entities Archives

AppWizard

December 4, 2025

‘Systems-driven exploration game’ Kill Joy announced for PC

Developer Over The Moon has announced a new game titled Kill Joy, which is a "systems-driven exploration game" set in a surreal landscape filled with rainbows and unicorns. The game allows players to use foul language as a primary interaction method, inspired by The Outer Wilds, and will be available on PC via Steam, though no release date has been provided. Kill Joy encourages players to explore without guidance, relying on instincts to uncover secrets. Instead of traditional combat, players engage with the world through swearing, eliciting varied emotional responses from creatures. The game features a vibrant dreamscape that hides deeper issues, and players can break illusions tied to entities by making them cry, revealing hidden passages and memories. As players dispel illusions, they collect words, questions, and fragments of meaning to reconstruct their identity through deduction challenges.

Winsage

December 3, 2025

Microsoft mitigates Windows LNK flaw exploited as zero-day

Microsoft has addressed a security vulnerability in Windows tracked as CVE-2025-9491, which allows malicious actors to embed harmful commands in Windows LNK files, requiring user interaction to exploit. Threat actors often distribute these files in ZIP formats to bypass email security. In March 2025, 11 hacking groups, including Evil Corp and Kimsuky, were actively exploiting this vulnerability using various malware payloads. Although Microsoft initially did not consider the issue urgent, it later modified the handling of LNK files in November updates to allow users to view the entire character string in the Target field. However, this change does not eliminate the malicious arguments embedded in the files. ACROS Security has released an unofficial patch that restricts shortcut target strings to 260 characters and alerts users about risks associated with long target strings, covering multiple Windows versions.

Winsage

December 3, 2025

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has addressed a long-standing security vulnerability, identified as CVE-2025-9491, which has been exploited since 2017. This vulnerability involves a misinterpretation issue within Windows Shortcut (LNK) files, potentially allowing remote code execution. The flaw was highlighted in the November 2025 Patch Tuesday updates, with a CVSS score of 7.8/7.0. It allows crafted .LNK files to obscure harmful content, making it invisible to users, thus enabling attackers to execute code under the current user's context. The vulnerability was exploited by various state-sponsored groups, including those from China, Iran, North Korea, and Russia, for data theft and espionage. Microsoft initially deemed the flaw not warranting immediate attention, citing user interaction requirements and existing system warnings. Subsequent investigations revealed its exploitation by cyber espionage groups, including XDSpy and China-affiliated actors targeting European entities. The recent patch aims to ensure that the entire Target command is displayed in the Properties dialog, while 0patch provides warnings for LNK files exceeding 260 characters.

AppWizard

December 2, 2025

India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse

India's Department of Telecommunications (DoT) has mandated that app-based communication service providers implement measures requiring an active SIM card linked to the user's mobile number. This applies to messaging applications such as WhatsApp, Telegram, and Signal, which must comply within 90 days. The amendment to the Telecommunications (Telecom Cyber Security) Rules, 2024, aims to mitigate the misuse of telecommunication identifiers exploited for phishing and scams. The directive requires continuous linkage to the SIM card, and web service instances will log out every six hours, necessitating re-linking via QR code. This is intended to reduce account takeover risks and ensure that accounts are linked to KYC-verified SIMs. The DoT also announced a Mobile Number Validation (MNV) platform to combat identity fraud related to unverified mobile number associations.

AppWizard

December 1, 2025

Valve sleuth says new datamine is “effectively direct confirmation” of Team Fortress 2 being ported to Source 2

Valve is working on a project referred to as 'TF,' which is likely related to Team Fortress 2. Tyler McVicker has indicated that new code confirms Team Fortress 2 is being transitioned to Source 2. A recent datamine revealed a mechanic specific to Team Fortress 2, suggesting that maps from the game are being ported to the new engine. However, the exact intentions behind this project, whether it is a remaster or a sequel, remain unclear. The project is still in early stages, and its future development is uncertain.

