operators Archives

AppWizard

June 16, 2026

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have identified a new Android banking trojan named Rokarolla, which can target 217 banking and cryptocurrency applications and execute 137 remote commands. The malware spreads through deceptive websites that impersonate popular apps, installing a dropper that mimics Google Play Protect to gain Accessibility access. It uses overlay techniques to capture sensitive information by displaying counterfeit login pages and can intercept SMS messages, including one-time codes from banks. Rokarolla also features a keylogger, screen logger, and can rewrite clipboard contents to divert cryptocurrency payments. It employs advanced methods for discreet data capture and has multiple fallback command-and-control domains, making it resilient against takedowns. There is no patch available for this malware, and users are advised to install apps only from Google Play and remain cautious of unexpected Accessibility requests. Zimperium's products can detect this malware, and indicators of compromise are available on their GitHub repository.

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.

AppWizard

June 14, 2026

Blizzard sues to kill another World of Warcraft private server for ‘large scale, egregious, and ongoing infringement of [its] intellectual property’

Blizzard Entertainment has filed a lawsuit against Project Ascension, a private World of Warcraft server, claiming it operates a substantial business model based on significant infringement of Blizzard's intellectual property. Project Ascension reportedly attracts over a million players and allows in-game item purchases through Donation Points, generating millions for its operators. The server is allegedly hosted on "bulletproof" servers linked to the Russia-based Aeza Group, which has been targeted by the U.S. Department of the Treasury for cybercrime. The Turtle WoW server previously faced similar legal action from Blizzard, and there has been no public response from Project Ascension regarding the lawsuit. Community sentiment appears to be one of resignation towards the situation.

Winsage

June 12, 2026

Hackers Use Fake Windows Update Installers to Deliver OnyxC2 Credential Stealer

OnyxC2 is a sophisticated credential stealer available for a subscription fee of 0 per month, distributed through disguised lures such as fake Windows updates and legitimate software installers. It functions as a commercial product with features like an automated payload builder, tiered licensing, and a centralized web dashboard. The malware boasts a 99% detection-evasion rate, successfully evading major antivirus solutions during tests. It is developed in C++, utilizing direct system calls and mutating with each build to avoid detection. OnyxC2 collects data from around 210 applications, targeting 45 web browsers, password managers, cryptocurrency wallets, and FTP clients. The malware is delivered using DLL sideloading, where a password-protected archive contains a legitimate application and a malicious DLL. The attacker's DLL is disguised by inflating its size and is loaded by a trusted binary. The malicious code remains encrypted on disk and decrypts in memory to evade analysis. OnyxC2 communicates with a Cloudflare-fronted command-and-control server to manage infected hosts and execute commands like hardware registration and cookie uploads. The threat extends to business environments, targeting FTP and email clients, with stolen session cookies allowing ongoing access to corporate infrastructure. Implementing anti-data exfiltration controls is recommended as a mitigation strategy.

Tech Optimizer

June 10, 2026

Microsoft Open-Sources PostgreSQL Extension for In-Database Durable Execution

Microsoft has introduced pg_durable, a PostgreSQL extension that enables developers to execute durable workflows within the database, reducing the need for external orchestration systems. It simplifies workflow management by allowing developers to express long-running, fault-tolerant SQL functions directly in SQL, managing execution concerns like retries and recovery. Workflows are defined in SQL, with the extension handling retry states, progress tracking, and checkpointing. A pg_durable function operates as a graph of SQL steps that can resume from the last durable checkpoint after a failure. The extension preserves execution states within PostgreSQL tables, ensuring workflows can withstand crashes and restarts. It includes a domain-specific language (DSL) for scheduling and parallel execution. An example of a durable function is provided, demonstrating sequential and parallel execution using specific operators. pg_durable is particularly useful for vector embedding pipelines and scheduled maintenance tasks. Architecturally, it consists of a PostgreSQL extension and a background worker built on Rust libraries, without any external control plane. Durable execution allows long-running workflows to automatically resume from failure points, simplifying distributed system architecture.

Tech Optimizer

June 9, 2026

Fake ChatGPT download site infects Windows and Mac users with malware

A counterfeit website, openew[.]app, is impersonating OpenAI's official ChatGPT download page and distributing malware. Windows users who download from this site receive a credential-stealing malware loader, while macOS users are infected with Odyssey Stealer, a variant associated with cryptocurrency theft. The fake site mimics the legitimate ChatGPT interface and uses HTTPS to appear trustworthy. The Windows malware, Chat_GPT.exe, creates a back channel to an attacker-controlled server, while the macOS malware captures sensitive data and attempts to replace legitimate cryptocurrency wallet applications with compromised versions. Users who download from official sources remain safe, but those who click on ads or unfamiliar links risk compromising their online accounts and sensitive information. Malwarebytes offers protection against this malware. Indicators of compromise include specific file hashes and network indicators associated with the malicious site.

AppWizard

June 9, 2026

This New Computer Virus Is Disguising Itself As A Popular Video Game

Old-school gaming consoles are seeing a resurgence, but hackers are exploiting this trend with a malware campaign called "WeedHack," which emerged in January. This malware operates on a "Malware-as-a-Service" model, allowing users to purchase it to infect victims. WeedHack functions as a remote access infostealer, compromising computers to manipulate screens, access webcams, and steal sensitive data. It propagates by enticing users with unofficial "Minecraft" mods and clients, often using videos and download links as bait. Additionally, it employs "SEO poisoning" to promote fake websites as legitimate sources for these mods on platforms like Discord and Reddit. WeedHack disguises itself as a JAR file, similar to the official "Minecraft" client, and once executed, it installs its payload from Ethereum server domains. It can insert itself into antivirus exclusion lists, evading detection, and McAfee's tests show that Windows Defender is ineffective against it. The malware collects extensive information, including Wi-Fi networks and browser cookies, and grants hackers complete control over infected computers. The WeedHack virus serves as both malware and a training ground for aspiring hackers, structured into two tiers: a free version with core capabilities and a paid subscription for advanced features. A community has formed around WeedHack, offering tutorials, a Discord server, and a website for feature requests and custom payload creation. This community aspect lowers the barrier for newcomers, particularly targeting a younger audience that may not understand online safety.

