breach Archives

AppWizard

June 20, 2026

Surprise, surprise, Minecraft players are already using mods to bypass Xbox’s new age restrictions

Xbox has implemented social restrictions for players in the UK who have not verified their age as over 18, in line with the UK's Online Safety Act (OSA). Players may receive a notification stating "chat is not allowed by account settings" due to this age verification requirement. Many Minecraft players on PC are using mods to bypass these restrictions. Following the OSA's introduction, VPN applications gained popularity, and a security breach last October exposed nearly 70,000 user ID photos from an age verification firm associated with Discord. The UK government plans to enforce stricter regulations for users under 16 starting next year, which may lead to increased efforts to take down mod solutions.

AppWizard

June 18, 2026

Don’t Kill Them All make you keep orc calm so orc not smash resources—big smart, neat game, like demo much

In the game Don't Kill Them All, players lead a band of orcs who must balance aggression with resource management. The gameplay involves managing the orcs' rage to avoid negative consequences while maintaining order. The game features a humorous narrative focused on the orcs' self-serving motives and has a charming art style. Despite its innovative concept, the player count is currently low, remaining in the double digits, which raises concerns about its visibility and marketing in the gaming landscape.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

AppWizard

June 15, 2026

Minecraft 26.2 Chaos Cubed Drops Tomorrow: Hardcore Exploit Closed, Vulkan Renderer Ships

Minecraft Java Edition 26.2, titled Chaos Cubed, will be released on June 16, 2026, featuring a new underground biome called sulfur caves, a unique mob named sulfur cube, and an experimental Vulkan graphics renderer. The sulfur caves introduce pale-yellow sulfur blocks and deep-red cinnabar, along with geysers that erupt every 50 seconds and sulfur spikes that can inflict damage. The sulfur cube is a passive mob that absorbs blocks, altering its behavior, and can transform into a mobile explosive when it absorbs TNT. The Vulkan renderer allows players to switch between OpenGL and Vulkan for improved performance, utilizing multiple CPU cores. A friends list feature will be added, enabling players to send friend requests and check online statuses, but peer-to-peer world hosting will not be included. Hardcore mode will now enforce permadeath by disabling certain options in the Open to LAN menu. The update also includes six new music tracks and the /unpublish command.

AppWizard

June 13, 2026

Dying Light 2 is a platform now, as the Breach update opens up Techland’s zombie survival game ‘even more to UGC content’

Techland has been enhancing Dying Light 2 since its launch in 2022, reworking the parkour system, introducing Volatiles, and improving combat mechanics. The game now features New Game+ and replayable bounties. The latest update, "The Breach," aims to enhance modding and user-generated content (UGC) capabilities, allowing players to create and share their own content. After completing the Prologue, players meet characters Tolga and Fatin, who provide tools for UGC experiences. Official mods include a third-person mode and a low-gravity mode, with community-created content like "The Atomborne" and "Dead Circuit." Dying Light 2 has a daily concurrent player count in the low thousands, which is respectable for a four-year-old single-player game but lower than other successful titles. The potential for a vibrant UGC community exists, especially as it may appeal to younger players compared to other platforms facing scrutiny.

Tech Optimizer

June 11, 2026

Avast One: Security and privacy suite under the microscope

Avast One is the flagship consumer security suite from Avast (Gen Digital), combining antivirus, firewall, VPN, and privacy utilities into a single subscription for Windows, macOS, Android, and iOS. It offers four primary areas: device security, online privacy, identity protection, and performance tools. Device security includes real-time antivirus, Web Shield, Mail Shield, and Ransomware Shield. The online privacy component features a full VPN service with bank-grade encryption and a no-logs policy. Identity protection includes data breach monitoring and, in some markets, credit monitoring. Performance tools assist with disk cleanup and system optimization. Avast One has three plan tiers: Avast One Essential (free), Avast One Individual (paid, supports multiple devices), and Avast One Family (paid, supports up to 30 devices). Pricing varies based on promotions, with Avast One Individual typically around per year and Avast One Family ranging from to 0 per year. The suite can be downloaded directly from Avast's website, with installers available for various platforms. Avast One includes automatic updates and is designed to operate lightly on modern hardware, with options to minimize system impact during scans. Customer support includes self-help documentation, community forums, and direct support for paying customers. Avast One aims to appeal to both non-technical users and power users, providing a user-friendly interface while allowing for advanced configurations. The product is positioned as a comprehensive solution for households looking to secure multiple devices with a single subscription.