AppWizard

December 1, 2025

Government warns WhatsApp, Telegram and other messaging apps: Within 90 days, make sure your app stops working if… – The Times of India

By February 2026, India's telecom authority will implement a SIM binding policy requiring users to continuously verify their registered SIM cards for messaging applications like WhatsApp to combat cyber fraud. Users will be logged out of web versions of these apps after six hours, necessitating re-authentication via QR code. Messaging platforms have a 90-day period to comply with this requirement, which means apps will stop functioning if the registered SIM is removed. The new regulations classify these platforms as Telecommunication Identifier User Entities (TIUEs), expanding regulatory oversight. Challenges may arise for travelers and multi-device users, as they may face difficulties maintaining access to services. Critics, including industry insiders, question the feasibility and effectiveness of the policy, calling it problematic and an overreach. Messaging platforms must comply by early 2026 to avoid regulatory consequences.

AppWizard

November 30, 2025

Signal’s president warns AI agents are an existential threat to secure messaging apps

Meredith Whittaker, president of Signal, expresses strong concerns about the rise of AI agents, describing them as an “existential threat” to secure messaging platforms and app developers. AI agents require access to sensitive information, creating new vulnerabilities that can be exploited by cybercriminals. Whittaker points out the risk of prompt injection attacks, which can manipulate AI to execute harmful actions, leading to data breaches. She argues that unrestricted access to user communications by AI agents poses a significant risk to privacy and security, undermining the foundational security of the internet. Whittaker criticizes the reckless implementation of AI by Big Tech companies, suggesting it compromises cybersecurity in favor of rapid deployment and financial pressures.

AppWizard

November 29, 2025

‘I don’t trust it’: Russians sceptical about state-backed messenger MAX

MAX is a new messaging platform launched by VK in Moscow, designed to consolidate various services and mandated by Russian authorities to be included in all new smartphones and tablets starting September 1. This move coincides with a ban on calls from foreign messaging apps like WhatsApp and Telegram. MAX is promoted as a secure alternative to foreign apps, but lacks end-to-end encryption, raising privacy concerns. The Russian media regulator, Roskomnadzor, announced plans to consider a complete ban on WhatsApp, which has nearly 100 million users in Russia, citing its role in facilitating criminal activity. Public sentiment is mixed, with some individuals expressing distrust towards MAX while others seem unconcerned about the transition to it or other messaging alternatives.

AppWizard

November 27, 2025

Minecraft’s Final Game Drop Update Of 2025 Arrives Next Month

Minecraft's upcoming content drop, 'Mounts of Mayhem', will be released for the Bedrock Edition on 9th December 2025. Key features include the introduction of a new weapon, the spear, a Zombie Horse, a new tameable mob called Nautilus, and the Camel Husk with two riders (a husk and a parched). Quality-of-life improvements will allow players to traverse water while mounted on horseback. Additional details can be found in the latest monthly video update and the Minecraft Live September 2025 round-up post.

AppWizard

November 26, 2025

Hackers Bypass Signal, Telegram And WhatsApp Encryption To Read Messages

CISA has issued a warning about spyware targeting users of instant messaging applications, particularly highlighting the Sturnus trojan, which poses significant risks to Android smartphone users. Sturnus, identified as a banking trojan, can bypass encrypted messaging by capturing messages after they are decrypted on the smartphone screen, rather than cracking the encryption itself. Security expert Aditya Sood noted that Sturnus uses a combination of plaintext, RSA, and AES-encrypted communication, complicating detection efforts. The trojan can read everything displayed on the smartphone screen in real time, including sensitive messages and contacts. CISA also identified tactics used by cyber threat actors, such as phishing, zero-click exploits, and impersonation to gain unauthorized access to messaging apps. Users are advised to keep Google’s Play Protect activated, avoid unauthorized app stores, and be cautious with accessibility permissions to protect against these threats.