LastPass Hit by Third-Party Data Breach: What You Need to Know About the Klue Incident

Posted on by Martin Brinkmann

Anyone still using LastPass? If so, you need to be aware about a new security incident that has been confirmed by the company this week.

In the modern SaaS ecosystem, a digital fortress is only as secure as the side door left open for third-party vendors. Password management firm LastPass has disclosed a new data breach that involved the intelligence platform Klue.

According to an official incident report published on the LastPass blog, threat actors recently compromised Klue’s systems to steal OAuth tokens, granting them unauthorized access to LastPass’s Salesforce environment.

What the Attackers Obtained

The threat actors compromised Klue’s systems to steal OAuth tokens, which they then used to access LastPass’s Salesforce environment. The exposed data was limited to standard CRM and business contact information:

  • Customer names
  • Email addresses
  • Phone numbers
  • Physical addresses
  • Support case data
  • Sales-related data

What They Did NOT Obtain

The core architecture of LastPass remained unbreached. The attackers did not gain access to:

  • Customer Vaults: All stored passwords, secure notes, and saved data remained encrypted and secure
  • Master Passwords: Because of LastPass’s zero-knowledge architecture, master passwords are never known or stored by the company, and they were not exposed here.
  • Core Systems: LastPass products, services, and primary infrastructure were entirely unaffected

LastPass reveals that the information can be used for phishing attacks and other social engineering attempts. It recommends that “customers remain vigilant” and “exercise caution regarding unsolicited communications, including emails, phone calls, or requests for sensitive information.”.

For LastPass users suffering from breach fatigue, this latest headline likely induces a familiar sense of dread. However, when put into perspective, the Klue incident is a far cry from the devastating, back-to-back breaches of 2022, where threat actors successfully made off with encrypted customer vault backups and proprietary source code.

Still, while this is fundamentally a story about a third-party CRM leak rather than a critical product failure, the stolen contact information arms hackers with exactly what they need to launch highly convincing phishing campaigns.

System Restore Evolved: Windows 11 Point-in-Time Restore Hits General Availability

Posted on by Martin Brinkmann

Imagine if a bad driver update or a bad update completely trashed your PC setup, but you could instantly roll the entire machine back to exactly how it was yesterday—local user files and all—in just a few minutes.

That scenario required use of third-party backup solutions until now. On June 23, 2026, Microsoft announced the general availability of its new, built-in Point-in-Time Restore feature for Windows 11 PCs (versions 24H2 and later).

According to the official release on the Microsoft Windows IT Pro Blog, this native recovery tool automatically captures full-system snapshots every 24 hours, giving Home, Pro, and Enterprise users a safety net to bypass hours of painful troubleshooting when something breaks the PC.

How Point-in-Time Restore works

Point-in-Time Restore acts as a comprehensive safety net for your operating system. Operating quietly in the background, the feature automatically captures full-system snapshots on a recurring schedule—defaulting to every 24 hours—and saves them directly to local storage.

Using it, you can roll back the PC to a previous state in minutes, according to Microsoft. That is excellent when a driver, Windows update or corrupted application affects the machine.

While it sounds similar to the classic “System Restore” tool windows users have known for decades, Microsoft built this version from scratch for modern PC management. The key upgrades include:

  • Inclusion of User Files: Legacy System Restore intentionally ignored personal data. Point-in-Time Restore captures the exact state of your machine, including the Windows OS, system configurations, settings, installed applications, and your local user files.
  • Smart Storage Management: To avoid eating up your hard drive, it integrates directly with Windows’ “reserved storage” (space set aside for updates). It enforces strict cleanup policies and caps its default disk footprint at just 2% of your drive.
  • Native Integration: The interface is cleanly built into the modern Settings app (System > Recovery), making it accessible without digging into the legacy Control Panel.

Here is a table that Microsoft provided to compare it to System Restore:

 Point-in-time restore System Restore 
Restore points Automatic, configurable cadence; user files are included in restore pointEvent-triggered or manual only; user files are excluded from restore point
Reliability Strict retention and cleanup policies No retention limits 
User experience Integrated in system settings Limited to control panel 
Storage impact Minimizes storage impact by integrating with reserved storage* Higher impact to storage space 
Management Will support robust remote management capabilities Limited remote management capabilities 

Default Availability and Rules

The feature is turned on by default on unmanaged Windows 11 Home and Pro devices, provided that the primary drive partition is 200 GB or larger.

