NewApp Digest
search bot

espionage

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities
Winsage
June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Winsage
June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.
Everything Revealed During The PC Gaming Show 2026
AppWizard
June 8, 2026

Everything Revealed During The PC Gaming Show 2026

The PC Gaming Show 2026 featured over 60 new game announcements in a two-hour event. Key titles include: - Wielders of the Essence: Launching on November 5, demo available on Steam. - Warhammer 40,000: Darktide – Skitarii Class: Debuting on June 23, wishlist on Steam. - Spellsided: Unique RPG with a demo on Steam. - Star Trek: Outposts Unknown: Demo available on Steam. - Hack '95: Demo available on Steam. - Company of Heroes: Definitive Edition: Wishlist on Steam. - Red Kiss: Wishlist on Steam. - Arcane Eats: Demo available on Steam. - Serious Sam: Shatterverse: Sign up for playtest on Steam. - Control Resonant: Pre-orders available for September 24 release on Steam. - Sated: Wishlist on Steam. - Gone Feral: Wishlist and sign up for playtest on Steam. - Abiotic Factor – Entropic Break DLC: Coming this autumn, wishlist on Steam. - There Are No Ghosts at the Grand: Demo available on Steam. - Ssarseeker: Astroneer Expeditions: Early access begins June 11, wishlist on Steam. - Virtue and a Sledgehammer: Demo available on Steam. - Happy Bastards: Combat demo available on Steam. - Another Door: Demo available on Steam. - AfterQuest: Wishlist on Steam. - SlashZero: Wishlist and sign up for playtest on Steam. - Cassette Beasts 2002: Wishlist on Steam. - VOID/BREAKER: Major update available on Steam. - 2 Fights 2 Tight Spaces: Available now on Steam. - Stronghold 4: Demo available on June 23, wishlist on Steam. - Wind Runners: Demo available on Steam. - Wardens of Avalon: Sign up for playtest on Steam. - Planet Zoo 2: Pre-orders available on Steam. - Empulse: Early access on June 24, available during Steam Next Feast on June 15. - Arkheron: Sign up for playtest on the game's website. - ReVamp: Sign up for playtest via the trailer's QR code. - Wardogs: Wishlist on Steam and sign up for playtests via the trailer's QR code. - Shroom and Gloom: New demo available. - Maximum Thunderness: Coming later this year, wishlist on Steam. - Rivage: Demo available. - Time Strike: Wishlist on Steam. - Signet City: Wishlist on Steam. - Mr. Magpie's Harmless Card Game: Available now on Steam. - Ascenders: Beyond the Peak: Demo available on Steam. - Outward 2: Beta available now. - Thief: The Dark Project Remastered: Remastering classic stealth game. - Exo Rally Championship: Off-road racing game. - Duskers 2.0: Available on Steam. - El Paso, Elsewhere 2: Wishlist on Steam. - Beast of Reincarnation: Launching on August 3, pre-order on Steam. - Terrinoth: Heroes of Descent: Available now on Steam. - To Kill a God: Demo available now. - Pipes.exe: Wishlist on Steam. - Sunset Summit: Available now on Steam. - Clowntown: Available for wishlist on Steam. - Armatus: Launching this winter, wishlist on Steam. - Dave The Diver – In the Jungle DLC: Wishlist on Steam. - Carcass Clad: Wishlist on Steam. - Total War: Warhammer 40,000: Beta opportunities to be announced. - About Fishing: Demo available on Steam. - Vampire: The Masquerade – Eternal Whispers: Emphasizes meaningful choices. - Valheim 1.0: Launching on September 9, 2026, download on Steam now. - P.O.N.: Wishlist on Steam. - Locator: The Search for Abigail Lidari: Wishlist on Steam. - Exodus: Features combat and exploration. - Remothered: Red Nun's Legacy: Third installment in the horror series. - Into the Wind: Wishlist on Steam.
‘Tactical radio action’ game Burn-9 announced for PC
AppWizard
June 7, 2026

‘Tactical radio action’ game Burn-9 announced for PC

14 Hours Productions is developing a political spy thriller game titled Burn-9, set to launch for PC on Steam, GOG, and the Humble Store in 2026. Players take on the role of an unseen operator assisting the last survivor of a black-ops team in a chaotic mission. A demo is currently available. The game involves navigating espionage and making pivotal choices based on gathered intelligence while using advanced surveillance systems. Players can disable security measures and extract sensitive information, facing moral complexities and ethical dilemmas throughout the mission.
'007 First Light': How To Buy Video Game Online, PS5, Xbox, PC
AppWizard
May 28, 2026

