Operation Archives

Winsage

April 24, 2026

WSL9x: Add An Entire Windows 9x Subsystem To Your Linux

The Linux Subsystem for Windows 9x, led by Hailey Somerville, allows Linux to run within the Windows 9x framework by modifying the Linux kernel to interface with Windows 9x kernel APIs. Users need to create a specially modified Linux kernel (version 6.19) and a disk image with Windows 9x installed. The subsystem can be initiated with the wsl command, enabling both kernels to operate together. This initiative is reminiscent of Cooperative Linux and parallels the Windows Subsystem for Linux (WSL2) on Windows 10 and later. Contributions from the community have been vital to the project's development.

Winsage

April 23, 2026

Get Linux on your ancient 486 Windows 95 desktop using WSL9x — very old Windows PCs can cooperatively run very modern Linux kernels

A computer enthusiast has developed a tool called WSL9x, which allows users to run contemporary Linux kernels on early versions of Windows (from Windows 95 onward) and on machines with 486 CPUs. WSL9x enables the simultaneous operation of Windows and Linux applications without relying on hardware virtualization. The architecture includes a client program, wsl.com, which manages a DOS window for the console driver. Meanwhile, the Linux community is phasing out support for the Intel 486 CPU, with developers removing related support options in the Linux kernel, marking the end of support for this processor.

AppWizard

April 22, 2026

The Delta Force Season Echo update has reworked its most iconic map, with the perfect counter to campers

Delta Force's Zero Dam map has been redesigned by Team Jade as part of the Season Echo update, responding to community feedback to enhance gameplay. Key changes include a complete overhaul of the elevator extraction point, adding a second entrance and reducing cover for defenders to promote movement. The surrounding areas now feature new reed marshes, swimmable channels, and an underwater area, with birds added to reveal player locations when startled. A new task chain, 'Operation Gold,' involves players accessing a vault while managing hydrogen gas filling the room. Horn-shaped mounds inspired by local legend provide opportunities for loot and personal messages. The update also includes quality-of-life improvements, such as addressing leg-clipping issues, marking interactable objects, and adjusting the transparency of the wheel menu. The update is available for free on Steam.

AppWizard

April 22, 2026

Nothing’s “AirDrop” app returns after a short absence – but there’s a catch

Nothing has launched a new file transfer tool named Warp, which allows users to share files, images, copied text, and links between devices using Google Drive. Users need to be signed into their Google accounts to utilize the tool effectively. The announcement was made on the Nothing Forum, and users are encouraged to install a browser extension and a dedicated app. The app was temporarily removed from the app store shortly after its launch but has since returned. The Chrome extension supports file sharing on PCs, while the mobile app integrates into the device's share menu. Users can share content by selecting "Nothing Warp" from the menu. The tool is designed for simplicity but may experience slow upload speeds for larger files. It addresses specific user needs rather than serving as a comprehensive multi-platform solution.

Tech Optimizer

April 22, 2026

New STX RAT Uses Hidden Remote Desktop and Infostealer Features to Evade Detection

A newly identified remote access trojan, STX RAT, emerged in 2026, integrating hidden remote desktop access with credential theft features. The name "STX" comes from the Start of Text magic byte x02, which it appends to communications with its command-and-control (C2) server. Initial sightings were reported in late February 2026, when it was delivered via a browser-downloaded VBScript file to a financial organization. By early March, Malwarebytes noted a campaign distributing STX RAT through compromised FileZilla installers. Researchers from eSentire’s Threat Response Unit analyzed the malware, which includes extensive anti-analysis measures and employs techniques like AMSI-ghosting. Once operational, STX RAT connects to a C2 server at 95.216.51.236, transmitting system information securely. It targets saved credentials from applications like FileZilla and includes a Hidden Virtual Network Computing (HVNC) module, allowing attackers to control a victim's machine without detection. Security teams are advised to block the C2 IP and implement detection rules to mitigate the threat.

Tech Optimizer

April 21, 2026

Microsoft says Windows 11 users do not need third-party antivirus software

Microsoft has introduced built-in antivirus software, Microsoft Defender, in Windows 11, which is active by default and continuously updated. Independent testing shows Defender achieving a score of 6 out of 6 from AV-Test and real-world protection rates between 98.5% and 100% from AV-Comparatives. The security features include real-time scanning, behavior monitoring, cloud-delivered protection, SmartScreen technology, Controlled Folder Access, and Smart App Control. Microsoft acknowledges that while Defender is sufficient for most users, third-party solutions may be necessary in enterprise environments. Windows Security benefits from automatic updates through Windows Update, providing continuous protection. Over 500 million Windows 11 users have received this updated guidance.

