NewApp Digest
search bot

2024

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
BetaBeacon
May 6, 2026

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

- ScarCruft, also known as APT37 or Reaper, is a North Korean espionage group targeting government, military organizations, and companies in Asia. - BirdCall is a Windows backdoor attributed to ScarCruft, with spying capabilities such as taking screenshots and logging keystrokes. - The Android version of BirdCall collects contacts, SMS messages, call logs, and media files, and was actively developed over several months. - The BirdCall backdoor was discovered in a trojanized card game on a gaming platform tailored for ethnic Koreans living in Yanbian, China. - The attack was likely aimed at collecting information on individuals from the Yanbian region deemed of interest to the North Korean regime, such as refugees or defectors.
Windows 11 restarts several times after a recent update? Don't panic
Winsage
May 5, 2026

Windows 11 restarts several times after a recent update? Don’t panic

After the installation of the optional April 2026 update, users may experience multiple restarts of their PCs, which is normal due to the Secure Boot certificate refresh process. This behavior may also occur with future updates as Microsoft implements Secure Boot certificate refreshes. Windows updates typically require a single reboot, but significant feature updates or firmware and driver updates may necessitate two or three reboots. Many Windows devices manufactured before 2024 have outdated Secure Boot certificates that need updating, as these certificates will expire in June 2026. Microsoft began rolling out updated Secure Boot certificates in March, but this rollout is staggered. Users can check their PC's Secure Boot certificate status in Windows Security under "Device security." The status is indicated by colored icons: green (up to date), yellow (update pending), and red (action required). Older devices may face issues with the certificate refresh if they lack up-to-date firmware or compatible BIOS updates. If Windows reports an error, the device manufacturer is typically responsible for resolving it. Users should verify that Secure Boot certificates were installed correctly after updates to ensure continued secure booting beyond June.
Выпуск qBittorrent 5.2.0
TrendTechie
May 5, 2026

Выпуск qBittorrent 5.2.0

qBittorrent 5.2.0 was released on May 3, 2026, as an open-source torrent client developed with the Qt toolkit. It is available for Linux, Windows, and macOS, and its source code is on GitHub under the GPLv2+ license. The project started with version 4.0 in November 2017, followed by versions 5.0 in September 2024 and 5.1 in April 2025. Key features include an integrated search engine, RSS feed subscription, remote management, and advanced torrent settings. Version 5.2.0 includes enhancements such as an advanced tracker status filter, removal of subcategory restrictions, asynchronous block calculations, reduced resume times for paused downloads, configurable RSS feed refresh times, SOCKS4/SOCKS4a proxy support for the search engine, and various improvements to the web interface and user customization options. Support for builds with Qt 6.5 has been discontinued.
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
BetaBeacon
May 5, 2026

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft compromised a video game platform in a supply chain attack, trojanizing its components with a backdoor called BirdCall to target ethnic Koreans residing in China. The attack enabled the threat actors to target both Windows and Android devices, turning it into a multi-platform threat. The campaign targeted sqgame[.]net, a gaming platform used by ethnic Koreans in China, known as a transit point for North Korean defectors. BirdCall has features like screenshot capture, keystroke logging, and data gathering, and relies on legitimate cloud services for command-and-control. The Android variant collects various data and has seen active development.
ScarCruft hackers push BirdCall Android malware via game platform
BetaBeacon
May 5, 2026

ScarCruft hackers push BirdCall Android malware via game platform

APT37, also known as ScarCruft and Ricochet Chollima, has developed an Android version of the backdoor BirdCall, which serves as spyware in addition to a backdoor. The malware was delivered through a Chinese website that hosts games for Android, iOS, and Windows, targeting only Android and Windows systems. The Android variant of BirdCall has capabilities such as extracting IP geolocation information, collecting contact lists, call logs, SMS data, device information, taking screenshots, recording audio, and exfiltrating files. Users are advised to download software only from official marketplaces and trusted publisher sites to protect against malware infections.
North Koreans Spy on Defectors Via Android Game Apps
AppWizard
May 5, 2026

North Koreans Spy on Defectors Via Android Game Apps

A North Korean hacking group has targeted a digital gaming platform popular among the Korean ethnic enclave in China, using a sophisticated strategy to infiltrate Android applications. Researchers from Eset discovered that an app on the platform contained a backdoor known as BirdCall, linked to North Korea. The official website for the gaming platform hosted the same suspicious APK file. A second Android file associated with another game on the same site was also found to contain the BirdCall backdoor. This supply-chain attack was attributed to the threat actor ScarCruft (APT37), active in Asia and extending into Europe and the Middle East since late 2024. The hackers likely compromised the web server to recompile original APKs with the backdoor, which can collect sensitive information such as contacts, SMS messages, call logs, documents, media files, and private keys, and can take screenshots and record audio. The malware disguises its command and control traffic among regular internet traffic, primarily using Zoho WorkDrive for operations.
Valve Says 67.74% of Steam Users Are Now on Windows 11
Winsage
May 4, 2026

Valve Says 67.74% of Steam Users Are Now on Windows 11

67.74% of Steam users have transitioned to Windows 11 as of April 2026, with a month-over-month increase of 0.89 points. Windows 10 holds 25.63% of the market share, creating a gap of over 40 percentage points between the two operating systems. Windows 11's adoption on Steam has grown from 41.95% in December 2023 to 70.83% in December 2025. A notable drop in Windows 11 usage occurred in February 2026, but the April statistics indicate a recovery. The shift to Windows 11 is influencing developer decisions regarding DirectX 12 and optimizations for the operating system.
Mega Man DXtreme Is a Free Reimagining of the Game Boy Color Classic for PC
AppWizard
May 4, 2026

Mega Man DXtreme Is a Free Reimagining of the Game Boy Color Classic for PC

The CX2 Team has released a free reimagining of Mega Man Xtreme, titled Mega Man DXtreme, for PC. This version enhances the original game's narrative and gameplay, featuring improved controls, widescreen support, and a reworked array of weapons and bosses. Developed over five months using Construct 2, it includes an auto-save feature that activates after clearing a boss stage, allowing players to revisit stages and replay story events. Mega Man DXtreme is available for download, along with an announcement trailer. Other free Mega Man projects include a 16-bit demake demo of Mega Man X8 set for January 2024, a demo for Mega Man Perfect Blue, and Mega Man Maker, which allows players to create custom levels.
Search