attacks Archives

Winsage

June 21, 2026

Microsoft reveals how to verify Windows 11’s Secure Boot update, what to do if your PC missed it

The expiration of Microsoft's Secure Boot 2011 certificates on June 24 will not prevent older Windows PCs from booting, as confirmed by Microsoft. Devices will continue to operate normally, but they will miss future boot-level security updates, including updates to the Windows Boot Manager and mitigations for newly identified vulnerabilities. The ability to receive the Secure Boot 2023 update depends on the device firmware's compatibility, with many manufacturers, including Dell, HP, Lenovo, and ASUS, having cutoffs for BIOS updates based on the device's End of Service Life. Older PCs using Legacy BIOS or Compatibility Support Module (CSM) mode do not utilize UEFI Secure Boot, making the update irrelevant. Users running Windows 11 on unsupported hardware may have Secure Boot disabled or improperly configured. Without the 2023 certificates, devices cannot receive future revocation updates to the Secure Boot DBX, which lists compromised bootloaders. Users on Windows 10 with supported OEMs may receive the update if a compatible BIOS is available, while those on older PCs without updates can continue using their devices but will lack future security updates. The Secure Boot status can be checked through the Windows Security app, with color-coded badges indicating the status of the certificates.

Tech Optimizer

June 21, 2026

Malware Has Gotten Smarter. Here’s How Your Antivirus Has, Too

Antivirus software is evolving from relying on static databases of known malware signatures to employing behavioral monitoring and machine learning for threat detection. Traditional antivirus solutions focused on recognizing known threats through unique signatures, but this approach has become inadequate due to the rapid evolution of malware, including polymorphic and metamorphic types. Modern antivirus systems now monitor program behavior, looking for suspicious activities such as unexpected file encryption or unusual network communication. Machine learning models analyze large datasets to identify patterns associated with malware, allowing for the classification of files as safe, potentially unwanted, or malicious. Techniques like sandboxing and dynamic analysis are used to preemptively neutralize threats. However, advancements in AI also present challenges, as cybercriminals can exploit these technologies to create sophisticated malware that evades detection. Despite improvements in antivirus effectiveness, modern cyberattacks increasingly target individuals through methods like phishing and social engineering, necessitating a combination of robust antivirus solutions and good cybersecurity practices.

Tech Optimizer

June 21, 2026

Is Free Antivirus Safe in 2026? What Most Free Antivirus Apps Don’t Tell You

Some free antivirus software provides legitimate protection against malware, viruses, ransomware, trojans, and suspicious downloads, but not all are equal. Free antivirus programs often generate revenue through premium upgrades, advertising, partner promotions, data collection, or bundled software offers. Users may face upselling tactics, including pop-up notifications and upgrade prompts, which can create confusion between marketing messages and actual security threats. Many free antivirus apps collect data on websites visited, download activity, device information, and security events, raising privacy concerns. Devices often come with built-in antivirus protection, such as Microsoft Defender for Windows and XProtect for Mac, while smartphones have multiple layers of security. In 2026, the biggest cybersecurity risks are phishing attacks, fake websites, investment scams, account takeovers, social engineering attacks, and credential theft, rather than malware. Free antivirus software can create a false sense of security, leading users to believe they are safe from cyber threats. A reputable free antivirus may suffice for users who browse responsibly and maintain good online habits, while paid antivirus may be worth it for additional services like identity theft monitoring and VPNs. Not all free antivirus products offer the same level of protection, so users should choose reputable providers and scrutinize privacy policies.

AppWizard

June 20, 2026

Gungrave G.O.R.E. Blood Heat Looks to Refine a Solid Action-Game Foundation

Gungrave G.O.R.E: Bloodheat is a remaster/remake of the original Gungrave G.O.R.E, set to improve the player experience by revamping combat mechanics. The developers have made significant changes, such as reducing gun range to encourage close-quarters combat and enhancing melee experiences. IGGYMOB's acquisition of the Gungrave IP has allowed for closer collaboration with series creator Yasuhiro Nightow, who has influenced gameplay mechanics, including the removal of the BEAT system to promote diverse combat strategies. The game aims to create a more dynamic and engaging combat experience, moving away from monotonous gameplay loops. Early impressions indicate a more exhilarating experience compared to the original game.