If disaster strikes and your PC won’t boot into the main desktop, the recovery process is designed to work securely inside the Windows Recovery Environment (Windows RE).

The feature has its shortcomings though, especially when compared to third-party backup solutions. For one, restore points are kept for up to 72 hours only. That is a big problem in some cases, as issues may occur after the period. There is seemingly no option to store a restore point indefinitely, While Enterprise admins may change the retention period, 72 hours appears to be the longest.

Means: while Point-in-time restore is easier to use and in some cases better than System Restore, it won’t replace traditional backup options due to its 72 hour retention period.

Microsoft is migrating OneDrive and Sharepoint to cloud.microsoft

Posted on by Martin Brinkmann

Microsoft announced plans back in 2023 to unify its cloud services under a single domain. The reason was simple: enhance security, streamline the user experience and simplify administrative tasks.

The process is ongoing and Microsoft announced recently that the next phase of the transition begins in July 2026. The plan is to migrate the OneDrive and SharePoint services, including their domains, to the cloud.microsoft domain. Microsoft hopes to complete the migration by June 2027.

According to Microsoft, the process happens automatically in the background. Users will be redirected to the new domain automatically. It can happen, however, that some users, even in the same organization or network, are redirected earlier than others.

To understand this shift, it helps to realize how fragmented Microsoft’s web address ecosystem has been. For years, users have had to hop between a massive web of completely different domains like office.com, teams.microsoft.com, sharepoint.com, and outlook.office365.com.

The core of this update is a massive cleanup effort. Microsoft is progressively moving all of its core 365 web apps into a single, unified home: *.cloud.microsoft.

Why is Microsoft doing this?

This isn’t just a cosmetic makeover. Moving everything under a single domain solves three major architectural headaches for Microsoft:

  • Better Security: Because Microsoft owns and directly runs the top-level domain .microsoft (unlike .com, which anyone can buy a variation of), it creates an incredibly secure sandbox. It makes phishing, domain spoofing, and “lookalike” malicious websites virtually impossible to pull off for these services.
  • Smoother Performance & Fewer Logins: Right now, as your browser hops from outlook.office.com to sharepoint.com, it constantly has to pass security tokens back and forth across different domains to keep you signed in. Consolidating into one domain cuts down on redirect loops, reduces “sign-in fatigue,” and speeds up app switching.
  • Easier IT Management: Network admins used to have to manage massive, ever-evolving lists of dozens of domains to let Microsoft 365 traffic through company firewalls. Now, they can eventually just whitelist *.cloud.microsoft.

For users, the most important information is that bookmarks and links are safe, and that redirects will happen automatically.

Microsoft confirms Windows 11 version 26H2 officially

Posted on by Martin Brinkmann

Who would have guessed? The next major feature update for Windows 11 is, drum roll, version 26H2. It is a continuation of Microsoft’s current strategy of releasing one major update for its Windows 11 operating system each year.

But what about Windows 11 version 26H1 you may ask? Did not Microsoft release it this year already? Yes and no, actually. While it is true that Microsoft did indeed release Windows 11 version 26h1, it was neither a full-blown feature update nor a widespread release.

First released on February 10, 2026, it was designed specifically to support new hardware. Originally designed for the Qualcomm Snapdragon X2 chip, it will also support Nvidia RTX Spark silicon.

The update is pre-installed exclusively on devices that are powered by these chips. There is no direct upgrade path for existing Windows systems that use hardware from Intel or AMD.

Windows 11, version 26H2 release information

The next feature update for Windows 11 will install as quickly as any other update, as it is based on the same servicing model as Windows 11 versions 24H2 and 25H2. This means, that it will install fast on any device that runs these versions of Windows 11.

The same is not true for older Windows 11 versions or upgrades from Windows 10. These will take longer to install and will require multiple restarts.

