting privacy settings. Users in the E.U. and U.K. can object to certain data uses under GDPR by submitting requests through their Meta accounts. To protect privacy, users are advised to opt out of AI training, limit personal data sharing, and use privacy tools like VPNs.

Winsage

April 26, 2026

Go straight to sell! Windows second-chance setup hawks Microsoft services at IT’s expense

Months after acquiring a laptop, users may encounter a prompt from Windows 11 stating, “You’re almost done setting up your PC.” This leads to a series of inquiries about adopting Microsoft’s recommended browser settings, linking a phone for SMS notifications, and acknowledging Office installation. Users may feel compelled to click through these prompts, which can include advertisements, such as for Xbox Game Pass Premium at .99 per month. This series of prompts is referred to as the Second Chance Out of Box Experience (SCOOBE), which can resurface due to Windows updates and may lead to unnecessary support calls and potential unauthorized subscriptions in organizational settings. Users can disable SCOOBE by adjusting settings in Windows or Group Policy, but ongoing vigilance is required due to the evolving nature of Microsoft’s software.

AppWizard

April 22, 2026

Australia’s online watchdog targets Roblox and Minecraft over extreme content

Australia's eSafety Commission has raised concerns about the exploitation of online gaming platforms like Roblox and Minecraft by predatory adults, prompting legal notices to gaming companies to clarify their strategies for combating harmful content. The commission emphasizes that many Australian children engage with these platforms, where predatory adults may use grooming tactics or embed violent narratives. Major gaming platforms are required to demonstrate their methods for identifying and eradicating online threats. Despite laws prohibiting teenagers under 16 from accessing social media, many Australian children still navigate these banned platforms. The commission highlights the urgency of addressing online safety challenges for children.

AppWizard

April 21, 2026

Ex-Escape From Tarkov devs will “ride the wave” of AI, but stress “the finishing touch must always come from a human hand”

Nomion Games was founded by Dmitri Ogorodnikov and German Terekhov, former contributors to Battlestate Games. They believe that "creative potential, accumulated experience, and ambition should not be put on hold." Their upcoming title, Rush is Real, will incorporate AI as a crucial tool in game development. Ogorodnikov views AI as essential, comparing it to a sculptor's chisel, and emphasizes its role in speeding up the ideation process. He acknowledges AI's ability to alleviate tedious tasks in game development but insists that final decisions must come from humans. He warns against over-reliance on AI, particularly in critical areas like level design and gameplay mechanics, to avoid losing creativity and identity. The gaming community has raised concerns about AI-generated content, and Ogorodnikov recognizes the need for vigilance in maintaining unique artistic vision while using AI to enhance efficiency.