attacks Archives

Tech Optimizer

June 21, 2026

Is Free Antivirus Safe in 2026? What Most Free Antivirus Apps Don’t Tell You

Some free antivirus software provides legitimate protection against malware, viruses, ransomware, trojans, and suspicious downloads, but not all are equal. Free antivirus programs often generate revenue through premium upgrades, advertising, partner promotions, data collection, or bundled software offers. Users may face upselling tactics, including pop-up notifications and upgrade prompts, which can create confusion between marketing messages and actual security threats. Many free antivirus apps collect data on websites visited, download activity, device information, and security events, raising privacy concerns. Devices often come with built-in antivirus protection, such as Microsoft Defender for Windows and XProtect for Mac, while smartphones have multiple layers of security. In 2026, the biggest cybersecurity risks are phishing attacks, fake websites, investment scams, account takeovers, social engineering attacks, and credential theft, rather than malware. Free antivirus software can create a false sense of security, leading users to believe they are safe from cyber threats. A reputable free antivirus may suffice for users who browse responsibly and maintain good online habits, while paid antivirus may be worth it for additional services like identity theft monitoring and VPNs. Not all free antivirus products offer the same level of protection, so users should choose reputable providers and scrutinize privacy policies.

AppWizard

June 20, 2026

Gungrave G.O.R.E. Blood Heat Looks to Refine a Solid Action-Game Foundation

Gungrave G.O.R.E: Bloodheat is a remaster/remake of the original Gungrave G.O.R.E, set to improve the player experience by revamping combat mechanics. The developers have made significant changes, such as reducing gun range to encourage close-quarters combat and enhancing melee experiences. IGGYMOB's acquisition of the Gungrave IP has allowed for closer collaboration with series creator Yasuhiro Nightow, who has influenced gameplay mechanics, including the removal of the BEAT system to promote diverse combat strategies. The game aims to create a more dynamic and engaging combat experience, moving away from monotonous gameplay loops. Early impressions indicate a more exhilarating experience compared to the original game.

TrendTechie

June 20, 2026

Выпуск qBittorrent 5.2.2

On May 15, 2026, qBittorrent version 5.2.2 was released. It is an open-source torrent client developed using the Qt toolkit, with source code available on GitHub under the GPLv2+ license. The software supports Linux, Windows, and macOS. The project started with version 4.0 in November 2017, followed by versions 5.0 in September 2024 and 5.1 in April 2025. The 5.2.2 update focuses on bug fixes and stability improvements, including D-Bus utilization for file display, header mismatch correction in Safari, magnet link sending issue fix, correct string identifier implementation for RSS Downloader, 64-bit binary installation on ARM64 systems, prevention of SSRF attacks, and mitigation of proxy interference in multi-threaded processing. Key features include an integrated search engine, RSS feed subscription, support for BEP extensions, remote management, sequential downloading, advanced torrent settings, bandwidth scheduling, IP filtering, torrent creation interface, and UPnP/NAT-PMP support.

Winsage

June 19, 2026

Microsoft finally admits its default Windows 11 25H2, 24H2 action broke key legacy component

Microsoft released Patch Tuesday updates for Windows 11, specifically KB5094126 and KB5093998, along with dynamic updates KB5094149, KB5095971, and KB5094156. Two issues have been acknowledged: malfunctioning Office applications and complications with the Recycle Bin. In July 2025, Microsoft changed the default settings of Windows 11 to JScript9Legacy in versions 24H2 and later, continuing with version 25H2 in October 2025. This change aimed to enhance security by addressing vulnerabilities related to legacy scripting, particularly cross-site scripting (XSS). A support article details a compatibility issue arising from the transition from jscript9.dll to jscript9legacy.dll, which affects how JScript manages execution context. Functions and definitions established by one script are no longer accessible to subsequent scripts, leading to failures in legacy applications. To address this, Microsoft released the KB5077241 update, which requires manual activation of persistent JScript execution context through a Registry setting. The steps to implement this solution involve creating a feature control registry key and configuring a DWORD value for specific processes or all processes.

Tech Optimizer

June 17, 2026

NordVPN celebrates record security scores, including 99.8% detection rate against “high-threat” malware

NordVPN has achieved the "highest possible" AAA rating from West Coast Labs for its protection suite, with a 99.8% detection rate against high-threat malware in real-world Windows 11 environments. It also secured a 96% detection rate with zero false positives in the AV-Comparatives Anti-Phishing test, making it the first VPN provider to earn a protection badge from AV-Comparatives. NordVPN has launched dedicated private VPN servers that offer dedicated hardware, a static IP address, and port forwarding for enhanced user control. Additionally, a recent survey by NordVPN involving over 20,000 participants across 20 countries revealed significant insights into global screen time habits.

BetaBeacon

June 17, 2026

Kings Do Not Fall – Coming Soon to Android on Google Play !

Players take control of King Alden in the game "Kings Do Not Fall" as he fights through six levels against monsters like goblins, orcs, and the undead. The game features classic arcade-inspired visuals, fast-paced side-scrolling combat, and the ability to unlock achievements and compete on a leaderboard.

Winsage

June 17, 2026

Windows and Linux users: The deadline to update Secure Boot keys is near

In 2012, a novel bootkit targeting Mac OS X systems emerged, infiltrating the EFI firmware. A basic bootkit for Windows 8 also appeared, compromising the UEFI bootkit. By 2013, a more sophisticated UEFI bootkit named Dreamboat was introduced for Windows. The first documented real-world UEFI attack occurred in 2018 with the malware LoJax, linked to a Kremlin-backed hacking group. In 2020, the second known UEFI malware, MosaicRegressor, was discovered, which verified the presence of a malicious file upon each reboot. New UEFI bootkits like ESpecter, FinSpy, and MoonBounce have since emerged. In response to the threat of UEFI bootkits, Microsoft collaborated with manufacturers to implement Secure Boot, a protocol that uses cryptographic signatures to ensure the integrity of firmware during startup.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

Tech Optimizer

June 17, 2026

Best antivirus software 2026: free and paid picks

Viruses and malware have become more sophisticated, with phishing emails, AI-generated scams, and deepfake videos posing significant threats. In 2025, Americans lost .9 billion to online scams, affecting even tech-savvy individuals. Built-in malware protections on devices have improved, but the need for additional antivirus software depends on individual usage and risk tolerance. Microsoft Defender, integrated into Windows 11, scored 18/18 on AV-Test and provides real-time protection against various threats. XProtect on Mac updates malware signatures but may miss newer threats, while iPhone users generally do not need antivirus software due to iOS's sandboxing. Android users face higher malware risks and should consider dedicated antivirus solutions. Paid antivirus solutions often include features like VPN services, password managers, identity theft monitoring, and multi-platform coverage, justifying their cost. Many antivirus providers offer steep discounts for the first year, followed by significant price increases upon renewal, so it's advisable to disable auto-renewal and seek new customer rates. Bitdefender Total Security is recommended for its malware detection and light system impact, while McAfee+ Premium offers unlimited device coverage for families. Norton 360 Deluxe provides a comprehensive feature bundle, and Microsoft Defender is the only recommended free antivirus, achieving a perfect score on AV-Test without intrusive ads or upsells.

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.