commands Archives

AppWizard

June 18, 2025

My 6 favorite open-source Android apps from the Google Play store – and why that matters

Android's ecosystem is closely linked with open-source software, attracting many enthusiasts. The Google Play Store offers a variety of open-source applications. 1. Bitwarden: An open-source password manager with essential features, industry-leading encryption, two-factor authentication, auto-fill capabilities, and a random password generator. It has a free version and a premium account for additional features. 2. Brave: A secure browser built on Chromium, featuring enhanced privacy tools, a built-in AI tool named Leo, and a toggleable VPN. It provides insights into tracker and ad blocking. 3. Wavelet: A free, open-source app for music lovers that offers preset sound profiles for various earbud models and features like AutoEQ, a graphic equalizer, and channel balance. 4. Tor Browser: A privacy-focused browser with extensive security features, though it may have slower loading times due to multiple security layers. It is free and open-source. 5. KDE Connect: An app that integrates Android devices with Linux systems, allowing users to share clipboard content, files, URLs, and notifications. It enhances productivity by enabling command execution on Linux devices from mobile phones. 6. ProtonVPN: A VPN service developed by CERN scientists, offering strong security features, access to servers in over 110 countries, and a free account with limitations. Paid plans provide higher speeds and more features.

Winsage

June 18, 2025

XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users

A cyber espionage campaign attributed to the XDSpy threat actor has been discovered, exploiting a zero-day vulnerability in Windows shortcut files identified as “ZDI-CAN-25373.” This vulnerability allows attackers to conceal executed commands within specially crafted shortcut files. XDSpy has primarily targeted government entities in Eastern Europe and Russia since its activities became known in 2020. Researchers from HarfangLab found malicious LNK files exploiting this vulnerability in mid-March, revealing issues with how Windows parses LNK files. The infection begins with a ZIP archive containing a malicious LNK file, which triggers a complex Windows shell command to execute malicious components while displaying a decoy document. This command extracts and executes a first-stage malware called “ETDownloader,” which establishes persistence and downloads a second-stage payload known as “XDigo.” The XDigo implant, written in Go, collects sensitive information and employs encryption for data exfiltration. This campaign represents an evolution in XDSpy's tactics, combining zero-day exploitation with advanced multi-stage payloads.

Winsage

June 18, 2025

XDSpy Threat Actors Exploit Windows LNK Zero-Day Vulnerability to Target Windows System Users

The XDSpy threat actor is exploiting a Windows LNK zero-day vulnerability (ZDI-CAN-25373) to target governmental entities in Eastern Europe and Russia since March 2025. This campaign involves a multi-stage infection chain deploying the XDigo implant, developed in Go. Attackers use spearphishing emails with ZIP archives containing crafted LNK files that exploit the vulnerability. Upon execution, these files sideload a malicious C# .NET DLL named ETDownloader, which establishes persistence and retrieves the XDigo payload from specific domains. XDigo is a data collection implant capable of file scanning, clipboard capture, and screenshot acquisition, communicating with command-and-control servers. The campaign targets Belarusian governmental entities and employs advanced tactics, including anti-analysis checks and encryption for data exfiltration. Indicators of compromise include specific SHA-256 hashes for ZIP archives, LNK files, the ETDownloader, and XDigo malware, along with associated distribution and command-and-control domains.

Tech Optimizer

June 17, 2025

Hackers Use Fake Verification Prompt and Clickfix Technique to Deploy Fileless AsyncRAT

Threat actors are using a fileless variant of AsyncRAT, targeting German-speaking individuals with a deceptive verification prompt. This prompt misleads users into executing harmful commands. The malware employs obfuscated PowerShell scripts to operate in memory without creating files on disk, complicating detection by antivirus solutions. The attack begins with a fake verification page prompting users to click "I’m not a robot," which copies a malicious command to the clipboard. This command uses conhost.exe to run a hidden PowerShell instance that retrieves a payload from a remote server. The malware establishes a connection to a command-and-control server and maintains persistence through registry keys, enabling remote control and data exfiltration. Key tactics include stealth execution, in-memory C# compilation, and TCP-based communication over non-standard ports. The campaign has been active since at least April 2025. Indicators of Compromise (IOCs) include: - IP: 109.250.111[.]155 (Clickfix Delivery) - FQDN: namoet[.]de (Clickfix / C2 Server) - Port: 4444 (TCP Reverse Shell Listener) - URL: hxxp[:]//namoet[.]de:80/x (PowerShell Payload) - Registry (HKCU): SOFTWAREMicrosoftWindowsCurrentVersionRunOncewindows (Persistence on Boot) - Registry (HKCU): SOFTWAREMicrosoftWindows NTCurrentVersionWindowswin (Holds Obfuscated Command)

