bypass Archives

Winsage

May 2, 2026

Windows finally fixed File Explorer’s most annoying quirk, and it only took 20 years

Windows 11's latest builds (26100.8313 and 26200.8313) have improved folder view consistency in File Explorer, ensuring that user-configured settings persist regardless of how a folder is accessed. This update eliminates the need for registry tweaks. Additionally, the updates enhance File Explorer's speed and performance, resolve a white flash issue in dark mode, introduce a "preview anyway" button for the preview pane, and add support for four new archive formats. These changes are currently available in the Release Preview channel and will soon be rolled out to regular users.

AppWizard

May 2, 2026

Microsoft is reportedly fixing Windows 11 to take on the Steam Machine, but here’s what else it needs to do

Microsoft is launching the Windows K2 initiative to improve the performance and reliability of Windows 11, aiming to compete with alternatives like SteamOS. The initiative focuses on addressing key complaints such as overreliance on AI, poor performance, and unreliability. It emphasizes quality over speed in updates, promotes community engagement through Windows Insider meetups, and sets ambitious goals including enhancing File Explorer performance, improving file search, eliminating ads from the Start Menu, and restoring taskbar functionality. Microsoft aims to achieve performance parity with SteamOS within two years and has already demonstrated potential improvements with a specialized gaming version of Windows. Additionally, Microsoft is encouraged to simplify account setup and reduce prompts for Office 365, CoPilot, and OneDrive to enhance user experience.

AppWizard

May 1, 2026

007 First Light perfectly balances cinematic Bond action with Hitman’s signature sandbox freedom

The game "007 First Light" features a balance between open-world exploration and linear action, successfully merging Bond-style storytelling with gameplay mechanics. Players experience three distinct levels, including a narrative introduction, an MI6 training arena, and a museum setting that encourages strategic gameplay. The museum level allows for various approaches to objectives, such as stealth and impersonation. Combat mechanics differ from the Hitman series, with Bond engaging in stylish confrontations rather than relying solely on stealth. Players can utilize gadgets, including a laser watch, which require resource management. The game boasts impressive visuals and character portrayal, with a focus on realism and immersion. The developers aim to appeal to a broad audience of Bond fans, ensuring an engaging experience.

Tech Optimizer

May 1, 2026

Backstage Ditches Postgres for Databricks Lakebase

The divide between operational and analytical databases is diminishing, as evidenced by Databricks integrating Spotify's Backstage with its Lakebase, transitioning from PostgreSQL to a unified data platform. Lakebase now offers a serverless PostgreSQL interface within Databricks, allowing Backstage to operate without awareness of the underlying changes. The integration involved updating configurations and addressing authentication challenges using OAuth JWTs. The integration transforms the database development lifecycle by enabling near-instant database branching through Lakebase's copy-on-write architecture, allowing developers to focus on testing changes rather than safety. Branching creates a pointer to existing data, making the operation instantaneous. Point-in-Time Recovery (PITR) allows for quick restoration of data, demonstrated by a recovery process that took less than four seconds. The goal is to integrate database branching into developer workflows seamlessly, making it automatic. This change could enhance developer productivity by allowing live data testing from the start, eliminating the need for mock objects, and resolving common issues related to staging environments. The traditional constraints of slow and costly database copies will become obsolete, prompting teams to reconsider how much time they spend on workarounds for now-nonexistent constraints.

AppWizard

April 30, 2026

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A Brazilian cybercriminal group known as LofyGang has re-emerged after three years, targeting Minecraft players with malware called LofyStealer, also known as GrabBot. This malware is disguised as a Minecraft hack named 'Slinky' and uses the official game icon to attract young users. The group has been active since late 2021 and previously leaked thousands of Minecraft accounts. The attack begins with the 'Slinky' hack, which deploys LofyStealer (identified as "chromelevator.exe") to harvest sensitive information from web browsers, including cookies, passwords, and credit card information, sending this data to a command-and-control server. ZenoX reports a shift in LofyGang's tactics from JavaScript supply chain attacks to a malware-as-a-service model, offering both free and premium tiers. Cybercriminals are increasingly exploiting trusted platforms like GitHub to distribute malware through bogus repositories and various deceptive tactics, including fake security alerts and counterfeit accounts. This trend highlights a strategy focused on volume targeting rather than precision, prompting cybersecurity experts to prioritize threats from GitHub-hosted downloads that appear legitimate.

