web Archives

Tech Optimizer

June 13, 2026

Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)

On June 10th, Splunk released an advisory for CVE-2026-20253, a high-severity vulnerability with a CVSS score of 9.8 that requires no authentication. The vulnerability is associated with the PostgreSQL Sidecar Service Endpoint and affects Splunk Enterprise versions 10 and above. In default installations, the service is not installed on Windows but is installed and enabled by default on AWS. The vulnerability allows unauthorized users to create and truncate arbitrary files through an API that lacks authentication controls. Additionally, it enables the execution of SQL commands via a backup and restore mechanism, potentially leading to remote code execution (RCE). A Detection Artefact Generator has been developed to help organizations assess their vulnerability to this issue.

Winsage

June 12, 2026

Hackers Use Fake Windows Update Installers to Deliver OnyxC2 Credential Stealer

OnyxC2 is a sophisticated credential stealer available for a subscription fee of 0 per month, distributed through disguised lures such as fake Windows updates and legitimate software installers. It functions as a commercial product with features like an automated payload builder, tiered licensing, and a centralized web dashboard. The malware boasts a 99% detection-evasion rate, successfully evading major antivirus solutions during tests. It is developed in C++, utilizing direct system calls and mutating with each build to avoid detection. OnyxC2 collects data from around 210 applications, targeting 45 web browsers, password managers, cryptocurrency wallets, and FTP clients. The malware is delivered using DLL sideloading, where a password-protected archive contains a legitimate application and a malicious DLL. The attacker's DLL is disguised by inflating its size and is loaded by a trusted binary. The malicious code remains encrypted on disk and decrypts in memory to evade analysis. OnyxC2 communicates with a Cloudflare-fronted command-and-control server to manage infected hosts and execute commands like hardware registration and cookie uploads. The threat extends to business environments, targeting FTP and email clients, with stolen session cookies allowing ongoing access to corporate infrastructure. Implementing anti-data exfiltration controls is recommended as a mitigation strategy.

AppWizard

June 12, 2026

Meta outage affecting Facebook, Instagram and Messenger, according to user reports

Users across multiple countries experienced difficulties accessing Meta platforms including Facebook, Instagram, and Messenger on Friday morning. Reports indicated widespread disruptions characterized by login failures, unexpected logouts, error messages, and incomplete page loads. Issues were reported from the United States, the Philippines, the United Kingdom, Canada, and Australia. The outage-tracking website IsDown noted a surge in user-reported issues by 9:42 a.m., classifying it as an outage, while Meta had not publicly acknowledged the extent of the disruption at that time. It is unclear if all of Meta's services, which also include WhatsApp and Threads, were affected by the outage.

AppWizard

June 12, 2026

Instagram, Facebook, and Messenger experience outage

Meta's suite of services, including Instagram, Facebook, and Messenger, is experiencing significant disruptions, with users reporting issues such as inability to refresh news feeds, challenges in viewing messages, and problems logging into accounts. Many users encounter error messages or find that the services do not load. Meta has not issued any official statement about the causes of the outage or when it might be resolved. Additionally, both Google and Meta are facing a setback in efforts to dismiss a lawsuit related to youth social media addiction.

AppWizard

June 12, 2026

Instagram and WhatsApp down: Websites not working amid widespread Meta outage

A significant outage has impacted Facebook, making its web services temporarily unavailable, while the web versions of WhatsApp and Instagram have also gone offline, though their mobile applications remain functional. All of Meta's applications are interconnected, so disruptions in one service can affect others.

Winsage

June 12, 2026

Microsoft just broke some custom folder icons, and it’s deliberate

Windows 11 users have reported that their custom folder icons have reverted to default settings due to new security protocols from Microsoft. If a desktop.ini file, which defines folder icons, is detected as coming from an untrusted source, Windows will automatically revert to the standard icon without notification. Microsoft has confirmed that 'untrusted' icons will no longer display, and identifies scenarios that classify a source as untrusted, including files downloaded from the internet with a Mark-of-the-Web (MOTW), files copied from certain remote locations, and files on unrecognized network paths. To restore customizations, users can add the source to their Trusted Sites list, enable the "Allow the use of remote paths in file shortcut icons" policy, or remove the Mark-of-the-Web tag from affected files.

AppWizard

June 12, 2026

Meta faces major outage as Facebook, Instagram and WhatsApp goes down for thousands of users globally

Meta's social media platforms—Facebook, Instagram, WhatsApp, and Messenger—are experiencing a significant outage affecting users primarily in India and the United States. Facebook saw peak outage reports of 109,365 in the US, with 56% of users reporting app issues, 27% facing login problems, and 10% having website access issues. In India, Facebook peaked at 1,093 reports, with 49% citing app problems, 30% login troubles, and 12% server connection issues. Instagram in India peaked at 8,582 reports, with 51% experiencing app issues, 36% login problems, and 7% server issues. In the US, Instagram peaked at 8,868, with 57% reporting app issues, 22% login challenges, and 11% server problems. Messenger in the US peaked at 15,403 reports, with 54% related to login problems and 31% to app issues, while in India, it had 91 reports. WhatsApp was less affected, peaking at 216 reports in India, with 37% reporting app issues and 32% login problems, and in the US, it peaked at 153. Meta has not provided a public statement on the disruption, and reports on Downdetector have started to decline.

Winsage

June 12, 2026

Still on Windows 10? This $13 upgrade to Windows 11 Pro offers better security, AI features, and more

Upgrade to Microsoft Windows 11 Pro for .97 (MSRP 9) until June 14. Windows 11 Pro features a redesigned interface, improved multitasking capabilities, enterprise-grade security functionalities like BitLocker encryption and Windows Hello, and includes Windows Copilot AI for task automation and assistance.

Winsage

June 11, 2026

“Not only viable but quite enjoyable”: I used Windows 11 with 8GB of RAM to see if it’s as bad as everyone says

Dell unveiled the XPS 13 at Computex, starting at 9 for students and ,199 for the general public. The device features a baseline configuration of 8GB of RAM and an Intel Core Series 3 chip with integrated LPDDR5x memory. The XPS 13 offers a memory bandwidth of 60GB/s, significantly higher than the 10.6GB/s of an older Windows 11 desktop with 8GB of single-channel DDR4 RAM. During testing, the XPS 13 handled multitasking well, with memory usage peaking at 7.2GB while running multiple applications and a 4K video stream. The laptop is set to launch on June 16, 2026.

Winsage

June 11, 2026

Major Microsoft Edge versions will now ship every two weeks: Microsoft confirms plans to ship new Edge features and changes twice a month

Microsoft has announced a new release schedule for its Edge web browser, transitioning to a two-week release cycle from the previous monthly schedule. This change aims to provide users with a more consistent flow of updates, delivering approximately half the amount of new content with each release. The updates will be smaller and more manageable, enhancing user experience and security.