clipboard Archives

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

TrendTechie

February 24, 2026

От ffmpeg до торрентов для терминала: 7 новых TUI-инструментов, которые советуем

Many developers are turning to TUI (Text User Interface) tools for tasks traditionally done in GUI applications. MONICA is an interactive layer over ffmpeg that simplifies command usage, available on GitHub. The lic tool allows users to create a LICENSE file with a single terminal command by selecting a license from a TUI menu. It can be installed via Homebrew or pip and debuted in late December 2024, receiving 21 stars. PNANA is a TUI editor that combines the simplicity of nano with features from modern editors like Sublime, built with C++17 and FTXUI. Users need to compile it from source as no binary releases are available. CodeWeaver compiles a codebase into a single Markdown document, allowing for easy sharing and documentation. It can be installed via Go. Clox (version 1.3) introduces console clocks and calendars in the terminal, supporting various time zones and formats, and can be installed as a Python module. Torrra v2 is a TUI torrent client that allows users to search and download torrents directly from the console, enhancing UI speed and navigation. It can be installed via pipx or other package managers. A command for visualizing git history in the terminal is provided: `git log --graph --decorate --all --pretty=format:'%C(auto)%h%d %C(#888888)(%an; %ar)%Creset %s'`. An alias can be created for convenience. All tools aim to enhance productivity in the terminal and are actively evolving.

Winsage

February 24, 2026

Windows 11 Has 4 Powerful Features Most Users Never Turn On (But Should)

Microsoft's Windows 11 includes several built-in features that enhance usability and system management, which can be activated by users: 1. Clipboard History: Allows users to retain multiple copied items and access them with Win + V. To enable, go to Settings > System > Clipboard and toggle on Clipboard history. 2. Snap Layouts: Provides predefined window arrangements for better organization of applications. To ensure it's enabled, go to Settings > System > Multitasking and turn on Snap windows. 3. Show File Extensions: Displays full file names including extensions for better identification of file types. To enable, open File Explorer, select View > Show > File name extensions. 4. Storage Sense: Automates the removal of temporary files and manages storage space. To enable, go to Settings > System > Storage and toggle on Storage Sense. 5. "God Mode": Creates a folder that centralizes access to various administrative tools and settings. To enable, create a new folder on the desktop and rename it to GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}. These features are built into Windows 11 and do not require third-party applications.

AppWizard

February 19, 2026

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity researchers have identified a new Android trojan named Massiv, designed for device takeover attacks targeting financial theft. It disguises itself as IPTV applications and poses risks to mobile banking users by allowing operators to remotely control infected devices for fraudulent transactions. The malware was first detected in campaigns targeting users in Portugal and Greece, with features including screen streaming, keylogging, SMS interception, and fake overlays for credential theft. One campaign specifically targeted the gov.pt application to deceive users into providing sensitive information. Massiv can execute various malicious actions, such as altering device settings, sending device information, and downloading malicious files. It is distributed through dropper applications that mimic IPTV services, often via SMS phishing. The malware operates in the background while the dropper appears as a legitimate app. Recent campaigns have focused on regions like Spain, Portugal, France, and Turkey, indicating a growing threat landscape. The operators of Massiv are developing it further, suggesting intentions to offer it as a Malware-as-a-Service.

AppWizard

February 19, 2026

Massiv: When your IPTV app terminates your savings

Massiv is an Android banking Trojan that disguises itself as legitimate applications, primarily targeting users in southern Europe. It is distributed through side-loading and is capable of remote control over infected devices, enabling Device Takeover attacks that can lead to unauthorized banking transactions. Massiv often masquerades as IPTV applications to attract users seeking online television services. The malware employs overlay functionality to create deceptive screens, keylogging to capture sensitive information, and SMS/Push message interception. It can monitor applications on infected devices and present fake overlays to prompt users for sensitive data. Notably, it has targeted the Portuguese government application gov.pt and connects with Chave Móvel Digital, a digital authentication system, to access victims' banking accounts. Once it captures sensitive data, Massiv allows operators remote access to the device using Android’s AccessibilityService, facilitating real-time observation and manipulation of the user interface. It communicates over a WebSocket channel and supports screen streaming and UI-tree modes for enhanced control. Massiv's distribution includes malware droppers that initially do not contain malicious code but open a WebView to an IPTV website while the actual malware operates in the background. This tactic has increased in recent months, particularly in Spain, Portugal, France, and Turkey. Indicators of compromise include specific SHA-256 hashes and package names associated with the malware. The bot commands allow operators to perform various actions on the infected device, such as clicking coordinates, installing APKs, and showing overlays.

