hacker Archives

TrendTechie

June 20, 2026

Житель Светлогорска зарабатывал на скрытом майнинге через торренты

Law enforcement officials in the Grodno region have arrested a 35-year-old resident of Svetlogorsk for allegedly distributing malicious software. The suspect modified a hidden virus miner, embedding it in free torrent downloads, which activated on users' computers to mine cryptocurrency without their consent. This activity reportedly earned the hacker about 1,000 Belarusian rubles monthly and affected over 500 computers in Belarus and neighboring countries. An official criminal case has been initiated to address this cybercrime.

TrendTechie

June 20, 2026

Светлогорский хакер зарабатывал на скрытом майнинге, заражая компьютеры через торрент-раздачи

Cybercrime prevention officers in the Grodno region arrested a 35-year-old resident of Svetlogorsk for profiting from modified malware known as a "cryptojacker." This malware was embedded in free torrent downloads, activating on users' computers to mine cryptocurrency, which degraded the machines' performance. The suspect earned approximately one thousand Belarusian rubles monthly and was exploiting over 500 computers at the time of his arrest, affecting users in Belarus and neighboring countries. An investigation is underway to identify the victims, and criminal charges have been filed against him.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.

Tech Optimizer

June 12, 2026

NordVPN’s next-gen antivirus aces independent testing with a 96% phishing block rate

NordVPN's next-generation antivirus blocked 96% of phishing sites in the 2026 Anti-Phishing Comparative Test by AV-Comparatives, improving by 6% from May 2025. The test involved 275 active phishing URLs targeting personal data across various platforms. NordVPN was the first VPN provider to receive the AV-Comparatives anti-phishing protection badge in June 2024, requiring detection and blocking of at least 85% of phishing URLs without false alarms. Users are advised to verify URLs, read messages carefully, enable two-factor authentication, and check for secure HTTPS connections to avoid phishing attempts.

AppWizard

June 8, 2026

Everything Revealed During The PC Gaming Show 2026

The PC Gaming Show 2026 featured over 60 new game announcements in a two-hour event. Key titles include: - Wielders of the Essence: Launching on November 5, demo available on Steam. - Warhammer 40,000: Darktide – Skitarii Class: Debuting on June 23, wishlist on Steam. - Spellsided: Unique RPG with a demo on Steam. - Star Trek: Outposts Unknown: Demo available on Steam. - Hack '95: Demo available on Steam. - Company of Heroes: Definitive Edition: Wishlist on Steam. - Red Kiss: Wishlist on Steam. - Arcane Eats: Demo available on Steam. - Serious Sam: Shatterverse: Sign up for playtest on Steam. - Control Resonant: Pre-orders available for September 24 release on Steam. - Sated: Wishlist on Steam. - Gone Feral: Wishlist and sign up for playtest on Steam. - Abiotic Factor – Entropic Break DLC: Coming this autumn, wishlist on Steam. - There Are No Ghosts at the Grand: Demo available on Steam. - Ssarseeker: Astroneer Expeditions: Early access begins June 11, wishlist on Steam. - Virtue and a Sledgehammer: Demo available on Steam. - Happy Bastards: Combat demo available on Steam. - Another Door: Demo available on Steam. - AfterQuest: Wishlist on Steam. - SlashZero: Wishlist and sign up for playtest on Steam. - Cassette Beasts 2002: Wishlist on Steam. - VOID/BREAKER: Major update available on Steam. - 2 Fights 2 Tight Spaces: Available now on Steam. - Stronghold 4: Demo available on June 23, wishlist on Steam. - Wind Runners: Demo available on Steam. - Wardens of Avalon: Sign up for playtest on Steam. - Planet Zoo 2: Pre-orders available on Steam. - Empulse: Early access on June 24, available during Steam Next Feast on June 15. - Arkheron: Sign up for playtest on the game's website. - ReVamp: Sign up for playtest via the trailer's QR code. - Wardogs: Wishlist on Steam and sign up for playtests via the trailer's QR code. - Shroom and Gloom: New demo available. - Maximum Thunderness: Coming later this year, wishlist on Steam. - Rivage: Demo available. - Time Strike: Wishlist on Steam. - Signet City: Wishlist on Steam. - Mr. Magpie's Harmless Card Game: Available now on Steam. - Ascenders: Beyond the Peak: Demo available on Steam. - Outward 2: Beta available now. - Thief: The Dark Project Remastered: Remastering classic stealth game. - Exo Rally Championship: Off-road racing game. - Duskers 2.0: Available on Steam. - El Paso, Elsewhere 2: Wishlist on Steam. - Beast of Reincarnation: Launching on August 3, pre-order on Steam. - Terrinoth: Heroes of Descent: Available now on Steam. - To Kill a God: Demo available now. - Pipes.exe: Wishlist on Steam. - Sunset Summit: Available now on Steam. - Clowntown: Available for wishlist on Steam. - Armatus: Launching this winter, wishlist on Steam. - Dave The Diver – In the Jungle DLC: Wishlist on Steam. - Carcass Clad: Wishlist on Steam. - Total War: Warhammer 40,000: Beta opportunities to be announced. - About Fishing: Demo available on Steam. - Vampire: The Masquerade – Eternal Whispers: Emphasizes meaningful choices. - Valheim 1.0: Launching on September 9, 2026, download on Steam now. - P.O.N.: Wishlist on Steam. - Locator: The Search for Abigail Lidari: Wishlist on Steam. - Exodus: Features combat and exploration. - Remothered: Red Nun's Legacy: Third installment in the horror series. - Into the Wind: Wishlist on Steam.