‘007 First Light’: How To Buy Video Game Online, PS5, Xbox, PC

James Bond returns to gaming with “007 First Light” after a 15-year hiatus. The game is available exclusively on Amazon for .99 and is compatible with Sony PlayStation 5, Xbox Series X, and PC. A Nintendo Switch 2 version will launch on September 30. The “Specialist Edition” includes a classic tuxedo skin for Bond. There are two premium options: the “Collector’s Edition” for .99, which includes a life-sized mask, and the “Legacy Edition” for .99, featuring a replica of the Golden Gun. Directed by Hakan Abrak and Martin Emborg, the game is a prequel focusing on a 26-year-old James Bond, played by Patrick Gibson, and includes diverse locations like Slovakia, Mauritania, Vietnam, and Antarctica. The cast features Lennie James, Priyanga Burford, Alastair Mackenzie, Kiera Lester, Gemma Chan, Lenny Kravitz, and Noémie Naka. The game is available through major retailers including Amazon, Walmart, Best Buy, and GameStop.
007 First Light release date and launch times
AppWizard
May 26, 2026

007 First Light release date and launch times

IO Interactive is launching 007 First Light on Wednesday, May 27, at 10 am EDT, with early access available for pre-orders at £60 on Steam. Players can currently download the game, which has an 80 GB file size. The recommended PC specifications include Windows 10 or 11 (64-bit), an Intel Core i5 13500 or AMD Ryzen 5 7600 CPU, 16 GB RAM, and a GPU such as Nvidia Geforce RTX 3060 TI or AMD RX 6700 XT. The minimum requirements are Windows 10 or 11 (64-bit), an Intel Core i5 9500 or AMD Ryzen 5 3500 CPU, 16 GB RAM, and a GPU like Nvidia Geforce GTX 1660 or AMD RX 5700.
Tame Windows 11 with Winhance + Group Policy as your preventive Affirmative Defense against undesired advertising, bloat and espionage by Allan Tépper
Winsage
May 26, 2026

Tame Windows 11 with Winhance + Group Policy as your preventive Affirmative Defense against undesired advertising, bloat and espionage by Allan Tépper

Users of Windows 11 face issues with unwanted advertising, bloatware, and privacy concerns. To combat these, a combination of Group Policy and Winhance is recommended. Group Policy can be used to preemptively instruct Windows to ignore specific undesired elements, while Winhance addresses issues that may re-emerge after updates. Group Policy is referred to as "Directivas de grupo local" in Castilian. Before implementing policies, Windows should be fully updated. Two essential policies to enhance control include removing default Microsoft Store packages and opting out of sending diagnostic data to Microsoft. Group Policies can be saved and shared if the target computer matches the original system's version and update status. Winhance is a tool that monitors and manages unwanted applications, offers customization options, and provides a list of third-party apps for replacing built-in applications.
Microsoft Dismantles Fox Tempest: Ransomware Groups Paid Up to $9,500 to Fake Windows Software Signatures
Winsage
May 22, 2026

Microsoft Dismantles Fox Tempest: Ransomware Groups Paid Up to $9,500 to Fake Windows Software Signatures

Microsoft's Digital Crimes Unit has filed a lawsuit against Fox Tempest, a criminal enterprise selling fraudulently signed malware to ransomware groups, affecting hospitals, schools, and critical infrastructure in ten countries. The lawsuit was filed on May 19 in the U.S. District Court for the Southern District of New York. Fox Tempest created a portal at signspace[.]cloud, offering a user-friendly interface for uploading malicious files and generating over 580 fraudulent Microsoft accounts to bypass identity verification. The group provided pre-configured virtual machines for customers to upload malicious payloads in exchange for signed binaries. Fox Tempest's operations were linked to a ransomware attack chain involving a counterfeit Microsoft Teams installer that deployed the Rhysida ransomware. This ransomware strain has caused significant breaches, including an October 2023 attack on the British Library, which resulted in a data exfiltration of about 600GB and recovery costs of £6 to £7 million, and a September 2024 attack on Seattle-Tacoma International Airport with a ransom demand of .8 million. Microsoft's civil litigation approach allowed for a quicker legal process, leading to the seizure of the signspace[.]cloud domain and the suspension of around 1,000 Fox Tempest accounts. Despite these actions, Fox Tempest has begun shifting to alternative code-signing services, highlighting the evolving nature of cybercrime and the need for users to verify software through independent channels. The confirmed targets of Fox Tempest included organizations in the United States, France, India, China, Brazil, Germany, Japan, the United Kingdom, Italy, and Spain.
Search