TrendTechie

June 20, 2026

Выпуск qBittorrent 5.2.2

On May 15, 2026, qBittorrent version 5.2.2 was released. It is an open-source torrent client developed using the Qt toolkit, with source code available on GitHub under the GPLv2+ license. The software supports Linux, Windows, and macOS. The project started with version 4.0 in November 2017, followed by versions 5.0 in September 2024 and 5.1 in April 2025. The 5.2.2 update focuses on bug fixes and stability improvements, including D-Bus utilization for file display, header mismatch correction in Safari, magnet link sending issue fix, correct string identifier implementation for RSS Downloader, 64-bit binary installation on ARM64 systems, prevention of SSRF attacks, and mitigation of proxy interference in multi-threaded processing. Key features include an integrated search engine, RSS feed subscription, support for BEP extensions, remote management, sequential downloading, advanced torrent settings, bandwidth scheduling, IP filtering, torrent creation interface, and UPnP/NAT-PMP support.

Winsage

June 19, 2026

Microsoft finally admits its default Windows 11 25H2, 24H2 action broke key legacy component

Microsoft released Patch Tuesday updates for Windows 11, specifically KB5094126 and KB5093998, along with dynamic updates KB5094149, KB5095971, and KB5094156. Two issues have been acknowledged: malfunctioning Office applications and complications with the Recycle Bin. In July 2025, Microsoft changed the default settings of Windows 11 to JScript9Legacy in versions 24H2 and later, continuing with version 25H2 in October 2025. This change aimed to enhance security by addressing vulnerabilities related to legacy scripting, particularly cross-site scripting (XSS). A support article details a compatibility issue arising from the transition from jscript9.dll to jscript9legacy.dll, which affects how JScript manages execution context. Functions and definitions established by one script are no longer accessible to subsequent scripts, leading to failures in legacy applications. To address this, Microsoft released the KB5077241 update, which requires manual activation of persistent JScript execution context through a Registry setting. The steps to implement this solution involve creating a feature control registry key and configuring a DWORD value for specific processes or all processes.

Tech Optimizer

June 17, 2026

NordVPN celebrates record security scores, including 99.8% detection rate against “high-threat” malware

NordVPN has achieved the "highest possible" AAA rating from West Coast Labs for its protection suite, with a 99.8% detection rate against high-threat malware in real-world Windows 11 environments. It also secured a 96% detection rate with zero false positives in the AV-Comparatives Anti-Phishing test, making it the first VPN provider to earn a protection badge from AV-Comparatives. NordVPN has launched dedicated private VPN servers that offer dedicated hardware, a static IP address, and port forwarding for enhanced user control. Additionally, a recent survey by NordVPN involving over 20,000 participants across 20 countries revealed significant insights into global screen time habits.

BetaBeacon

June 17, 2026

Kings Do Not Fall – Coming Soon to Android on Google Play !

Players take control of King Alden in the game "Kings Do Not Fall" as he fights through six levels against monsters like goblins, orcs, and the undead. The game features classic arcade-inspired visuals, fast-paced side-scrolling combat, and the ability to unlock achievements and compete on a leaderboard.

Winsage

June 17, 2026

Windows and Linux users: The deadline to update Secure Boot keys is near

In 2012, a novel bootkit targeting Mac OS X systems emerged, infiltrating the EFI firmware. A basic bootkit for Windows 8 also appeared, compromising the UEFI bootkit. By 2013, a more sophisticated UEFI bootkit named Dreamboat was introduced for Windows. The first documented real-world UEFI attack occurred in 2018 with the malware LoJax, linked to a Kremlin-backed hacking group. In 2020, the second known UEFI malware, MosaicRegressor, was discovered, which verified the presence of a malicious file upon each reboot. New UEFI bootkits like ESpecter, FinSpy, and MoonBounce have since emerged. In response to the threat of UEFI bootkits, Microsoft collaborated with manufacturers to implement Secure Boot, a protocol that uses cryptographic signatures to ensure the integrity of firmware during startup.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.