Winsage

June 16, 2025

Microsoft is trying a new way to get you to ditch Windows 10

Windows 10 will be retired on October 14, 2025, after which it will no longer receive software and security updates. Currently, 53.2 percent of Windows computers worldwide run on Windows 10, while 43.2 percent use Windows 11. Users can upgrade to Windows 11 for free or by purchasing a new PC, but many older machines may not meet the minimum system requirements. Microsoft has reached out to Windows 10 users via email to remind them of the end of support and has introduced a new feature in Windows Backup to help transfer data to a new PC. This feature, labeled “Transfer information to a new PC,” is expected to be rolled out across all Windows 10 builds. Microsoft has also announced that Microsoft 365 apps will continue to receive security updates for an additional three years after the retirement date.

Winsage

June 15, 2025

Windows 11 finally gets a small, but long-requested Windows 10 taskbar feature

Windows 11 is nearing its fourth anniversary, and Microsoft has reintroduced the clock in the calendar flyout, a feature that users missed since its initial release. This feature allows for a larger clock display with seconds, visible whether the calendar is collapsed or expanded. Users can toggle the clock off in the Settings menu, but the feature is being rolled out gradually. To enable it sooner, users can use the ViVeTool app with specific commands. However, the taskbar calendar still lacks advanced functionalities like displaying user agendas or creating new events.

Winsage

June 15, 2025

I’ve used a lot of Windows launchers, but this is the best one by far

Flow Launcher is a desktop productivity tool for Windows 11 that excels in speed, opening instantly with a keyboard shortcut and providing audio cues. It features an extensive library of plugins, allowing users to enhance functionality with ease, including pre-installed plugins for searching bookmarks, managing files, and executing system commands. The plugin store offers a variety of extensions, catering to diverse needs, including tools for OneNote, Spotify, and gaming. Flow Launcher is highly customizable, enabling users to adjust extension functions, search result priorities, and activation shortcuts. It also allows the creation of custom hotkeys for quick access to frequently used tools, such as an enhanced clipboard history.

Winsage

June 15, 2025

Microsoft Starts Testing New Settings AI Agent and Recall Export Experience

Microsoft is testing a new AI agent for Windows 11 within the Settings, available for Windows Insiders on Copilot+ PCs with the Dev build 26200.5651. Users in the European Economic Area (EEA) will have access to a revamped Recall export experience in the Beta channel build 26120.4441. The new features include the ability to reset Recall and erase all associated data, new Click to Do actions for Microsoft 365 Copilot and Teams, a larger clock option in the taskbar, improved Windows Share for OneDrive files (not available in the EEA), and enhancements to Voice Access for Simplified Chinese, Traditional Chinese, and Japanese. Insiders are receiving updates based on Windows 11 version 24H2, with version 25H2 expected later this year.

Winsage

June 14, 2025

You can’t argue with the price when a 95% discount drops Windows 11 Pro to just $10

Windows 11 Pro is available for a limited-time price of , reduced from its original retail value of 9, representing a discount of up to 95%. The Pro version includes features such as Hyper-V Virtualization, BitLocker Drive Encryption, Sandbox, Microsoft Defender Application Guard, and Windows Information Protection. Users also gain access to various AI tools. To acquire the software, one must purchase, download, and activate it with a license key, ensuring hardware compatibility with Windows 11.

Winsage

June 13, 2025

Announcing Windows 11 Insider Preview Build 26120.4441 (Beta Channel)

Windows 11 Insider Preview Build 26120.4441 (KB5060816) has been released to the Beta Channel for users on Windows 11, version 24H2. This update includes new features such as the ability for Windows Insiders in the European Economic Area to export Recall snapshots with a unique export code, which is secured by encryption and requires Windows Hello authentication. A larger clock display option in the notification center has been added, and recent updates to Recall include a reset option and a maximum storage duration for snapshots set to 90 days. New actions in Click to Do allow users to interact with Microsoft 365 Copilot and connect with colleagues via Teams. Improvements have been made to File Explorer, voice access support has been expanded to additional languages, and sharing options for OneDrive files have been enhanced. Various fixes have been implemented for Recall, File Explorer, the Start menu, and Settings. Known issues include display problems in the Start menu and issues with Xbox Controllers. Updates will be delivered via an enablement package, and features may evolve based on user feedback.