AppWizard

April 21, 2026

This is the finest VR headset image quality I’ve ever experienced, but it comes at a price

The Pimax Crystal Super 57PPD virtual reality headset features a resolution of 3,840 x 3,840 pixels per eye and a maximum refresh rate of 90Hz. It has a weight of 879g without the cable and approximately 1kg with a 1m cable. The headset offers a 106-degree horizontal field of view and utilizes inside-out tracking via four cameras. It includes a single cable with DisplayPort and USB-C connections, and comes with two controllers. The headset's displays use QLED technology with local backlight dimming, providing vibrant colors and contrast, though it does not achieve the infinite contrast of OLED. The Crystal Super has eye tracking technology for automatic interpupillary distance adjustments and foveated rendering. The headset is modular, allowing users to swap out the screen and optics for different configurations. It is priced at ,599, reduced from ,799, with an additional 2% discount available.

AppWizard

April 21, 2026

NGate NFC malware targets Android users through trojanized payment app

NFC-based payment fraud targeting Android users in Brazil has been linked to a campaign using a trojanized version of the HandyPay app, part of the NGate malware family, since November 2025. The malware is distributed through a counterfeit website mimicking a lottery and a fraudulent Google Play page. The operators chose HandyPay for its low cost and minimal permissions required. The malware requests users to set it as the default NFC payment app, allowing it to capture payment card PINs and relay NFC card data to attackers. ESET Research identified this campaign and discovered logs from compromised devices containing sensitive information. The trojanized app has never been on the official Google Play store, and ESET has notified Google and the HandyPay developer about the issue.

AppWizard

April 21, 2026

New NGate Android malware variant uses NFC app to steal card data

A new variant of the NGate Android malware exploits a legitimate NFC payment app, HandyPay, to steal users' card information and PINs, enabling unauthorized contactless transactions. This malicious version of HandyPay, which has been available since 2021, was identified by ESET researchers and is distributed through a fraudulent lottery website and a fake Google Play page. The malware captures sensitive information by prompting users to enter their payment card PIN and tap their card against the device, sending the data to an attacker-controlled phone and exfiltrating the PIN to a command-and-control server. The campaign employs social engineering tactics and requires minimal permissions, relying on users to enable app installations from unknown sources. The attackers use a centralized infrastructure for malware distribution and PIN collection, with evidence of compromised devices in Brazil. The shift to modifying a legitimate application is motivated by financial incentives, as it offers similar functionality at a lower cost compared to underground tools. Users are advised to avoid installing apps from unofficial sources and to ensure the legitimacy of applications before entering sensitive information.

Winsage

April 19, 2026

14 defaults I think are worth changing: Windows 11 feels modern, but many out‑of‑box settings push services, tracking, and clutter.

Windows 11 has default settings that prioritize background services, cloud integration, and recommendations, which can lead to user frustration. Key issues include: - Diagnostic data collection is enabled by default, requiring users to opt out rather than opt in, with no complete opt-out option available. - Post-setup prompts can disrupt workflow, and users can disable them in Settings > System > Notifications. - The default Taskbar includes features like Widgets and Copilot, which can clutter the interface; users can unpin unwanted icons. - Users are encouraged to sign in with a Microsoft account during setup, but can create a local account instead. - Preinstalled applications may clutter the Start menu, and users can uninstall them through Settings > Apps. - Automatic updates can disrupt user activity, and users can schedule restarts in Settings > Windows Update. - Device encryption is enabled by default, with recovery keys saved to a Microsoft account; users should back up the key offline. - The "Find my device" feature requires ongoing location tracking, which can be disabled in Settings > Privacy & security. - File extensions are hidden by default, which can hinder usability; users can enable them in File Explorer settings. - The redesigned context menu hides advanced options, accessible via Shift + Right-click. - Promotional content is integrated throughout the OS, and while it cannot be fully disabled, users can limit suggestions in settings. - Microsoft Edge can consume system resources upon startup due to background processes, which can be disabled in Edge settings.