AppWizard

April 30, 2026

Minecraft Players Targeted by LofyStealer Using Node.js Loader and In-Memory Browser Injection

A new infostealer malware called LofyStealer is targeting the gaming community, particularly Minecraft players, by disguising itself as a cheat tool named “Slinky.” It employs a two-stage attack to extract sensitive information from eight major web browsers, including Chrome and Firefox, while evading detection by security software. The malware siphons off cookies, saved passwords, payment card information, and session tokens. Researchers at Zenox.ai identified LofyStealer, linking it to the Brazilian cybercrime group LofyGang, which has been active since October 2022. The malware uses social engineering tactics to appear legitimate and operates as a Malware-as-a-Service platform, offering both Free and Premium tiers to buyers. Its technical sophistication is evident in its method of in-memory browser injection, which allows it to bypass security defenses. The stolen data is compressed and sent to a command-and-control server. Users are advised to avoid downloading unofficial game mods and enable multi-factor authentication to reduce the risk of credential theft. Security teams should monitor for specific behavioral indicators related to the malware's operations.

Winsage

April 30, 2026

CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)

Attackers are exploiting CVE-2026-32202, a zero-click vulnerability in Windows Shell, allowing authentication of victims' systems without user interaction. This vulnerability stems from an incomplete patch for CVE-2026-21510 and has been used by the APT28 group with weaponized LNK files to bypass Windows security. Although Microsoft addressed these vulnerabilities in February 2026, the risk remains as opening a folder with a malicious LNK file can still connect victims' machines to the attacker's server, initiating an NTLM authentication handshake that exposes the victim’s Net-NTLMv2 hash. This affects various versions of Windows 10, 11, and Windows Server. Microsoft released a patch for CVE-2026-32202 on April 14, 2026, but did not label it as actively exploited until more than two weeks later, leaving security teams unaware of its urgency. Organizations are advised to apply the patch and consider blocking outbound SMB traffic to mitigate risks.

Winsage

April 29, 2026

5 ways your Windows updates are about to get a lot less painful

Microsoft is implementing changes to the Windows Update process in Windows 11 to address user frustrations. Key updates include: 1. Users can delay updates indefinitely by selecting specific end dates for pauses, extending up to 35 days at a time. 2. The Power menu will now include options for "Update and shut down" and "Update and restart," giving users more control over when updates are finalized. 3. Microsoft is consolidating updates to reduce the number of restarts to one per month. 4. Users will no longer be forced to install updates during the setup of a new Windows PC, allowing updates to occur in the background. 5. Microsoft will provide more detailed information on updates, particularly for driver updates, by clarifying the device class in the titles. These changes are expected to be tested in the Windows Insider program before being released to the general public.

AppWizard

April 29, 2026

Are you still using Sign in with Google? Here’s why you should stop

Relying on a single Google account for access to various services poses significant vulnerabilities, including the risk of account lockout due to forgotten credentials, phishing attacks, or arbitrary bans. This centralized approach can lead to loss of access to critical data and services. Sophisticated phishing techniques, such as Adversary-in-the-Middle (AiTM) attacks, can compromise account security by mimicking legitimate login screens. Additionally, linking multiple services through a Google account contributes to a comprehensive digital footprint that Google can analyze, raising privacy concerns. To enhance digital security, users are advised to create standalone accounts for various services and utilize password managers like KeePass, Bitwarden, and 1Password to maintain unique credentials.

AppWizard

April 29, 2026

Denuvo has been cracked in all single-player games it previously protected — 2K Games and Denuvo reportedly retaliate with mandatory 14-day online checks

The skull-and-bones community has declared that there are no games utilizing Denuvo that remain uncracked or bypassed. The MKDev collective and DenuvOwO developed a hypervisor-based bypass (HVB) in late 2025, which intercepts Denuvo's verification checks. The cracker voices38 successfully removed Denuvo from several titles, including Resident Evil: Requiem. Denuvo has since implemented a 14-day mandatory online check for certain games, complicating the HVB method. The latest version of HVB requires users to disable Core Isolation and Driver Signature Enforcement to run games. The community includes notable figures like repacker FitGirl, who has acknowledged the collaborative efforts of DenuvOwO and voices38.