NewApp Digest
search bot

navigating

Introduction to COM usage by Windows threats
Winsage
June 25, 2026

Introduction to COM usage by Windows threats

Component Object Model (COM) is a technology in Windows that enables object activation, inter-process communication, and automation across different programming languages. Malware exploits COM interfaces for activities such as lateral movement, execution, downloading, exfiltration, persistence, evasion, system discovery, and automation of Windows and Office functionalities. Reverse engineering COM-heavy binaries involves navigating GUIDs and indirect vtable calls to understand malware mechanics. Research at the AVAR 2025 conference and CARO 2026 workshop discusses methodologies for analyzing COM binaries and case studies of malware families that utilize COM. COM is an application binary interface (ABI) model that allows software components to be reused and enables interaction between different programming languages through interfaces defined at the binary level. Distributed COM (DCOM) allows clients to activate COM objects on remote systems. COM classes are identified by unique class identifiers (CLSIDs), and interfaces by interface identifiers (IIDs). The Windows registry stores COM registration data, with classes and interfaces located under specific keys. Malware often acts as a COM client, utilizing the COM runtime to instantiate classes and request interfaces. ProgIDs provide human-readable registry entries for COM classes. The CoCreateInstance function helps create class objects by resolving CLSID registrations. All COM interfaces derive from IUnknown, which manages object lifetimes and interface querying. COM has its own security model, and identifying classes and interfaces used by malware is crucial for threat researchers. Tools like ComView and OleView.NET assist in inspecting COM registrations. The analysis workflow includes identifying activation API calls, extracting CLSID and IID values, consulting registry definitions, and mapping vtable calls. Qakbot, a banking trojan, exemplifies the use of COM in malware, with its architecture enabling malicious activities like credential theft. Dynamic analysis tools can log COM-related calls in real-time to trace execution flow. Notable malware families that utilize COM include Gh0stRAT, which uses Task Scheduler COM interfaces, and the Attor platform, which employs BITS for file transfers. WarmCookie demonstrates the use of COM for persistence through Task Scheduler. Understanding COM's role in malware is essential for cybersecurity professionals.
Nothing has killed my GTA 6 hype faster than locking a core part of its identity behind a $20 upgrade
AppWizard
June 25, 2026

Nothing has killed my GTA 6 hype faster than locking a core part of its identity behind a $20 upgrade

Grand Theft Auto 6's Ultimate Edition will introduce paywalls, requiring players to pay extra for access to five stores within the game, including two mod shops, a clothing store, a salon, and a tattoo parlor. These stores offer essential customization options that enhance the gameplay experience. The standard version may restrict access to these stores, leading to concerns about player immersion and fairness. Additionally, the preorder page suggests that certain side missions may be exclusive to Ultimate Edition buyers. This trend reflects a broader issue in the gaming industry regarding monetization strategies that prioritize profit over player experience.
Building a better PC than the Steam Machine for cheaper: is it possible?
AppWizard
June 25, 2026

Building a better PC than the Steam Machine for cheaper: is it possible?

The Steam Machine, Valve's gaming console, has received criticism for its high price and poor performance, largely due to rising component costs influenced by investments in artificial intelligence. In response, Linus Tech Tips, led by Linus Sebastian, is working on creating a more affordable and better-performing gaming PC. They are focusing on functionality and value while exploring various components and configurations for an exceptional gaming experience. Alternative builds may not fit as well under televisions as the Steam Machine but offer better performance and cost-effectiveness for dedicated gamers.
PowerToys replaced tools I used to install on every Windows PC
Winsage
June 25, 2026

PowerToys replaced tools I used to install on every Windows PC

Raycast for Windows, a productivity app, was initially a valuable tool for launching applications and executing actions quickly. However, the introduction of the Command Palette in Microsoft PowerToys provided similar functionality, leading to Raycast being less essential for the user's needs. The user found that the Command Palette effectively served as a fast app launcher, integrating well with other PowerToys features. The user also transitioned from GlazeWM, a tiling window manager, to FancyZones in PowerToys for better window management, as FancyZones offered more tailored window layout options. Additionally, Text Extractor in PowerToys streamlined the user's optical character recognition (OCR) tasks by allowing easy text extraction from images. Overall, PowerToys consolidated several utilities into one suite, enhancing the user's productivity while reducing the need for multiple separate applications.
Point-in-Time Restore for Windows 11 is Generally Available
Winsage
June 24, 2026