Interestingly enough, devices that run Windows 11, version 26H1 won’t receive the feature update. Microsoft will likely release version 27H1 for them in the first half of 2027.

Regarding support, Windows 11, version 26H2 is supported for 24 or 36 months, depending on the version:

  • 24 months of support for Home, Pro, Pro EDU, and Pro for Workstations editions
  • 36 months of support for Enterprise, Education, IoT Enterprise, and Enterprise Multi-session editions

As always, it is a good idea to skip the update in the beginning. The main reason are undiscovered bugs and issues. All previous Windows 11 feature updates had bugs and some of them were discovered after release. So, to reduce the risk of problems while installing the new version or running it on PC, it is recommended to wait.

The Gog Summer Sale is here making it a great time to catch-up on classic games

Posted on by Martin Brinkmann

PC gaming store Gog has started its Summer Sale a moment ago. It runs for the next 20 days and gives you access to more than 8,000 discounted games on the platform.

You may know that I prefer Gog over other digital games stores because of its stance on DRM, or more precisely, the lack of it. It is also not enforcing the use of its client and you can download all games for offline keeping and playing.

That is a refreshing stance in today’s connected world were most online stores try to hold your games hostage. If you lose your account or Internet, you are often not able to play the games until things are restored.

While Gog offers excellent games, some of the major publishers ignore it outright or push only classic games to the platform. Still, it is a great place, especially for classic computer games and independent games.

The best starting point for the sale is the main browser. While you can browse the 171 pages of games if you have a lot of time, I suggest you make use of the filters and options. Hiding DLC and extras may be a good start.

You can also set a price range, hide products that you own, or filter by genre, status, operating system, language and much more.

Gog says that games are discounted by up to 80 percent. If you sort by price, you find games starting as low as $0.29.

I list a few recommendations here usually. This time, I would like to list games that are on my list, that are likely very good, but that I have not played yet.

  • Deus Ex Bundle ($12.79) – Includes all four Deus Ex games. I have to admit that I never played the series, even though the early games were heralded as true masterpieces. The games are also available standalone.
  • The Zork Anthology ($3.89) – Never played the classic text-based adventure game series, but always wanted to give it a go. A refreshing contrast to the games of today.
  • Batsugun ($5.15) – I love shoot ’em up games. Batsugun is a classic Japanese that made waves on Sega’s Saturn console back in the days.
  • Metal Slug Tactics ($16.45) – A new game that is all about strategic decisions on small maps. Plays in the Metal Slug universe and you can pick between different characters and loadouts.

So, those are my recommendations. Maybe you have some more? Let me know in the comment section below.

Firefox 152 is out with JPEG XL support, new Settings layout, and much more

Posted on by Martin Brinkmann

Mozilla released Firefox 152 Stable a moment ago. The new version of the open source web browser includes security fixes as well as new features and changes. The two extended support versions, Firefox 140.12 ESR and 115.37.0 ESR for legacy systems have also been updated.

The big visual feature of Firefox 152 is the new Settings page. The goal of the redesign was to streamline the page, improve grouping and navigation. Mozilla says the change is visual only, meaning that user settings were not changed and that all settings remain available.

One effect that you may notice immediately is that the average number of preferences per page has been reduced. Means, less scrolling. You can still use the built-in search to find a preference quickly.

Here is an overview of other important features in the release:

  • Firefox supports JPEG XL now. The image format is not enabled by default, but you can enable it under Settings > Firefox Labs > Webpage Display > Media: JPEG XL: This adds support for the image format, so that the browser can render it.
  • Firefox Translations supports Basque and Galician now.
  • The languages Croatian, English (UK), Georgian, Persian, Slovenian, Tajik, Tamil, Tibetan, Turkish, Welsh, and Xhosa now come with a built-in dictionary for the Firefox spellchecker.
  • Context menu video controls are now available on sites like TikTok or Instagram. These were blocked on the sites previously.
  • Private browsing now supports temporarily disabling the protection on a specific site. The idea is to use this to display sites correctly in Firefox which would otherwise be broken because of the protective features. Whether that is indeed a good idea or giving sites an incentive to break functionality accidently remains to be seen.
  • Links can be copied via a right-click on a tab and the selection of Share > Copy Link on Linux and Windows now. This works, even when the site is not active. You can also copy multiple link paths when several sites are selected.

