hacker Archives

Winsage

April 15, 2026

It has been revealed that Microsoft did not remove Copilot from Windows 11, but simply renamed it, leading to complaints from some users.

Microsoft has begun removing the Copilot button from select applications in its Windows 11 ecosystem, starting in late March 2026, as part of a strategy to integrate AI more effectively. Changes announced by Pavan Davrli on March 20, 2026, include improved taskbar customization, enhanced control over Windows Update, and performance boosts for File Explorer. The Copilot button has been removed from applications like Snipping Tool and Notepad, but the AI-powered tools remain accessible under the name "Advanced features." Users can disable the standard Copilot functionality through settings. The decision has sparked mixed reactions, with some users feeling disillusioned and expressing concerns about unnecessary AI features in essential software.

Winsage

April 13, 2026

The engineer who built Windows Task Manager in the 90s says its 80KB footprint was a feature not an accident

David Plummer, a veteran Microsoft engineer, created the original Windows Task Manager (Taskmgr.exe) in the 1990s, which had a file size of only 80KB. This small size was crucial for its functionality during system freezes. Plummer used a mutex to check if another instance of the program was running, allowing for efficient operation without complex process lists or loops. His recent reflections in early 2026 have sparked discussions about the evolution of software, particularly criticizing Windows 11 for straying from its foundational purpose and emphasizing resource efficiency. The 1990s hardware constraints forced developers to innovate, contrasting with today's environment where abundant resources allow for less efficient applications. Plummer's mutex technique is now seen as a benchmark in application design, highlighting a generational shift in development practices. The discourse around his 80KB Task Manager raises questions about the future of software procurement and the importance of memory footprint in purchasing decisions.

AppWizard

April 11, 2026

Hackers demand ransom from GTA6 studio Rockstar, threaten to leak stolen data

Rockstar Games is facing a security breach involving the hacking group ShinyHunters, which has issued a ransom demand for sensitive data. A Rockstar spokesperson confirmed that a limited amount of non-material company information was accessed due to a third-party data breach, stating it has no impact on the organization or its players. This incident follows a similar breach in 2022 when a 17-year-old hacker infiltrated Rockstar's systems. ShinyHunters has targeted various high-profile companies in the past, including Microsoft and AT&T. The breach highlights that many security incidents can result from simple human errors rather than sophisticated hacking techniques.

AppWizard

April 11, 2026

Security researchers find 213 vulnerabilities in Russia’s state-backed messaging app Max

Security researchers discovered 213 vulnerabilities in Max, Russia's state-backed messaging app, during a bug bounty initiative. This information was shared by Alexei Batyuk, CTO of Positive Technologies, at the Svyaz-2026 exhibition. The bug bounty program has been active since July 1, 2025, resulting in 288 accepted vulnerability reports and total payouts of nearly 22 million rubles. Common vulnerabilities could allow unauthorized access to user data through the manipulation of object identifiers. Max's press service claimed that user data is "reliably protected" and emphasized the importance of independent white-hat hackers in identifying vulnerabilities. Max was launched by VK in March 2025 and is being promoted by Russian authorities amid efforts to block other messaging platforms like Telegram and WhatsApp. The app has faced criticisms regarding user surveillance and security vulnerabilities.

TrendTechie

April 11, 2026

Пираты слили на торренты Resident Evil Requiem

Hacker voices38 has successfully circumvented the Denuvo anti-piracy protection in Resident Evil Requiem, marking the first breach of a project secured with the current version of Denuvo without using hypervisor techniques. The method used is described as a native approach, which avoids the complications and risks associated with hypervisor solutions. This breakthrough claims to improve performance, mitigating frame rate drops that typically average 11 fps with previous methods. The version of Denuvo in Resident Evil Requiem has only minor modifications from the 2025 release. Resident Evil 9: Requiem debuted in February 2026, featuring Leon Kennedy and FBI agent Grace Ashcroft. Additionally, Android smartphones can run Resident Evil Requiem at 90 fps.

