execution Archives

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

AppWizard

April 13, 2026

Todd Howard says Starfield’s NG+ was misunderstood and defends Bethesda’s new U-turn on how it works: ‘You can tell us if we’re done our job right’

Starfield's Free Lanes update enhances the New Game Plus (NG+) mode by allowing players to retain up to 50 items when entering The Unity, a multiverse nexus that resets the game while keeping character skills and abilities. This change addresses player concerns about losing hard-earned possessions, which was previously seen as a daunting sacrifice. The update also introduces X-Tech for further upgrades to existing gear, aiming to reward players without frustrating them by losing progress. Bethesda's director, Todd Howard, and creative producer, Tim Lamb, emphasize the importance of evolving the gameplay experience and encouraging players to engage with the game's NG+ features.

AppWizard

April 13, 2026

One of our favorite games of 2025 is just $16 on GOG this week, and the dev says ‘if it’s still too expensive just pirate it honestly’

Skate Story is a game that combines skating and supernatural elements, allowing players to experience the perspective of a demon made of glass and pain. It was released in 2020 and is currently available on GOG with a 20% discount. The creator, Sam Eng, has openly encouraged players to pirate the game if they find it too expensive. The game has received critical acclaim for its unique premise and stylistic execution, with PC Gamer's Lincoln Carpenter praising its "stylish lunicidal skater" vibes. Skate Story is also available on Steam, but the promotional pricing is exclusive to GOG. Eng aims for the game to resonate with players.

Tech Optimizer

April 12, 2026

Modernizing Nexus Repository: Moving Beyond OrientDB

Support for OrientDB in Sonatype Nexus Repository has been discontinued, and older versions of Nexus Repository (prior to 3.70.5) are built on an outdated architecture that presents high-severity vulnerabilities and cannot be fully patched. The recommended database for Nexus Repository is now PostgreSQL, which offers better performance and support for modern architectures. Users have two migration options: transition to Sonatype Nexus Repository Cloud, which is fully managed and eliminates database management, or migrate to PostgreSQL while maintaining a self-hosted environment, which requires ongoing maintenance and infrastructure ownership.

Winsage

April 11, 2026

“We have discontinued SaRA”: Microsoft replaces its Windows 11 Recovery Assistant — here’s how to transition to Microsoft’s modern command-line replacement.

Microsoft has phased out the Support and Recovery Assistant (SaRA) utility with the March 2026 Security Update for Windows 11, replacing it with the new "Get Help" command-line tool. The SaRA was designed to troubleshoot and resolve common issues affecting Windows 11 and Microsoft 365 applications. Users are now encouraged to use the Get Help command-line tool, which offers enhanced functionality and security. To use the Get Help tool, users must download the files, extract them, and run specific commands in the Command Prompt. The tool addresses various issues, including Microsoft 365 activation challenges and Outlook profile errors.

Tech Optimizer

April 11, 2026

Antivirus protection built into Windows

Windows 11 includes Microsoft Defender Antivirus, which is active from the moment the device is powered on and integrated into the operating system. It continuously updates to protect against various threats, including malicious files and unsafe links. Microsoft Defender SmartScreen evaluates the safety of websites and downloads, providing warnings for dubious content. Smart App Control prevents untrusted applications from executing, while Controlled folder access protects personal files from unauthorized modifications. Users can verify the operational status of Microsoft Defender Antivirus through Windows Security settings. Best practices for maintaining security include keeping the antivirus updated, using a single real-time antivirus engine, and enhancing security habits. Microsoft Defender Antivirus is generally sufficient for everyday risks, but additional third-party antivirus solutions may be considered based on individual needs.

Tech Optimizer

April 11, 2026

Database Branching in Postgres: Git-Style Workflows with Databricks Lakebase

Database branching is a modern approach that addresses the limitations of traditional database management in development workflows. Unlike conventional database copies, which require significant time and resources to duplicate data and schema, database branching allows for the creation of isolated environments that share the same underlying storage. This method utilizes a copy-on-write mechanism, enabling branches to be created in seconds regardless of database size, with storage costs tied only to the changes made. Key features of database branching include: - Branch creation time: Seconds, constant regardless of database size. - Storage cost: Proportional to changes only, not the total data size. - Isolation: Each branch has its own Postgres connection string and compute endpoint. - Automatic scaling: Idle branches can scale compute to zero, incurring costs only when active. The architecture supporting this approach separates compute from storage, allowing multiple branches to reference the same data without conflict. This design facilitates time travel capabilities, enabling branches to be created from any point in the past for instant recovery and inspection. Database branching unlocks new workflows, such as: - One branch per developer, providing isolated environments for each engineer. - One branch per pull request, automating branch creation and deletion tied to PRs. - One branch per test run, provisioning fresh databases for each CI pipeline execution. - Instant recovery from any point in time within a designated restore window. - Ephemeral environments for AI agents, allowing programmatic database provisioning. Databricks Lakebase offers this database branching capability, transforming the database from a bottleneck into a streamlined component of the development process.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

AppWizard

April 9, 2026

How to Install XAPK Android Apps on a Windows PC

To install the Seekee app on a Windows PC, users can choose from several methods: 1. Using Bluestacks: This popular Android emulator simplifies the installation process. 2. Using MuMuPlayer: - Install MuMuPlayer on your Windows PC. - Import the XAPK file using the app installation feature. - Launch the app once installation is complete. 3. Manual Installation (if the XAPK does not open correctly): - Create a copy of the XAPK file. - Rename the extension from .xapk to .zip or use an archive tool to extract it. - Identify the package structure, looking for the Android/obb/com.example.app/ folder. - Install the main APK file in the emulator. - Copy the OBB data to the correct folder in the emulator's Android file system. - Launch the app after ensuring both the APK and OBB data are correctly positioned. XAPK installations may fail due to: - Incompatibility with the Android version. - Incomplete packages lacking OBB data or split APK components. - Mismatched package name and OBB folder. - Poorly repacked files. - Incompatible emulator profiles. A troubleshooting checklist includes: - Using BlueStacks with the Install APK option or drag-and-drop feature. - Exploring other emulators like MuMuPlayer. - Checking for app availability on Google Play within the emulator. - Ensuring OBB data is correctly placed. - Testing with different Android versions or emulator instances. - Re-downloading the file from a reliable source if suspected to be corrupted.

Tech Optimizer

April 8, 2026

AI malware threatens Windows 11 security. Traditional antivirus can’t keep up

AI-powered fileless malware poses a significant challenge to Windows 11 security, as traditional antivirus solutions struggle to detect these advanced threats. This type of malware operates without traditional files and can execute malicious actions directly in memory, bypassing conventional detection methods. Vulnerabilities in applications like Excel and Outlook have been exploited, allowing harmful code execution through simple actions like opening a preview pane. The integration of AI features, such as Microsoft's Copilot, has also created new risks, leading to potential data leaks. To combat these threats, a multi-layered security approach that includes behavioral analysis and real-time monitoring is essential. Upgrading from Windows 11 Home to Windows 11 Pro provides additional security features to enhance defenses against malware.