Point-in-Time Restore for Windows 11 is Generally Available

Microsoft has rolled out the Point-in-time restore feature for Windows 11, enhancing recovery capabilities. Users need to install the June Week D preview update to access it, and the rollout is a Controlled Feature Release (CFR), meaning availability will vary by device. This feature is available in Windows 11 Enterprise, Pro, and Home editions, allowing users to revert systems to a prior state quickly. It offers automatic restore points, improved reliability, integrated management through the Settings app, lower storage impact, and future remote management capabilities via Intune. For Windows 11 Home and Pro users, Point-in-time restore is enabled by default in versions 24H2 and 25H2, and can be managed in the Settings app under System > Recovery > Point-in-time restore.
Pixel testers are getting Android 17 QPR1 Beta 5: this is what's important
AppWizard
June 24, 2026

Pixel testers are getting Android 17 QPR1 Beta 5: this is what’s important

Google has released Android 17 QPR1 Beta 5, which includes the June security patch and fixes for disappearing widgets. The update is available for enrolled Pixel devices with the build number vCP31.260608.007. It addresses issues related to the Game Dashboard, download functionalities, and camera corrections. Despite these improvements, Pixel users have reported problems with 5G connectivity and display performance. The previous Beta 4 introduced May's security enhancements and a new feature called Screen Reactions for content creators. Users experiencing issues are encouraged to report them through the Issue Tracker.
A bunch of bugs that broke PowerToys have been squashed
Winsage
June 24, 2026

A bunch of bugs that broke PowerToys have been squashed

PowerToys has updated to version 0.100.1, fixing critical bugs from version 0.100.0 that affected core features. - Color Picker: Resolved a bug causing the main window to appear within the zoomed-in picker view. - Command Palette: Corrected initialization of Run history in Ahead-of-Time builds, fixed "???" display in Performance Monitor after restart, adjusted Hibernate command to use the Sleep icon, and limited "pin to dock" dialog to enabled displays. - Keyboard Manager: Addressed remapped modifier keys being delivered as system-key events. - Power Display: Fixed monitor power-state control not waking monitors from standby and resolved display detection and brightness control issues on dual-GPU laptops. - PowerToys Run: Improved discovery of Visual Studio Code workspaces. - Quick Access: Fixed crashes in the Quick Access flyout due to unhandled XAML exceptions. - Shortcut Guide: Resolved a crash in the sidebar navigation, corrected number-key rendering in shortcut manifests, and updated bundled manifests for consistent rendering. - ZoomIt: Fixed a race condition in audio initialization for video recording.
Get 2 Years of Surfshark VPN and Antivirus for $2.79 Per Month This Prime Day
Tech Optimizer
June 24, 2026

Get 2 Years of Surfshark VPN and Antivirus for $2.79 Per Month This Prime Day

An advertiser has invested in editorial consideration for a deal that offers two years of Surfshark's VPN and antivirus service for less than .49 per month. Customers opting for the two-year Surfshark One plan receive an additional three months at no extra cost, totaling 27 months of coverage for .33, which breaks down to .49 per month. This offer coincides with Amazon Prime Day and is presented as a cost-effective subscription for long-term security solutions. Surfshark is recognized as the best-value VPN, offering three plans: Starter, One, and One Plus, with the One plan being the optimal choice for most users. It includes antivirus protection, data breach notifications, and a private search engine.
I finally found the best personal knowledge management tool on Android after years of switching back and forth
AppWizard
June 24, 2026

I finally found the best personal knowledge management tool on Android after years of switching back and forth

The author explored various personal knowledge management (PKM) tools on Android and initially avoided Obsidian due to dissatisfaction with its earlier mobile app versions, which felt cramped and outdated. However, after revisiting the redesigned Obsidian app, they appreciated its modern user interface and improved usability. Obsidian's use of plain Markdown files allows for better file management and future-proofing of notes. The app supports both quick capture of ideas and deeper exploration through linking notes and creating a cohesive knowledge base. Features like Quick Note, Daily Note widget, and Graph View enhance its functionality. Data syncing requires some setup, with options for Obsidian Sync or third-party solutions. Ultimately, Obsidian stands out as a customizable and long-lasting PKM tool for the author’s workflow.
I found an Android app that makes using my phone one-handed so much easier
AppWizard
June 23, 2026

I found an Android app that makes using my phone one-handed so much easier

Accessibility features in smartphones are crucial for users with vision, hearing, or mobility impairments. Quick Cursor: One-Hand Aid is an Android application designed to assist individuals with dexterity challenges by providing a virtual mouse pointer that can be controlled from a designated area on the screen. Users can adjust the pointer's height to improve reachability for tapping icons or buttons. The app is available in free and paid versions, with the Pro version costing .99 for additional features. To use Quick Cursor, users set up a trigger area on their device, which can be adjusted in size and position. The app supports both portrait and landscape orientations and offers customization options like cursor speed. Users activate the cursor by swiping from the trigger area and can easily navigate the screen. Quick Cursor enhances usability, particularly for those with mobility challenges, making it easier to operate larger smartphones with one hand.
Search