Tech Optimizer

April 1, 2026

Ransomware Groups Exploit Legit IT Tools to Bypass Antivirus

Ransomware attackers are increasingly using legitimate IT tools, referred to as the “dual-use dilemma,” to infiltrate systems instead of relying solely on traditional malware. Tools like Process Hacker and IOBit Unlocker, originally designed for troubleshooting, are now being weaponized to disable antivirus software. IOBit Unlocker has been linked to cyber campaigns by LockBit Black 3.0 and Dharma, while Process Hacker is used by Phobos and Makop ransomware operators. These tools have trusted digital signatures, allowing hackers to operate undetected. Ransomware attacks typically follow a kill chain, starting with phishing emails or compromised credentials. Attackers gain SYSTEM-level control using tools like PowerRun or YDArk. The attack unfolds in two phases: first, they use “process killers” to terminate antivirus monitoring, and then they employ tools like Mimikatz to extract passwords and erase logs, complicating tracking efforts. The evolution of ransomware tactics includes the use of Ransomware-as-a-Service (RaaS) kits, such as LockBit 3.0 and BlackCat, which are designed to disable antivirus protections. Future trends may involve AI-assisted methodologies that autonomously determine ways to circumvent security measures, indicating a shift in the security landscape.

Winsage

March 28, 2026

Update Windows 11 will block Denuvo hacking via Hypervisor

Microsoft has confirmed a major kernel security update for Windows 11, revoking trust in older drivers signed through an outdated cross-certification program. The update will ensure that Windows 11 accepts only software that has passed the Windows Hardware Compatibility Program's testing standards. This change aims to counter piracy attempts, particularly against a hacker known as DenuvOwOA, who bypassed Denuvo's anti-piracy protection by manipulating the embedded hypervisor and loading unsigned or vulnerable drivers. The new security policy will block the execution of such code, making existing hacking methods obsolete. The rollout will begin in compatibility assessment mode for Windows 11 and Windows Server & Hosting, with a hard block activated only if no stability issues are detected. Corporate clients can manually add certificates through the Application Control for business tool, while gamers will find it increasingly difficult to run hacked games relying on a modified hypervisor.

AppWizard

March 19, 2026

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have identified a new family of Android malware called Perseus, designed for device takeovers and financial fraud. It utilizes Accessibility-based remote sessions for real-time monitoring and interaction with infected devices, particularly targeting Turkey and Italy. Perseus monitors user notes to extract personal or financial information and is distributed through dropper applications via phishing websites. It expands on the codebase of previous malware like Phoenix and employs disguises as IPTV services to reduce user suspicion. Once operational, it performs overlay attacks and captures keystrokes to steal credentials from financial applications. The malware allows operators to issue commands through a command-and-control panel, enabling various malicious actions, including capturing note content and initiating remote visual streams. Perseus also conducts environment checks to evade detection and ensure it operates on legitimate devices.

AppWizard

March 17, 2026

The FBI is investigating malware hidden inside games hosted on Steam

The FBI is investigating a hacker responsible for releasing several video games with embedded malware on the Steam platform. The suspected games include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova. These games were developed over the past two years and posed risks to gamers who downloaded them. This incident follows a similar event from the previous year when malware-laden games were also uploaded to Steam. Neither Valve nor the FBI has commented on the investigation.

AppWizard

March 13, 2026

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

The FBI has launched an investigation into malware threats associated with PC games on Steam, particularly targeting users from May 2024 to January 2026. The games identified include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all linked to malware incidents. For example, PirateFi was designed to steal browser cookies, Chemia updated itself with malicious software, and BlockBlasters was identified as a Trojan that siphoned cryptocurrency. The FBI's alert also mentions Lampy, which may harbor malware. Valve, the parent company of Steam, has not responded to inquiries but has warned users about the affected games. The investigation suggests a potential link to a single group or individual, with reports indicating that victims were lured through Telegram messages offering free game keys or job opportunities.