hacking Archives

AppWizard

May 30, 2026

Pragmata’s developers take all your comparisons to Xbox 360 shooters as a ‘huge compliment’, though I’m not convinced by their theory for why players are making the connection

Pragmata has a resemblance to action games from the Xbox 360 and PS3 era, which the developers at Capcom, including director Yonghee Cho and producer Naoto Oyama, view positively. Oyama noted that the nostalgia may come from a time when many developers were experimenting with new game concepts. Pragmata offers a linear, single-player action experience, which is rare in today's gaming landscape, and is part of a trend this year with other successful titles like Resident Evil: Requiem and 007: First Light. The game features a unique combination of third-person shooting and hacking minigames, which has received positive feedback, particularly for its tile maze mechanic used in combat.

Tech Optimizer

May 29, 2026

This compact antivirus protection package is now less than £25 — Norton 360 has everything you need to secure your devices against malware, ransomware, and hacking

Norton 360 Standard is currently available for £25, down from its regular price of £70 for the first year. It protects up to three devices from threats like malware and ransomware and includes features such as cloud backup, a VPN, and a password manager. It has a Scam Protection feature that identifies scams in messages and deepfake videos, and an AI Genie for user support. Norton 360 is consistently ranked among the top three antivirus solutions and has received high marks from AV-Comparatives and AV-TEST. It secures internet traffic on public Wi-Fi networks and offers 10GB of cloud backup to protect important files. The deal auto-renews at the standard price after the first year.

Winsage

May 28, 2026

Your Windows PC has a security deadline in June 2026

A Secure Boot certificate refresh is being deployed across supported Windows devices via Windows Update. The Secure Boot certificates from 2011 will begin to expire in June 2026, prompting Microsoft to introduce new 2023-dated certificates to maintain security. Most users will require minimal action if their PCs are updated, but older devices may face challenges. The current certificates include: - Microsoft Corporation KEK CA 2011: expires June 24, 2026 - Microsoft UEFI CA 2011: expires June 27, 2026 - Microsoft Windows Production PCA 2011: expires October 19, 2026 The new certificates will remain valid until 2038, with plans for post-quantum cryptography around 2030. While PCs using the 2011 certificates will continue to function, they will lose access to new security protections, making them vulnerable to emerging threats. A notable example of such a threat is the BlackLotus bootkit, which exploited vulnerabilities to bypass Secure Boot. Microsoft's rollout strategy involves a staged update process that typically takes around 48 hours and may require restarts. Users are advised to keep Windows updated and check their Secure Boot status. Known issues may arise for older PCs, systems that bypassed Windows 11 requirements, Legacy BIOS systems, and custom firmware configurations. IT teams managing devices should inventory their systems, monitor specific event IDs, test updates, and document devices that cannot be updated.

AppWizard

May 26, 2026

Is your phone bill higher? 200+ Android apps might secretly be stealing money from you

A new type of malware has emerged that targets smartphone users by inflating phone bills through unauthorized carrier subscriptions. Discovered by cybersecurity firm Zimperium, this operation involves nearly 250 counterfeit Android applications that impersonate popular apps like TikTok and Instagram. Once downloaded, the malware uses advanced techniques such as JavaScript injection and SIM card access to enroll users in fictitious premium services without their knowledge. The scam has primarily affected users in Malaysia, Romania, Thailand, and Croatia, with Malaysia accounting for 85% of the victims. Google has confirmed that these malicious apps are not available on the Play Store and that users are protected by Google Play Protect. Despite a peak in activity in September 2025, parts of the scam's infrastructure remain operational, with the last recorded activity in January 2026. Users are advised to practice online security measures to protect their personal data.

AppWizard

May 23, 2026

Retro enthusiast injects Snake game into vintage S3 graphics card VBIOS — enjoy some serpentum fun while your old PC boots

A retro PC enthusiast modified the VBIOS of an S3 ViRGE DX graphics card to include a version of the classic game Snake, allowing users to play it briefly during system boot. This project, by the YouTube channel Bits und Bolts, involved embedding Snake 512, a compact game written in x86 assembly language. The modification includes a dynamic text splash screen displaying the GPU's operating frequency and prompts users to play Snake or skip to the boot process. The implementation does not support USB keyboards and has no sound during gameplay. The enthusiast also customized the game's colors using hexadecimal values from the VGA color palette.