The official release notes list a few useful changes next to that:

  • Zooming in Firefox via the keyboard or mouse now offers “more zoom levels in smaller increments”.
  • Downloaded PDFs are opened in a background tab, if you close the original page or switched tabs.

Firefox 152 is a security update. Mozilla lists 40 fixed security issues on the security page. The severity is high, there is no critical fix and no 0-day issue that is already exploited in the wild. Still, it is highly recommended to upgrade as soon as possible to fix the security holes.

Most unmanaged Firefox installations will receive the new update automatically. You can download the update immediately either by opening Firefox and going to Menu > Help > About Firefox, or by downloading the latest version from the Mozilla website.

uBlock Origin extension bypasses no longer working in Chrome: your options

Posted on by Martin Brinkmann

We all knew that the time would eventually come. Google is removing bypasses in Chromium and Google Chrome that allowed users to run legacy extensions in the browser.

Google moved to a new extension rules system, called Manifest V3, which turned out to be a very controversial move. The company claimed that this was all for performance and security, but the change had the fortunate side effect that it would impact content blocker extensions more than any other extension type.

Google modified the rule set several times, which would have killed content blockers more or less in the beginning, and content blockers continue to be available.

However, Chrome users who have enabled bypasses to continue using these extensions will soon realize that they can’t anymore. The reason is simple: Google removed them.

This is not the end of content blocking in Chrome and other Chromium-based browsers. Here are the options that you have going forward:

  • Switch to a MV3 extension: Browser extensions such as uBlock Origin Lite are available. These continue to block ads in Chrome, but they lack some of the advanced features of the classic blocker.
  • Use a Chromium-based browser that continues to support MV3 extensions: Brave, Vivaldi and Opera all pledged to support MV2 extensions going forward. It remains to be seen whether this is going to be the case once the bypasses are removed.
  • Switch to Firefox: Firefox supports MV2 and MV3 extensions. You can install uBlock Origin in Firefox and get the best level of protection out of any version of the extension.
  • Use a browser with a built-in content blocker: Plenty of options, Brave, Opera or Vivaldi all come with the functionality.

Microsoft confirms issue with custom folder icons and localized folder names on Windows after June 2026 updates

Posted on by Martin Brinkmann

There are not many good reasons for being first when it comes to installing new updates for the Windows operating system. In fact, being second has the potential of avoiding the usual assortment of bugs that happen to be confirmed regularly after releases.

Take the June 2026 security updates as an example. Microsoft confirmed a new bug just days after releasing the update. It affects Windows 10 and Windows 11 systems that use custom folder icons or localized folder names that are defined by desktop.ini.

First spotted by Deskmodder, the issue is described on a new support page on Microsoft’s website:

After installing a Windows security update released on or after June 9, 2026, you might notice one or both of the following behaviors for some folders:

A custom folder icon defined by desktop.ini no longer appears.

A localized folder display name defined by desktop.ini no longer appears, and the folder shows its original name instead.

This behavior might occur even when the user has not changed an application or folder configuration. ​​​​​​

Microsoft notes that this behavior is expected, as it introduced a security hardening change that affects desktop.ini.

This new behavior is expected. Starting with the Windows security updates released on June 9, 2026, a security hardening change is introduced to desktop.ini handling. When Windows cannot establish that the source of a desktop.ini file is trusted, Windows ignores that file and treats it as if it is not present. However, desktop.ini files from trusted sources continue to work normally.

Microsoft did not first mention this change in the release notes, but has since then added the information.

When is desktop.ini not trusted? When it is downloaded from the Internet and carries the Mark-of-the-Web, copied from “certain” remote locations, or when “files on network paths are not classified as intranet or trusted by zone policy”.

Microsoft has a few workarounds for affected users.

Option 1: Add the source to Trusted Sites (Recommended)

If the affected content is stored on a known internal or managed source, add that source to the Trusted Sites list. Once the source is treated as trusted, Windows processes desktop.ini from that source normally. This keeps the protection in place for other locations and is the lower-risk option.

