NewApp Digest
search bot

hacker

Задорный экшен LEGO Batman слили на торренты
TrendTechie
May 23, 2026

Задорный экшен LEGO Batman слили на торренты

The anti-piracy software Denuvo has been breached by a hacker known as voices38, who circumvented its defenses without using a hypervisor. The game LEGO Batman: Legacy of the Dark Knight has been released in a portable version on a Russian torrent tracker, weighing approximately 40 GB. The deluxe edition was available for pre-order customers on May 19, with a broader release on May 22. The game offers an open-world action experience, inspired by the LEGO franchise and the Arkham series, includes split-screen support for cooperative play, and features Russian subtitles.
CVE-2026-45585: YellowKey BitLocker Bypass
Winsage
May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.
How To Mitigate The Microsoft Windows BitLocker ‘Angry Hacker’ 0-Day
Winsage
May 20, 2026

How To Mitigate The Microsoft Windows BitLocker ‘Angry Hacker’ 0-Day

Microsoft is addressing a zero-day exploit known as YellowKey, identified as CVE-2026-45585, which allows attackers to bypass BitLocker security using a specially crafted USB device. Following the release of exploit code by a hacker named Chaotic Eclipse, Microsoft has issued urgent mitigation advice. Cybersecurity expert Neena Sharma recommends treating this as an active threat and suggests implementing compensating controls, such as restricting USB boot access, until a patch is available. Microsoft has provided guidance for users to protect their systems, including the recommendation to add a PIN to BitLocker protection to reduce the risk of exploitation. Detailed instructions for adding a PIN are included in the advisory. YellowKey has not yet been exploited in the wild but requires physical access to the device.
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
BetaBeacon
May 5, 2026

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft compromised a video game platform in a supply chain attack, trojanizing its components with a backdoor called BirdCall to target ethnic Koreans residing in China. The attack enabled the threat actors to target both Windows and Android devices, turning it into a multi-platform threat. The campaign targeted sqgame[.]net, a gaming platform used by ethnic Koreans in China, known as a transit point for North Korean defectors. BirdCall has features like screenshot capture, keystroke logging, and data gathering, and relies on legitimate cloud services for command-and-control. The Android variant collects various data and has seen active development.
ScarCruft hackers push BirdCall Android malware via game platform
BetaBeacon
May 5, 2026

ScarCruft hackers push BirdCall Android malware via game platform

APT37, also known as ScarCruft and Ricochet Chollima, has developed an Android version of the backdoor BirdCall, which serves as spyware in addition to a backdoor. The malware was delivered through a Chinese website that hosts games for Android, iOS, and Windows, targeting only Android and Windows systems. The Android variant of BirdCall has capabilities such as extracting IP geolocation information, collecting contact lists, call logs, SMS data, device information, taking screenshots, recording audio, and exfiltrating files. Users are advised to download software only from official marketplaces and trusted publisher sites to protect against malware infections.
Hacker tracks Australian police using Android app
AppWizard
May 4, 2026

Hacker tracks Australian police using Android app

Australian police officers can potentially be tracked through publicly available Bluetooth applications due to a design flaw in tasers and body-worn cameras manufactured by Axon. A hacker demonstrated this vulnerability by using Android apps to detect nearby Bluetooth devices, revealing the location of police equipment, including model and serial numbers. The flaw arises from the failure to implement MAC address randomization, which could enhance security. The hacker developed software capable of tracking devices from over 400 meters away, raising concerns about the potential for criminal activities targeting police. Despite warnings to various police agencies, responses indicated confidence in existing security measures, although similar risks have been noted in the US, leading to the cessation of Axon body camera use by US Border Patrol agents. The vulnerability is considered a hardware-level issue, requiring significant redesign efforts from Axon to address it.
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
Tech Optimizer
May 4, 2026

Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, leading to their removal from Windows systems globally. This issue arose after a Defender signature update on April 30th, with affected certificates including 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 and DDFB16CD4931C973A2037D3FC83A4D7D775D05E4. The certificates were removed from the AuthRoot store under the Registry key HKLMSOFTWAREMicrosoftSystemCertificatesAuthRootCertificates. Microsoft has addressed the issue in Security Intelligence update version 1.449.430.0, which also restored the removed certificates. The false positives were linked to detections related to a recent DigiCert breach, where threat actors obtained valid code-signing certificates used for signing malware. DigiCert revoked 60 code-signing certificates, including those linked to the "Zhong Stealer" malware campaign. The malware utilized certificates issued to companies like Lenovo and Kingston, but the certificates flagged by Microsoft Defender are root certificates and do not correspond to the revoked code-signing certificates.
Denuvo is finally dead: every PC game protected by the DRM can now be cracked or bypassed
AppWizard
April 29, 2026

Denuvo is finally dead: every PC game protected by the DRM can now be cracked or bypassed

A group of hackers has declared Denuvo, a digital rights management (DRM) software, as "fully useless" after successfully bypassing its protections, which have been in place since 2014. They achieved this through two main strategies: direct cracking, which removes Denuvo from games, and hypervisor bypass, which deceives Denuvo into functioning normally. These methods have been applied to games like Crimson Desert and Resident Evil Requiem. Recently, a prominent hacker announced the release of hypervisor bypasses for EA Sports games, confirming that all games using Denuvo can now be played for free.
Get Linux on your ancient 486 Windows 95 desktop using WSL9x — very old Windows PCs can cooperatively run very modern Linux kernels
Winsage
April 23, 2026

Get Linux on your ancient 486 Windows 95 desktop using WSL9x — very old Windows PCs can cooperatively run very modern Linux kernels

A computer enthusiast has developed a tool called WSL9x, which allows users to run contemporary Linux kernels on early versions of Windows (from Windows 95 onward) and on machines with 486 CPUs. WSL9x enables the simultaneous operation of Windows and Linux applications without relying on hardware virtualization. The architecture includes a client program, wsl.com, which manages a DOS window for the console driver. Meanwhile, the Linux community is phasing out support for the Intel 486 CPU, with developers removing related support options in the Linux kernel, marking the end of support for this processor.
You can now run WSL on Windows 95, in case you're crazy, too
Winsage
April 22, 2026

You can now run WSL on Windows 95, in case you’re crazy, too

Hailey has developed the Windows 9x Subsystem for Linux (WSL9x), which allows the 6.19 Linux kernel to run on Windows 9x systems without a graphical user interface, relying instead on a terminal experience. WSL9x consists of three main components: a modified Linux kernel that interacts with Windows 9x APIs, a virtual device (VxD) driver that initializes WSL9x and manages userspace events, and a simple 16-bit DOS client for passing commands to the Linux kernel. The system handles syscalls through a general protection fault handler due to limitations in the Win9x architecture. However, this setup poses security risks as both the Linux kernel and Windows kernel operate with the same CPU privileges, meaning instability could occur if either crashes. Comprehensive instructions for installation are available on Hailey's Codeberg page.
Search