Day: April 17, 2026

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

April 17, 2026 by 5 Comments

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the 2024 bug, the authentication system could be tricked into passing a zero-length request to the authentication handler. In the modern vulnerability, the system can be tricked into removing a too-large authentication request and passing a zero-length request to the authentication handler.

In both cases, the authentication system may not properly handle the malformed request and allow creation of docker images with access to stored credentials and secrets.

Bugs like these are increasing in visibility because AI agents running in Docker, like OpenClaw, may be tricked via prompt injection into leveraging the vulnerability.

Windows CPU Tools Compromised

videocardz.com notes that the popular Windows monitoring software Cpu-Z and HWMonitor appear to have been compromised. Reports indicate that the download site was compromised, not the actual packages, but that it was redirecting update requests to packages including malware. While the site has been repaired, unfortunately it looks like there is no warning to users that the downloads were compromised for a period of time.

Anecdotally, there has been a rash of Discord account takeovers in the past week, where long-standing accounts in multiple servers have been compromised and turned into spambots. While there is no evidence these events are linked, clearly a new credential or authentication stealing malware is in play, which involves stealing credentials from Discord.

X.Org and XWayland Updated

The X.Org and XWayland servers saw security updates this week, fixing a handful of vulnerabilities involving uninitialized memory use, use-after-free, and reading beyond the end of a buffer.

The vulnerabilities are generally classified as “moderate”, but of course, don’t leave known vulnerabilities when you can avoid it! Fixed releases should find their way into distributions soon.

Continue reading “This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday”

Microsoft Finally Ups FAT32 Size Limit

April 17, 2026 by 38 Comments

You probably don’t spend a lot of time using the FAT32 file system anymore, since it’s thoroughly been superseded many times over. Even so, Microsoft has seen fit to deliver an upgrade for FAT32 for the latest Windows 11 Insider Preview build. Finally, the stock Windows tools will let you format a FAT32 drive up to 2 TB instead of locking you to a 32 GB maximum!

The size limit was never baked into the FAT32 spec itself. With a 32-bit field for counting sectors, the file system supports up to 2 TB volumes with 512-byte sectors. However, as explained by former Microsoft developer [Dave Plummer], it just so happened that the 32 GB limit came about because of a random decision made when slapping together the Format dialogue box over 30 years ago.

The pending change was first announced in 2024, affecting the command line format tool as well. It’s actually been possible to create larger FAT32 volumes for some time, you just couldn’t easily do it with Microsoft’s standard formatting tools.

FAT32 is still a terrible file system to use in 2026, mostly because it has a hard limit on file size that tops out at 4 GB. It’ll ruin your life if you’re shooting HD or 4K video. We often don’t spend a lot of time musing over file systems in detail, but they’re right at the heart of everything we do on our computers on a daily basis. Sometimes, it bears thinking about!

Game Cube Hot Tub Animation Brought Into Real World

April 17, 2026 by 2 Comments

Unlike the current era where most consumer electronics are black rectangles, or the early 90s where most consumer electronics were black rectangles, we got a brief glimmer of color, light, and hope in the 2000s. Cell phones had all kinds of shapes and sizes, laptops came in bright colors, and even video game consoles got in on the fun. The Nintendo GameCube not only featured its namesake shape but came in several vibrant colors, most famously a bright purple. In fact, its design was such a hit that it continues to inspire artists and console modders alike. An animator named [kidd.gorgeous] recently envisioned a GameCube as a hot tub, and [BigRig Creates] set out to make this animation a reality.

Of course, this won’t be a life-sized hot tub capable of holding a human, but [BigRig Creates] did want it to be a usable, playable Game Cube with all of the features from the animation present in the final version. Since the lid won’t be operational with a hot tub model on the top lest all of the water spill out every time a game is changed, he’s modified it with some modern tools to hold his games inside the console itself. With the case open he’s also added the LED accent lighting featured in the animation as well as added the 3D-printed hot tub to the top. The hot tub is filled with mineral oil for electronics safety, and has a small pump built in to give the appearance of a working hot tub.

The buttons around the outside are functional as well, toggling the various lighting features and hot tub operation. And of course, the console diorama is fully playable, with the staircase railing able to easily detach in order to access the leftmost controller ports. It’s a faithful adaptation of the original animation, and [BigRig Creates] has a few games on queue that are properly themed for the new hot tub addition like Wave Race 64, Super Mario Sunshine, and Pool Paradise.

Continue reading “Game Cube Hot Tub Animation Brought Into Real World”