warning Archives

Winsage

June 15, 2026

Microsoft released the Windows 11 Secure Boot update for all PCs, how to verify yours

Microsoft has expanded the rollout of the Secure Boot 2023 certificate update to more Windows 11 and Windows 10 devices with the June 2026 Patch Tuesday update (KB5094126). This update aims to ensure that most supported consumer PCs are classified as high confidence, meaning necessary certificates are either installed or will be applied automatically. Secure Boot is a firmware security feature that verifies the software attempting to load during the startup process, blocking unauthorized software. The certificates supporting Secure Boot, issued in 2011, are expiring in stages starting June 24, 2026, prompting Microsoft to deploy replacement certificates. Most home users do not need to take manual action as the updates will occur automatically via Windows Update. Users can check their Secure Boot certificate status in the Windows Security app. A yellow warning indicates pending compatibility data, while a red alert suggests a firmware incompatibility requiring a BIOS update. Multiple reboots during the update process are normal, and a new SecureBoot folder in Windows is for staging cryptographic files. Older PCs may experience longer update times, and some may not receive updates due to firmware issues. HP users should check for BIOS updates if encountering BitLocker recovery loops. IT administrators should monitor device classifications and manually initiate updates for devices not in the high confidence category. Devices with Secure Boot disabled cannot receive updates, leaving them vulnerable. The expiration of the Microsoft Corporation KEK CA 2011 certificate on June 24 does not immediately affect device functionality, but it limits Microsoft's ability to sign new bootkit blacklist updates.

AppWizard

June 14, 2026

This hand-embroidered medieval adventure game looks like a lovely, chill time—but I’m warning you, don’t be fooled by its pleasant exterior

Scarlet Deer Inn is a side-scrolling adventure platformer developed by Attu Games, featuring a unique "embroidered" art style with hand-painted backgrounds and character animations created using a sewing machine. The game reveals a darker and more complex storyline as players progress. The release date is set for July 17, and a demo is available on Steam for players to experience.

AppWizard

June 13, 2026

I’m sad, I’m angry, I’m interested: Destiny’s final cutscenes are a painful end to a new saga cut short

Destiny 2's latest update, Monuments of Triumph, concludes the decade-long Light and Darkness saga with The Final Shape and introduces a new narrative arc called the Fate saga, starting with The Edge of Fate. This update features hidden cutscenes that provide insights into the characters' journeys and the future of the game. One cutscene highlights Zavala reflecting on his journey and entrusting the future to Ikora, while the second cutscene presents Lodi in the Dark Forest, hinting at a confrontation between Dark and Light and introducing the Winnower, an extradimensional god. The update showcases improved cinematic quality and leaves players with a mix of intrigue and sadness, suggesting potential for future storytelling in the Destiny universe.

Tech Optimizer

June 12, 2026

Fake verification pages are stealing Steam accounts from players

Online gamers are being warned about a scam targeting Steam accounts through counterfeit FACEIT verification pages that look authentic. These fraudulent sites feature official branding and functional links, tricking users into entering their passwords. The scam is particularly aimed at FACEIT players, as it exploits the connection between FACEIT and Steam, where players link their accounts. The scam starts with a website mimicking an official FACEIT page, claiming to offer free identity verification. Scammers use lookalike URLs, such as faceit-discord.com and faceit-clubs-verify.com, to deceive users. The site may display subtle errors, like conflicting copyright dates, and encourages users to click a “Sign in through Steam” button, which leads to a fake login window designed to steal user credentials. To protect against this scam, users should verify the website address, be cautious of blurry QR codes, treat urgent messages as suspicious, navigate directly to official sites, and consider using tools like Malwarebytes Browser Guard. If users have already entered their details, they should change their Steam password, enable Steam Guard, and check for unauthorized activity. The scam's effectiveness lies in its convincing presentation and the use of Browser-in-the-Browser attacks, which manipulate the perceived address bar.

AppWizard

June 12, 2026

Android users need to uninstall these apps ASAP as they are a security risk

Google will soon notify Android users when an app they installed has lost developer support. Currently, users only receive alerts from Play Protect for significant security threats or potentially harmful apps. The only way to discover if an app has been delisted is through external sources or by trying to install it on a new device. Recent findings in the Play Store indicate that Google is preparing to inform users when apps have been removed from the Play Store and will no longer receive updates. Abandoned apps pose significant security risks, as they may contain vulnerabilities that can be exploited by malicious actors. Google's new notifications aim to encourage users to uninstall unsupported apps to protect their personal data.