Winsage

February 18, 2026

Attackers steal Windows users’ data using fake CAPTCHA checks

Fraudsters are using counterfeit CAPTCHA confirmation pages to deploy StealC, an information-stealing malware targeting Windows systems. Users are tricked into visiting compromised websites where a fake CAPTCHA prompts them to execute a sequence of keystrokes that runs a malicious PowerShell command. This command connects to a remote server, downloads shellcode, and injects the StealC payload into svchost.exe. Once installed, StealC collects sensitive information such as browser credentials, email data, and cryptocurrency wallet details, facilitating fraud and account hijacking. The malware operates primarily in the system's RAM, making detection difficult.

Winsage

January 20, 2026

I raced to my PC to install this new PowerToys update — but its best new feature is one control away from greatness

Microsoft's PowerToys has released version 0.97, enhancing the Windows 11 experience with a new utility and significant updates to the Command Palette. The Command Palette now features a Personalization page for customizing its interface, including background images and color tinting. It also includes fallback ranking for search results, allowing users to manage command order through drag-and-drop. A new extension enables control of PowerToys features directly from the Command Palette, and the Peek feature allows file and folder previews. Additional updates include support for Pinyin, a Remote Desktop extension, custom search engine selection, and drag-and-drop support for File Indexer and Clipboard History. The new CursorWrap feature allows seamless mouse movement across multiple monitors. The Quick Access flyout has been optimized for faster launch times and can be customized or disabled. PowerToys now offers expanded CLI support for utilities like FancyZones and Image Resizer. Other changes include the Light Switch feature following the Night Light setting, a revamped "What's new" dialog, and improvements to the Advanced Paste feature. CursorWrap shows promise but has minor bugs and user requests for further refinements.

Winsage

January 15, 2026

Wine 11 runs Windows apps in Linux and macOS better than ever

Wine 11.0 has been released, allowing users to run 16-bit, 32-bit, and 64-bit Windows x86 binaries on Unix-like operating systems without distinguishing between 32-bit and 64-bit commands. It introduces support for the Linux kernel's NT synchronization primitive, enhancing performance for Windows binaries. Wine 11 is compatible with older kernels, though with reduced performance. It supports x86-to-Arm translation on Arm64 Linux systems through FEX-Emu and works on Apple Silicon Macs via Rosetta 2. The version simplifies command usage to a single wine command and eliminates 32-bit support libraries. Enhancements include improved clipboard handling over Wayland, full-screen mode functionality, Direct3D support, native Vulkan video decoding for H.264, and better handling of SCSI devices and game controllers. Wine 11 downloads are available for Linux and macOS, with a FreeBSD port expected. Testing on Ubuntu 25.10 under GNOME using Wayland showed positive results for both 32-bit and 64-bit applications.

Winsage

January 9, 2026

The Secret Microsoft App That Improves How I Use Windows

PowerToys is a suite of utilities developed by Microsoft, available for free on GitHub and other platforms, which enhances the Windows user experience with frequently updated functionalities. Key utilities include: - Command Palette: A tool for launching applications, searching for files, and locating open windows, with a Bookmarks feature for quick access to folders and websites. - Light Switch: Allows users to toggle dark mode with a keyboard shortcut and schedule it based on fixed hours or local sunset times. - Peek: Enables quick file previews by pressing the Space bar, allowing seamless navigation through files. - Text Extractor: A utility for extracting text from images faster than Windows' built-in OCR, using the shortcut Windows + Shift + T. - Image Resizer: Simplifies the process of resizing images through a right-click option in File Explorer, offering preset sizes and custom resolutions. - Awake: Keeps PCs active beyond default sleep settings, allowing users to choose a duration for their systems to remain awake. - FancyZones: Provides custom window layouts for efficient workspace organization, allowing users to snap windows into designated zones.

Winsage

January 8, 2026

How to get started with PowerToys Command Palette on Windows 11 — an answer to macOS Spotlight for Windows PCs

The Command Palette is a feature in PowerToys for Windows 11 that allows advanced users to access applications, settings, and system tools quickly, similar to macOS Spotlight. To install it, users must install PowerToys via Command Prompt or the Microsoft Store. Configuration involves enabling the Command Palette, customizing activation shortcuts, and adjusting display settings. Users can search for applications, settings, and files, perform calculations, access clipboard history, and execute system commands. Keyboard modifiers enhance functionality, and users can create custom search shortcuts with community plugins. The Command Palette also includes a Registry browser extension for navigating the Windows Registry.