AppWizard

June 7, 2026

I’m a sucker for clean UI — these are the 9 best-looking Android apps I’m using in 2026

Hacki for Hacker News is an open-source app with a sleek design, enhancing user experience for accessing Hacker News. Gradient Weather features stunning visuals with bold typography and animated headers for weather updates. PeakFinder uses augmented reality to identify mountain peaks with a minimalist aesthetic. Mako is a minimalist launcher with pastel themes and extensive customization options. Buzzkill offers vibrant notification management with a visually appealing interface. Zest is a to-do list app with an attractive design and organizational tools. Fotmob provides in-depth soccer statistics and real-time updates with customizable widgets. The Wikipedia app features an attractive interface for easy navigation of information. Txori is a time-management app with a retro-minimalist aesthetic and effective scheduling capabilities.

TrendTechie

May 23, 2026

Задорный экшен LEGO Batman слили на торренты

The anti-piracy software Denuvo has been breached by a hacker known as voices38, who circumvented its defenses without using a hypervisor. The game LEGO Batman: Legacy of the Dark Knight has been released in a portable version on a Russian torrent tracker, weighing approximately 40 GB. The deluxe edition was available for pre-order customers on May 19, with a broader release on May 22. The game offers an open-world action experience, inspired by the LEGO franchise and the Arkham series, includes split-screen support for cooperative play, and features Russian subtitles.

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Winsage

May 20, 2026

How To Mitigate The Microsoft Windows BitLocker ‘Angry Hacker’ 0-Day

Microsoft is addressing a zero-day exploit known as YellowKey, identified as CVE-2026-45585, which allows attackers to bypass BitLocker security using a specially crafted USB device. Following the release of exploit code by a hacker named Chaotic Eclipse, Microsoft has issued urgent mitigation advice. Cybersecurity expert Neena Sharma recommends treating this as an active threat and suggests implementing compensating controls, such as restricting USB boot access, until a patch is available. Microsoft has provided guidance for users to protect their systems, including the recommendation to add a PIN to BitLocker protection to reduce the risk of exploitation. Detailed instructions for adding a PIN are included in the advisory. YellowKey has not yet been exploited in the wild but requires physical access to the device.