Winsage

June 11, 2026

New Windows Zero-Day Exploit ‘RoguePlanet’ Released

A new zero-day exploit named RoguePlanet has been discovered targeting Microsoft’s Windows operating system, disclosed by security researcher Nightmare Eclipse. The exploit allows local privilege escalation (LPE) by exploiting a race condition in Microsoft Defender and can facilitate remote code execution (RCE) through deceptive .vhd(x) files. RoguePlanet may also bypass BitLocker encryption. The proof-of-concept has been tested on Windows 10 and Windows 11 systems but does not function on Windows Server, although the researcher believes all Windows Server versions are vulnerable. Following its release, RoguePlanet was confirmed by other researchers to spawn a command prompt with SYSTEM privileges on patched computers. This disclosure comes after Microsoft released patches for earlier exploits by Nightmare Eclipse, including GreenPlasma and YellowKey. The researcher has expressed dissatisfaction with Microsoft’s vulnerability disclosure process, alleging legal action against them and the suspension of their GitHub account, leading to the publication of RoguePlanet under a new account.

AppWizard

June 10, 2026

France’s Government Messaging App Tchap Got Breached

On June 7, 2026, Tchap, the French government's encrypted messaging platform for civil servants, experienced a significant breach detected by ANSSI. The breach resulted from a compromised user account and involved the education shard of Tchap, specifically targeting matrix.agent.education.tchap.gouv.fr. Approximately 650,000 messages, data from over 73,000 accounts, and about 13.5GB of documents and media files were allegedly scraped. The attacker also claimed to have discovered hardcoded LDAP credentials leaked through a PowerShell script shared by a regional director of the French tax authority. DINUM, the French Digital Affairs Directorate, stated that private conversations on Tchap are end-to-end encrypted and that the compromised account has been blocked. They notified CNIL about the potential exposure of personal data and reminded users to avoid sharing sensitive information in public chat rooms. The breach follows a mandate from Prime Minister François Bayrou in August 2025 requiring all civil servants to use Tchap, increasing its attractiveness as a target for cyber threats. The investigation into the breach is ongoing.

AppWizard

June 10, 2026

This useful sideloaded Android Auto app lets me watch YouTube, browse the web, and more

The exploration of sideloaded Android Auto applications has revealed features not available in Google's official offerings, with Fermata Auto being a notable all-in-one solution that combines local playback, YouTube access, web browsing, and screen mirroring. To use Fermata Auto, one must first install the Android Auto Apps Downloader (AAAD) and enable Developer Mode on their Android device. After installing AAAD, users can search for and download Fermata Auto. Upon installation, various components related to Fermata Auto may appear in the Android Auto launcher. Users may need to grant permissions for optimal functionality, and while the on-screen keyboard may lag, the app includes a bookmark feature for quick access to websites. Fermata Auto has been found to provide a reliable and efficient experience for in-car YouTube and web browsing, particularly when parked.

Winsage

June 9, 2026

Troubleshoot common Windows 11 Pro security alerts and what to do next

Windows 11 Pro includes a suite of security features under Windows Security, which continuously protects the PC. Common security alerts include: 1. "Turn on virus protection" or "Real-time protection is off" alerts: These occur after installing or removing a third-party antivirus. To restore protection, open Windows Security, select Turn on in the Virus & threat protection section, and confirm. 2. "Threat found" or "Threat found - action needed" alerts: Indicate that Windows Defender has detected a potential threat. To manage these, open Windows Security, navigate to Virus & threat protection, click on Protection history, select Threat blocked, and use the Actions dropdown to quarantine or allow the file. 3. "Threat quarantined" or "Threat blocked" alerts: A Threat quarantined alert means a file is isolated for review, while a Threat blocked alert indicates successful removal by Defender. Investigate how the threat entered the system. 4. SmartScreen alerts: SmartScreen protects against malicious websites and downloads. If a threat is identified, a red warning page appears. Users can report the site as safe or proceed at their own risk. Blocked downloads can be managed in Edge's Downloads menu. 5. "This app has been blocked" alerts: Smart App Control prevents the installation of untrusted applications. Disabling this feature should only be done if the application is deemed safe. Settings can be found under Windows Security > App & browser control > Smart App Control settings.

Tech Optimizer

June 9, 2026

Don’t get victimized by this updated version of the McAfee email scam

Cybercriminals are sending fraudulent McAfee renewal notices claiming users owe money for antivirus subscriptions they never purchased. These emails create a sense of urgency, warning that devices are unprotected or that charges will be processed automatically. The scams have become more sophisticated, using AI-generated emails and counterfeit invoices to appear credible. Although Microsoft is the most impersonated company, McAfee scams are on the rise, featuring messages about expiring or automatically renewed subscriptions costing hundreds of dollars. Victims are often misled into contacting scammers posing as customer-service agents, who may request sensitive information or control over their devices. McAfee advises customers to verify subscription status through their official website and not to respond to unsolicited emails. Warning signs of these scams include suspicious sender addresses, generic greetings, grammatical errors, unusually large charges, and urgent demands for action. The Federal Trade Commission warns consumers about tech-support and antivirus scams, urging them to report phishing emails and monitor accounts for unauthorized activity.