AppWizard

June 7, 2026

‘Tactical radio action’ game Burn-9 announced for PC

14 Hours Productions is developing a political spy thriller game titled Burn-9, set to launch for PC on Steam, GOG, and the Humble Store in 2026. Players take on the role of an unseen operator assisting the last survivor of a black-ops team in a chaotic mission. A demo is currently available. The game involves navigating espionage and making pivotal choices based on gathered intelligence while using advanced surveillance systems. Players can disable security measures and extract sensitive information, facing moral complexities and ethical dilemmas throughout the mission.

AppWizard

June 6, 2026

Every Xbox and PC game announced during Summer Game Fest 2026

The seventh annual Summer Game Fest showcased upcoming titles for 2026 and beyond, featuring a two-hour presentation with trailers and gameplay reveals. Key announcements included: - Resident Evil: Veronica - A remake of Resident Evil: Code Veronica set to launch in 2027 on Xbox and PC. - Cuphead - Two new games: a sequel and an 8-bit arcade title called Mighty Cuphead Adventure. - Alien Isolation 2 - Teased with a trailer; release date not announced. - gen ATLAS - A mech-themed game from GenDesign. - Blood Message - A single-player action-adventure game expected on PC and consoles. - Stranger Than Heaven - Set for release on January 15, 2027, featuring Tupac as a character. - HAEX - An open-world survival shooter for 1-4 players. - Mortal Shell 2 - Open beta now available on Steam. - Teenage Mutant Ninja Turtles: The Last Ronin - A game set in a future New York City. - Gundam: Rogue Orbit - A new entry in the Gundam series. - Crossfire - A stealth-action single-player adventure. - Guild Wars 3 - Set to launch with a beta expected in 2027. - Star Wars: Galactic Racer - Releasing on October 6, 2026. - Virtua Fighter Crossroads - Announced for 2027. - RuneScape: Dragonwilds - Launching on Xbox on September 15, 2026. - 1666 Amsterdam - Entering Early Access in late 2026. - SAW: Genesis - A multiplayer horror game. - Star Wars: Zero Company - Releasing on August 27, 2026. - The Blood of Dawnwalker - Launching on September 3. - Among Us Story: On Guard - A story-driven spinoff available for wishlisting. - Monster Hunter Wilds: Ascendance - Expansion set for 2027. - Swords of Legends - An action RPG inspired by Soulsborne games. - Clutch - An open-world racer expected in Spring 2027. - Chronicles: Medieval - Entering Early Access later this year. - Palworld - Fully launching on July 10. - The Wolf Among Us 2 - Set for release in 2027, alongside a remaster of the original. - Stellar Blade: Blood Rain - Sequel to Stellar Blade. - Final Fantasy 7: Revelation - Launching in Spring 2027 on Xbox, PC, and PS5.

Tech Optimizer

June 6, 2026

PostgreSQL vs SQL Server 2026: $0 vs $15K License

PostgreSQL has become the most utilized database for developers for two consecutive years as of 2026, while SQL Server has introduced native AI capabilities and vector search functionalities in its latest release. PostgreSQL is favored for new projects due to its permissive licensing, cross-platform operation, and extensive ecosystem of extensions, whereas SQL Server is preferred by organizations already using Microsoft products for its robust tooling and enterprise support. As of June 2026, SQL Server ranks third in the DB-Engines popularity ranking with a score of 698, while PostgreSQL ranks fourth with a score of 688. Developer adoption trends show that 49% of respondents in the Stack Overflow 2024 Developer Survey use PostgreSQL, compared to 27% for SQL Server. The latest stable version of PostgreSQL is 18.4, released on May 14, 2026, while SQL Server 2025 (version 17.x) became generally available on November 18, 2025. PostgreSQL is free under a permissive license, while SQL Server's Enterprise Edition can cost upwards of ,123 per two-core pack, with an eight-core minimum. PostgreSQL supports various operating systems, including Linux, Windows, macOS, and BSD, while SQL Server operates on Windows and Linux. PostgreSQL uses PL/pgSQL as its primary procedural language, allowing for multiple procedural languages, whereas SQL Server uses T-SQL. PostgreSQL's JSONB type offers rich indexing, while SQL Server added native JSON support in its 2025 release. Both databases are capable of handling high transaction volumes, but PostgreSQL excels in read-heavy scenarios due to its multi-version concurrency control, while SQL Server's columnstore indexes provide advantages for analytical workloads. PostgreSQL supports tables up to 32 TB, while SQL Server can handle a maximum database size of 524 PB. SQL Server's high availability technology includes Always On Availability Groups, while PostgreSQL offers built-in streaming and logical replication. The security features of both databases meet enterprise standards, with PostgreSQL providing a transparent patching process and SQL Server integrating with Microsoft tools. Real-world usage examples include Stack Overflow using SQL Server, while Instagram and Reddit utilize PostgreSQL. Developer sentiment increasingly favors PostgreSQL for new projects, emphasizing flexibility and open-source solutions. For new startups or greenfield projects, PostgreSQL is recommended due to its zero license cost and compatibility. Existing Microsoft enterprises are advised to stick with SQL Server for its integration benefits. Migration from SQL Server to PostgreSQL is becoming common, with a structured approach required for successful transitions.