Option 2: Use policy to restore previous behavior

Organizations that need broader compatibility can enable the policy Allow the use of remote paths in file shortcut icons.Enabling this policy restores the pre-June 2026 behavior for affected remote or untrusted scenarios.

IMPORTANT Using a broad opt-out reduces protection against malicious remote folder-customization content. If you use a workaround, Microsoft recommends trusting only controlled internal sources and keeping trust settings as narrow as possible. ​​​​​​​

Option 3: Check for and remove the Mark of the Web (MotW)

If the desktop.ini file has a Mark of the Web (MotW), Windows may treat it as coming from an untrusted source and block customization. Verify whether MotW is present and, if appropriate, remove it from the desktop.ini file. This can restore expected behavior, but should only be done for trusted content, as it removes the associated security protection.

To remove the MotW tag, open PowerShell and run one of the following commands:

For a single desktop.ini file:

Unblock-File “C:\Your\Folder\Path\desktop.ini”

For all desktop.ini files in a folder:

Get-ChildItem “C:\Your\Folder\Path” -Recurse -Filter desktop.ini -Force | Unblock-File

Mozilla is giving away unlimited VPN bandwidth in Firefox

Posted on by Martin Brinkmann

Firefox VPN is a built-in browser proxy to browse anonymously in the open source browser. It is a free service that protects your device’s IP address by routing traffic through secure servers.

While not as powerful as standalone VPN services, which protect all activity on a device, it is a handy privacy feature nevertheless. Users should not confuse it with Mozilla VPN, which is a device-wide VPN service that is not free.

Mozilla increased the available bandwidth for free users to 50 gigabytes recently. That is a generous amount already. This week, the organization announced another, temporary, increase of the VPN bandwidth.

Bandwidth is unlimited until September 1, 2026, according to the blog post. So, if you really need a lot of bandwidth, for instance for massive downloads or media streams, then this should get you through the coming months without ever worrying about hitting bandwidth limits.

In addition, users may connect to more than 25 different exit regions when they use the browser VPN.

The full set of countries available during this summer period include: Australia, Austria, Belgium, Bulgaria, Canada, Chile, Colombia, Denmark, Finland, France, Germany, Ireland, Italy, Malaysia, Mexico, Netherlands, New Zealand, Portugal, Singapore, Spain, Sweden, Thailand, Norway, South Africa, United Kingdom and United States.

Firefox’s built-in VPN supports turning off the secure connection for specific sites. That’s useful in some cases, for example, when sites do not work properly while the VPN is active.

All in all, if you do not use a VPN service already, this one may be an option to upgrade your privacy on the Internet.

Google Chrome update fixes more than 70 vulnerabilities, including a zero-day

Posted on by Martin Brinkmann

If you run Google Chrome on your computer systems or mobile, then you better make sure that the latest update is installed. Google released a new security update for Google Chrome this week, and it fixes a whooping 74 unique vulnerabilities. Not even near the massive 429 security fixes of last week’s update, but still a sizeable number.

Google lists 17 critical security issues that got fixed in the update on the official release notes page. Even more pressing is one of the high-rated security issues is actively exploited in the wild. As always, Google does not reveal much about this:

Google is aware that an exploit for CVE-2026-11645 exists in the wild.

It is an out of bounds memory access in V8, the JavaScript engine of the Chrome browser. Specifics are not revealed at this stage. It is unclear, therefore, how attackers may exploit the issue and more importantly, how easy it is to exploit it.

Chrome users should upgrade the browser asap, especially if they use it actively on their devices. Even if it is installed only, I’d recommend upgrading it as soon as possible to protect it against the large number of potential attack vectors and issues.

Most non-managed devices should receive the update automatically, thanks to the built-in updating functionality of the web browser. You can speed up the process by selecting Help > About Chrome from the main menu. Windows users may also run winget upgrade google.chrome.exe from Terminal.

As far as versions are concerned, Chrome should display one of the following versions after the update has been installed.

  • Chrome 149.0.7827.102 Linux
  • Chrome 149.0.7827.102/.103 Windows/Mac
  • Chrome 149.0.7827.102 Android
  • Chrome Extended 148.0.7778.254 Windows/Mac