AppWizard

May 23, 2026

“Congrats to the owners of a brand new $6k paperweight”: Valorant dev Riot makes players think Vanguard anti-cheat will brick their PCs, causing uproar — here’s what’s really happening

Valorant's anti-cheat system, Vanguard, has been controversial due to its interference with DMA firmware devices, which are used to cheat in the game. Riot Games posted a message suggesting that Vanguard was making these devices unusable, leading to backlash from the gaming community. Riot clarified that Vanguard does not damage hardware or disable devices but prevents DMA cheat devices from functioning while IOMMU protections are enabled. Players not using DMA devices are not affected. The situation has sparked debate about the balance between anti-cheat measures and their impact on hardware.

AppWizard

May 21, 2026

Mortal Sin is my favorite roguelite you haven’t played, and it’s a steal in this Steam key bundle

Mortal Sin is an indie roguelite game that combines elements from titles like Dark Messiah, Warhammer: Vermintide, Roboquest, and Hades. It features a visceral landscape filled with gore and a variety of melee weapons, encouraging aggressive gameplay. Players can execute limb-severing combos and must manage weapon durability to survive. The game is currently available for .50 as part of the Prestige Collection XL Bundle from Fanatical, requiring the purchase of two games totaling .99.

TrendTechie

May 21, 2026

007 First Light рискует оказаться на торрентах до официального релиза

The game 007 First Light is set to launch on May 27, but there are concerns about it being leaked onto torrent sites before its release. Players who pre-order the game can start playing 24 hours earlier than the general public, increasing the risk of piracy. Recent trends show an increase in fully functional pirated versions of major games appearing before their official launches, including titles like Pragmata and Death Stranding 2. There is no confirmed information about the use of the anti-piracy system Denuvo on Steam, and even with such protections, hackers have been able to bypass them. Factors contributing to early availability of game builds to hackers include failures in pre-loading systems and actions by reviewers. Even if a game avoids leaks initially, it is likely to be pirated eventually.

Tech Optimizer

May 19, 2026

PoC Released for 20-Year Old PostgreSQL RCE Flaw

A public proof-of-concept exploit has been released for CVE-2026-2005, a critical heap-based buffer overflow vulnerability in PostgreSQL's pgcrypto extension, allowing full remote code execution and privilege escalation to the database superuser level. This vulnerability has existed since 2005 and was discovered by an AI-powered security tool during the ZeroDay.Cloud 2025 event in December 2025. An upstream patch was committed on February 8, 2026, and released on February 12, 2026. The vulnerability has a CVSS score of 8.8 and affects approximately 80% of cloud environments using PostgreSQL, with 45% accessible via the internet. The flaw is in the pgp_parse_pubenc_sesskey() function, which lacks bounds checking, allowing attackers to manipulate session key lengths. The pgcrypto extension can be installed by any database role with CREATE privileges, increasing the risk of exploitation. The proof-of-concept exploit involves an information leak, arbitrary write, and privilege escalation to remote code execution. The vulnerability affects all major versions of PostgreSQL prior to the February 2026 releases, which include versions 18.2, 17.8, 16.12, 15.16, and 14.21. Mitigation steps include upgrading to patched versions, restricting CREATE privileges, blocking direct internet exposure, rotating database credentials, auditing the usage of COPY FROM PROGRAM, and verifying patched engine versions for cloud-managed PostgreSQL users.

Winsage

May 18, 2026

Windows CE Ported to Nintendo 64

Throaty Mumbo successfully ran Windows CE 2.11 on the Nintendo 64 by leveraging the shared architecture of both systems, which are based on the MIPS R4000 processor family. The project involved a month of reverse engineering, using Microsoft toolchains, custom hardware modifications, and debugging techniques. An EverDrive flash cartridge was used to load custom ROMs, and a USB connection facilitated uploads from a PC. Challenges included crashes with the initial EverDrive cartridge, which were resolved by upgrading to the EverDrive-64 X7. A custom kernel clone was created to troubleshoot issues with the stock Windows CE kernel, ultimately allowing the project to revert to the unmodified version. The Nintendo 64 controller was repurposed as a mouse, and standard Windows CE applications could be launched from the desktop. Comprehensive build details are available on GitHub.