AppWizard

June 10, 2026

France’s Government Messaging App Tchap Got Breached

On June 7, 2026, Tchap, the French government's encrypted messaging platform for civil servants, experienced a significant breach detected by ANSSI. The breach resulted from a compromised user account and involved the education shard of Tchap, specifically targeting matrix.agent.education.tchap.gouv.fr. Approximately 650,000 messages, data from over 73,000 accounts, and about 13.5GB of documents and media files were allegedly scraped. The attacker also claimed to have discovered hardcoded LDAP credentials leaked through a PowerShell script shared by a regional director of the French tax authority. DINUM, the French Digital Affairs Directorate, stated that private conversations on Tchap are end-to-end encrypted and that the compromised account has been blocked. They notified CNIL about the potential exposure of personal data and reminded users to avoid sharing sensitive information in public chat rooms. The breach follows a mandate from Prime Minister François Bayrou in August 2025 requiring all civil servants to use Tchap, increasing its attractiveness as a target for cyber threats. The investigation into the breach is ongoing.

AppWizard

June 10, 2026

Tchap Breach: France’s State Messenger Compromised

On June 7, an unauthorized individual accessed a user account on the Tchap messaging platform, which is used by France's government. The Digital and Numérique Agency (DINUM) identified and blocked the compromised account, but the breach raised significant security concerns. The attacker claimed to have accessed about 14GB of documents and data from public Tchap rooms, including sensitive information such as hardcoded LDAP credentials, email addresses, meeting links, and organizational details. It was revealed that public chatrooms on Tchap do not use end-to-end encryption, making shared information accessible to anyone logged into the account. The incident has implications for the credibility of government-developed secure communication tools.

Tech Optimizer

June 6, 2026

Hackers Use Fake Purchase Orders to Deploy JS.MonoGlyphRAT Targeting US Enterprises

Researchers have identified a new malware called JS.MonoGlyphRAT, which disguises itself as business documents to infiltrate corporate networks. It is primarily spread through phishing emails targeting various sectors in the U.S. and has been reported in countries like Germany, Sweden, and Australia. The malware is classified as "Unknown malware" on threat intelligence platforms, making traditional antivirus solutions ineffective. It establishes a persistent presence in the network by executing a JavaScript file and communicating with command-and-control (C2) servers over HTTP. Key indicators of compromise include unusual HTTP traffic, registry changes, and the execution of specific JavaScript files. The malware can download additional payloads and execute commands without leaving traces on disk. Indicators of compromise include specific IP addresses, URLs, file hashes, and registry keys associated with the malware's operation.

AppWizard

June 5, 2026

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

A vulnerability in several Microsoft 365 Android applications, identified as FlagLeft, was caused by a development flag left enabled in production builds, which disabled checks meant to restrict account-token sharing to trusted applications. This flaw affected applications such as Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop, and OneNote, allowing unauthorized apps to request and obtain user tokens without permission. Microsoft Teams was unaffected. The vulnerability was demonstrated by Enclave, allowing access to user emails through an unverified app. On May 12, Microsoft issued four CVEs for the affected applications, categorized under improper access control. The patched version of Word for Android is 16.0.19822.20190, and users are advised to update their applications. The patch does not invalidate already compromised tokens, so users should revoke these tokens and sign in again.