Alt+Tab Archives

Tech Optimizer

April 22, 2026

New STX RAT Uses Hidden Remote Desktop and Infostealer Features to Evade Detection

A newly identified remote access trojan, STX RAT, emerged in 2026, integrating hidden remote desktop access with credential theft features. The name "STX" comes from the Start of Text magic byte x02, which it appends to communications with its command-and-control (C2) server. Initial sightings were reported in late February 2026, when it was delivered via a browser-downloaded VBScript file to a financial organization. By early March, Malwarebytes noted a campaign distributing STX RAT through compromised FileZilla installers. Researchers from eSentire’s Threat Response Unit analyzed the malware, which includes extensive anti-analysis measures and employs techniques like AMSI-ghosting. Once operational, STX RAT connects to a C2 server at 95.216.51.236, transmitting system information securely. It targets saved credentials from applications like FileZilla and includes a Hidden Virtual Network Computing (HVNC) module, allowing attackers to control a victim's machine without detection. Security teams are advised to block the C2 IP and implement detection rules to mitigate the threat.

Winsage

April 6, 2026

ResokerRAT Hijacks Telegram API to Command Infected Windows PCs

A newly discovered Windows malware called ResokerRAT uses Telegram’s Bot API for its command-and-control operations, allowing it to monitor and manipulate infected systems without a conventional server. It obscures its communications by integrating with legitimate Telegram traffic, complicating detection. Upon execution, it creates a mutex to ensure only one instance runs and checks for debuggers to avoid analysis. It attempts to relaunch with elevated privileges and logs failures to its operator. ResokerRAT terminates known monitoring tools and installs a global keyboard hook to obstruct defensive key combinations. It operates through text-based commands sent via Telegram, allowing it to check processes, take screenshots, and modify system settings to evade detection. Persistence is achieved by adding itself to startup and altering UAC settings. The malware retrieves additional payloads from specified URLs and uses URL-encoded data for communication. Researchers have confirmed its Telegram traffic, and its behavior aligns with various MITRE ATT&CK techniques. Security teams are advised to monitor for unusual Telegram traffic and scrutinize registry keys related to startup and UAC.

Winsage

March 6, 2026

FRANK OS 1.0 Launches With a Retro Windows 95-Like Desktop

FRANK OS is a newly launched open-source graphical desktop operating system specifically designed for microcontrollers, with its first official version, 1.0, now available. It is built on FreeRTOS rather than the Linux kernel, optimized for the RP2350 microcontroller, which has approximately 520 KB of SRAM and dual CPU cores. The operating system features a desktop environment reminiscent of Windows 95, including overlapping windows, a taskbar, and a start-menu-style launcher. It supports standard desktop behaviors and allows users to switch between applications using an Alt+Tab-style interface. FRANK OS comes preloaded with nine lightweight applications, such as an interactive terminal, a C compiler, classic games, and a ZX Spectrum emulator. Programs can be compiled as ARM ELF binaries and loaded from an SD card. The system is aimed at hobbyists and experimental use.

Winsage

July 28, 2025

Microsoft confirms Windows 11 24H2 stability issues, affecting games, tests performance fixes

Microsoft has acknowledged stability issues with Windows 11 24H2, particularly after mandatory cumulative updates, leading to problems such as the Blue Screen of Death, installation errors (0x800f0922, 0x80070002, 0x80070306, 0x800f0991), unexpected reboots during gaming, taskbar freezes, misleading Windows Firewall Event 2042 warnings, and cursor lag during gaming sessions. Following updates in May 2025, users reported performance declines, including FPS drops in games like Fortnite and CS:GO, attributed to recent cumulative updates rather than GeForce drivers. Microsoft identified the root cause of these issues in update KB5062660, released on July 22, which addresses specific stability problems and introduces new features. A fix for these stability issues is expected in the August 2025 Patch Tuesday update on August 12, 2025, but KB5062660 is optional and requires manual download.

Winsage

December 27, 2024

Can you still enable classic Alt+Tab in Windows 11 24H2?

Microsoft has removed the classic Alt+Tab interface in Windows 11, particularly with the 24H2 update, and has made it impossible to restore this feature through registry tweaks or third-party applications. Users have attempted to create a DWORD value named AltTabSettings in the Windows Registry to revive the classic menu, but these efforts have been unsuccessful. The modern Alt+Tab layout introduced in the 22H2 update features larger icons and thumbnails, contrasting with the minimalist design of the classic interface. The removal of the classic Alt+Tab is viewed as a significant loss for users who appreciate retro-themed aesthetics in their operating system.