NewApp Digest
search bot

communicate

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities
Winsage
June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Winsage
June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.
Linux 7.2 To Better Communicate File-System Casefolding For Helping Windows NFS & More
Winsage
June 15, 2026

Linux 7.2 To Better Communicate File-System Casefolding For Helping Windows NFS & More

The Linux 7.2 kernel has introduced enhancements for reporting case-folding behavior in local file systems, allowing file servers to accurately convey their case sensitivity capabilities. Linus Torvalds merged Virtual File System (VFS) related pull requests that enable local file systems to report case-folding behavior, benefiting services like NFSD and KSMBD, particularly for Microsoft Windows NFS clients. Filesystems can now report case-insensitive and case-nonpreserving behavior through new filekattr flags in their fileattrget implementations. Supported filesystems include FAT, exFAT, NTFS3, HFS, HFS+, XFS, CIFS, NFS, VBoxSF, and ISOFS, with others defaulting to POSIX behavior. NFSd uses this information to report case folding via NFSv3 PATHCONF and implement NFSv4 attributes for case insensitivity and case preservation. The enhancements aim to improve interoperability, allowing Windows NFS clients to function correctly by reporting case-insensitivity, which streamlines operations and avoids unnecessary requests. The Linux NFS client has previously supported case-insensitive shares, requiring adjustments to caching behavior. Accurate case folding reporting is crucial for servers operating in multi-protocol environments to maintain interoperability.
Waze fulfills a long-standing wish of millions of drivers. You've been missing this major new feature in maps
AppWizard
June 13, 2026

Waze fulfills a long-standing wish of millions of drivers. You’ve been missing this major new feature in maps

Users globally faced challenges accessing Facebook and Instagram due to a widespread technical failure affecting millions. Disruptions were also reported with Messenger and WhatsApp. Meta's business status tracker identified significant issues with Facebook's advertising network. Outage monitoring tools noted an increase in user complaints, indicating the scale of the disruption. Common symptoms included lag and issues loading new Stories on social media, and problems connecting to Facebook and Messenger. The cause of the outage is unclear, and there is no timeline for service restoration. Downdetector indicated possible issues with WhatsApp as well.
YouTube expands in-app messaging
AppWizard
June 12, 2026

YouTube expands in-app messaging

YouTube is expanding its in-app messaging feature, initially tested in Ireland and Poland, to the United States and other global markets. The feature, called YouTube Chat, allows users to directly message and share content within the app. Users can invite friends to chat, enabling them to share posts and discuss videos. This update aims to enhance user engagement and streamline sharing activities, reflecting a trend towards private messaging. Favorable feedback has been received during initial testing, although the feature's success will depend on user willingness to use it in place of established messaging platforms.
ReactOS Runs Half-Life Natively: Open-Source Windows NT Clone Clears 3D Graphics Bar
Winsage
June 11, 2026

ReactOS Runs Half-Life Natively: Open-Source Windows NT Clone Clears 3D Graphics Bar

ReactOS has successfully executed Valve's original Half-Life on consumer hardware, marking a significant milestone in open-source software development. This achievement was announced on June 10, 2026, after three decades of effort to reimplement Microsoft Windows. The game was run on a Dell OptiPlex desktop with an Intel Core i5 2400 processor and an NVIDIA GeForce 8400GS graphics card, demonstrating ReactOS's capability to handle real-time 3D applications without compatibility shims. ReactOS operates independently from Microsoft, sharing no code, and can execute a real-time 3D graphics workload natively. It has achieved approximately 90 percent GPU driver compatibility for Windows XP and Server 2003-era hardware through the implementation of the Kernel-Mode Driver Framework and Windows Display Driver Model subsystems. ReactOS is still in alpha stage, with limitations in application support and driver gaps for modern hardware. The project is working towards a new release, version 0.4.16, to enhance user experience.
Gemini Canvas helped Paris Hilton turn an idea into an app, and she didn't write a line of code
AppWizard
June 10, 2026

Gemini Canvas helped Paris Hilton turn an idea into an app, and she didn’t write a line of code

Paris Hilton has created a custom productivity app named Iconic Ideas using Google’s Gemini Canvas, a platform that enables app creation without traditional coding skills. The app is designed to help manage thoughts associated with her ADHD and features a playful aesthetic with pink hues and sparkly elements. Users can earn "sparkle points" for completing tasks and can generate visual mood boards for various projects. This project highlights the decreasing barriers to app development, emphasizing that effective communication of ideas is becoming more important than coding skills in the creation of personalized applications.
5 Emergency Features To Enable On Your Android Phone Before It's Too Late
AppWizard
June 8, 2026

5 Emergency Features To Enable On Your Android Phone Before It’s Too Late

The Google Play Store has launched a Personal Safety app that provides tools for emergency situations, including safety check-ins, medical information input, automatic location sharing with emergency contacts, and car crash detection for select devices. The Emergency SOS feature allows users to create shortcuts for quick access to emergency actions, such as calling services and recording video footage. Crisis Alerts notify users of nearby dangers, while Earthquake Alerts provide information on seismic activity. The Emergency Location Service (ELS) enables precise location sharing with emergency responders during calls or texts to emergency numbers.
Gothic devs are 'monitoring the sentiment about lockpicking,' promise a PC patch for crashes by Monday
AppWizard
June 6, 2026

Gothic devs are ‘monitoring the sentiment about lockpicking,’ promise a PC patch for crashes by Monday

Gothic's recent remake has generated mixed feelings among players, particularly regarding its revamped lockpicking system. The new mechanic has led to confusion, with players discussing its complexity on platforms like Reddit. One user explained that the lockpicking involves moving multiple plates in a specific order, which can be challenging for newcomers. A contributor expressed frustration with the system, stating it diminished their enjoyment of the game, although they acknowledged it is an improvement over the original. Developer Alkimia responded to community concerns, indicating they are monitoring feedback and considering adjustments, including making the system easier as players invest skill points. The backlash reflects a tradition in RPGs where challenging minigames, like lockpicking, are seen as a rite of passage.
Microsoft wants AI to customize your Windows 11 entirely with one sentence, shows off a demo
Winsage
June 5, 2026

Microsoft wants AI to customize your Windows 11 entirely with one sentence, shows off a demo

At Build 2026, Microsoft announced plans to enhance Windows 11 personalization through AI agents, with API endpoints available for developers to create tailored experiences. Product Manager Samantha Song highlighted the need for a more user-friendly interface that reflects individual preferences, noting current customization options can be cumbersome. Microsoft introduced "WinUI skills," enabling developers to use AI agents like Copilot to create native applications that interact with Windows APIs. Users could instruct AI to modify themes, such as creating a cherry blossom theme, which would adjust wallpapers and accent colors automatically. AI skills could also apply accent colors to File Explorer and download themed wallpapers. The theme module can orchestrate multiple actions, allowing users to change their entire Windows theme with a single command. Microsoft is exploring a themes agent for generating new themes. While currently an open-source project, there is potential for these features to be integrated into Windows 11, enhancing user experience through personalized customization.
Search