Feed aggregator

Fitness-Tracking Strava App Upgrades Its Strength Training Feature

CNET Feed - Thu, 05/21/2026 - 1:54pm
You can track your runs, rides and lifts all in one place. This is when you can expect the update.
Categories: CNET

Yagni

Hacker News - Thu, 05/21/2026 - 1:53pm
Categories: Hacker News

Microsoft Defender vulnerabilities are being exploited in the wild

Malware Bytes Security - Thu, 05/21/2026 - 1:36pm

Two Microsoft Defender vulnerabilities are being actively exploited in the wild.

On May 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added a notable set of actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The KEV catalog tracks vulnerabilities known to be exploited in the wild and sets patch deadlines for Federal Civilian Executive Branch (FCEB) agencies.

Five of the added vulnerabilities are quite old by vulnerability standards. Patches were released in 2008, 2009, and 2010. But the Microsoft Defender vulnerabilities are from this year. Those two are:

  • CVE‑2026‑41091 (CVSS score 7.8 out of 10): a Microsoft Defender elevation of privilege vulnerability. A local attacker who already has some access to a machine can abuse Defender to gain SYSTEM‑level permissions, effectively giving them full control over Windows.
  • CVE‑2026‑45498 (CVSS score 4.0 out of 10): a Microsoft Defender denial‑of‑service vulnerability. Here, an attacker can interfere with Defender in a way that disrupts its normal operation. If attackers can crash or disable your antivirus engine on demand, they can create a safer environment for their malware to run undetected.

You should take patching these vulnerabilities seriously if:

  • You rely on Microsoft Defender as your primary endpoint protection
  • You manage Windows systems in a business, school, or local government environment
  • You have shared machines, terminal servers, or any environment where multiple users log on to the same system

As you’d expect from us, we don’t advise relying on Windows Defender alone. There are better options available, and they are not mutually exclusive.

How to patch

Security products are software, and software has bugs. When those bugs end up in a list of known exploited vulnerabilities, ignoring them is like leaving your front door open because “the alarm will catch anyone coming in.” 

Make sure Windows Update is enabled and set to receive updates for Microsoft products. Defender platform updates are often delivered alongside regular cumulative updates.

Also check that recent Microsoft Defender security intelligence and platform updates are installed.

The first version of the Microsoft Defender Antimalware Platform with these vulnerabilities addressed is 4.18.26040.7.

You can usually find that version number in Windows Security:

  1. Open Start and search for Windows Security
  2. Go to Virus & threat protection
  3. Click Settings or the gear icon
  4. Open About

Even with auto-update enabled, I didn’t receive this patch immediately. Defender platform updates can lag behind definitions or only appear when a cumulative Windows update lands. Microsoft typically releases updates for the Microsoft Defender Antimalware Platform once a month, or as needed to protect against new threats. 

So, I’ll have to wait. Good thing I’m protected.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Categories: Malware Bytes

Defenders fall behind, as AI rewrites the rules of a data breach

Graham Cluely Security Blog - Thu, 05/21/2026 - 1:13pm
For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that's no longer the case. Read more in my article on the Fortra blog.
Categories: Graham Cluely

Show HN: Canonry tracks how AI cites you – agent-first, open source

Hacker News - Thu, 05/21/2026 - 1:09pm

Icouldn't find an open-source, agent-first way to monitor AI search results + traffic so I built Canonry out.

There are tons of nuances with AI web search but have gotten really good results using canonry locally as it can cross reference with GSC, GA to really get a holistic view on the search space.

Comments URL: https://news.ycombinator.com/item?id=48225978

Points: 1

# Comments: 0

Categories: Hacker News

Show HN: Online Sound Test

Hacker News - Thu, 05/21/2026 - 1:09pm

Article URL: https://soundtestx.com/

Comments URL: https://news.ycombinator.com/item?id=48225970

Points: 1

# Comments: 0

Categories: Hacker News

Pivoting Out of Healthcare

Hacker News - Thu, 05/21/2026 - 1:06pm

Article URL: https://saffron.health/

Comments URL: https://news.ycombinator.com/item?id=48225930

Points: 1

# Comments: 0

Categories: Hacker News

Show HN: My independent search engine focused on user control

Hacker News - Thu, 05/21/2026 - 1:05pm

I've always been frustrated with search engines. Google used to be the one I always used, but it's now completely overrun with ads and AI Overview. Alternatives like Mojeek, Marginalia, DuckDuckGo, or Startpage don't seem to give me the results I'm looking for.

What's even worse is that search engines like DuckDuckGo, Startpage, and Ecosia are using AI Overviews too. These features ARE optional, but I still felt annoyed that I had to opt out of everything.

This is why I created my search engine Slick. Slick is an independent search engine with its own index. It aims to be everything users want from a search engine, whether that's privacy, speed, transparency, or customization.

We aim to let users have full control over their search engine. Currently, we have implemented this using custom per-domain ranking (similar to Kagi) and custom bangs (DuckDuckGo bangs, but faster and with the ability to add your own).

For revenue, we WILL be using ads in the future, but we want to approach them differently. The ads are intentionally made very visible (bright yellow text, bigger font, etc) instead of using a tiny "sponsored" label. Ads will only be visible on the first page, and there is a maximum of 1 ad per page instead of Google's 1-4.

We are also experimenting with keeping the ads in the actual search results, and I would really like your feedback on this. Since the ads are very visible, instead of forcing them to the very top, we rank them similarly to normal results (with a slight boost so they stay on the first page). The idea is that if an ad is shown, it should at least already be relevant to your query.

Now I'm not going to make the mistake of claiming "privacy" like I did in my Reddit post. Not because Slick isn't private, but because it's not open source and users currently have no way to verify what we say. We want users to feel safe when searching, which is why we want to eventually invest into audits regularly once the project is in a more stable position.

I've only been listing good things about Slick so far, so now it's time for the issues Slick is currently facing for full transparency.

Slick's major issues right now are result quality and speed. When I say bad result quality, I don't mean bad ranking. I've made a detailed overview of Slick's ranking in our blog pasted below. The issue mainly comes from our small index. Since we're a completely independent search engine, we have to do all of the crawling ourselves. Our web index is currently only around 2.5 million documents, although it is slowly growing.

The second issue is speed. This is something we are actively working to fix, but we are heavily limited by infrastructure. Slick isn't running on a massive server, or even a good PC. We are currently running on a Beelink EQR5, which is suboptimal (suboptimal may be an understatement).

These are only the issues I've personally noticed so far, but there are probably many more.

I posted Slick on Reddit a while back, but I didn't get exactly what I was hoping for. A lot of people told me that if the search engine was truly private, they would need the source code. That's part of why I've decided not to lean too heavily into privacy claims on this HN post.

I would really like your ideas, critiques, bug reports, and feedback on Slick. We hope you can support our endeavour to build a search engine that puts users first.

Blog: https://blog.slicksearchhq.com

Search Engine: https://slicksearchhq.com

Reddit: https://reddit.com/r/SlickSearchHQ

Comments URL: https://news.ycombinator.com/item?id=48225919

Points: 1

# Comments: 0

Categories: Hacker News

An Upcoming MLS Match on Apple TV Will Be Shot Entirely on the iPhone 17 Pro

CNET Feed - Thu, 05/21/2026 - 1:05pm
It'll be the first live professional sporting event captured completely on iPhone devices, according to Apple.
Categories: CNET

I had to do therapy on my AI

Hacker News - Thu, 05/21/2026 - 1:02pm
Categories: Hacker News

Rust for Linux Live

Hacker News - Thu, 05/21/2026 - 1:01pm
Categories: Hacker News

Pages