PNG

Winsage
June 19, 2026
Reports have emerged about complications from the latest Patch Tuesday update, affecting users with issues such as access problems with OneDrive and Dropbox, BitLocker recovery lockouts, and Blue Screen of Death (BSOD) errors. Microsoft has acknowledged a glitch related to the Recycle Bin after the installation of June's Patch Tuesday update (KB5094126), where the confirmation dialog displays the internal file name instead of the actual name when deleting an item. This issue affects various supported Windows client and server versions, including Windows 11 (versions 26H1, 25H2, 24H2, 23H2), Windows 10 (versions 22H2, Enterprise LTSC 2021, Enterprise LTSC 2019, Enterprise LTSB 2016), and Windows Server (2025, 2022, 2019, 2016, 2012 R2, 2012). Microsoft is working on a solution expected in a future update, but it is unclear if it will be part of the next Patch Tuesday or an out-of-band update. Commercial customers can implement a workaround by contacting Microsoft Support for Business.
AppWizard
April 29, 2026
The 26.2 Snapshot 5 introduces several new features, including an explosive archetype for the Sulfur Cube and the addition of erupting Geysers formed by Potent Sulfur. The new Sulfur Cube archetype, called Explosive, shares properties with the Regular archetype but has higher air drag and can absorb TNT blocks. When primed, absorbed TNT has a fuse time of 6 seconds when ignited by fire or Redstone, and a randomized fuse time between 0.75 and 3 seconds when primed by an explosion. Sulfur Cubes with absorbed TNT cannot be picked up or damaged, and no Small Sulfur Cubes will spawn upon explosion. Potent Sulfur creates Geysers when placed above a Magma block and under water, sending water particles skyward at random intervals. Various adjustments have been made to mob hitboxes, and Hoglins are now classified as hostile and will not spawn on Peaceful difficulty. New sounds for Geyser eruptions have been added, and Touchscreen Mode has been removed. The Data Pack version is now 104.0, and the Resource Pack version is 86.2. New particles related to Geysers have been introduced, and several bugs have been fixed in this update.
AppWizard
April 25, 2026
McAfee researchers discovered a complex Android rootkit campaign, dubbed Operation NoVoice, that infiltrated 50 applications on Google Play, exploiting vulnerabilities in the kernel that had been patched but not uninstalled. The malware was resilient enough to survive factory resets and was concealed within seemingly benign apps, which collectively garnered 2.3 million downloads. The malicious payload was hidden in the com.facebook.utils package and used steganography to embed an encrypted payload within a PNG image. The malware conducted multiple checks to avoid detection and established contact with a command-and-control server, polling for exploit packages every 60 seconds. It utilized 22 distinct exploits, including vulnerabilities that had received patches between 2016 and 2021. The malware disabled SELinux enforcement and installed a persistent rootkit that could survive factory resets. Google confirmed the removal of the infected apps but noted that users who had already downloaded them remained at risk, especially if their devices were running unpatched Android versions. McAfee advised affected users to treat their devices as compromised and consider professional inspection or hardware-level storage wiping for remediation.
AppWizard
April 15, 2026
In version 26.2, a new feature called sulfur spikes has been introduced, which generates naturally in sulfur caves. These spikes can form stalactites when placed on the ceiling and stalagmites when on the floor. They can be combined to create longer formations and will merge if placed adjacent without pressing the shift key. Stalagmites will break if not anchored, and stalactites will fall if unsupported. Thrown tridents can break sulfur spikes. The Potent Sulfur block can no longer be crafted back into sulfur blocks, and several block textures have been updated. The Sulfur Cube can no longer be picked up by boats. Sound effects for Nautilus jets and recoveries have been updated. The Data Pack version is now 102.0, and the Resource Pack version is 86.0. The minecraft:bed block entity has been removed, and entity predicates have been restructured for simplification. New block textures for sulfur spikes have been added. Several bugs have been fixed, including issues with axolotls, emissive textures, client crashes, and leads disappearing from sulfur cubes. Snapshots for Minecraft: Java Edition are available for installation, with a reminder to back up worlds.
Winsage
April 6, 2026
A newly discovered Windows malware called ResokerRAT uses Telegram’s Bot API for its command-and-control operations, allowing it to monitor and manipulate infected systems without a conventional server. It obscures its communications by integrating with legitimate Telegram traffic, complicating detection. Upon execution, it creates a mutex to ensure only one instance runs and checks for debuggers to avoid analysis. It attempts to relaunch with elevated privileges and logs failures to its operator. ResokerRAT terminates known monitoring tools and installs a global keyboard hook to obstruct defensive key combinations. It operates through text-based commands sent via Telegram, allowing it to check processes, take screenshots, and modify system settings to evade detection. Persistence is achieved by adding itself to startup and altering UAC settings. The malware retrieves additional payloads from specified URLs and uses URL-encoded data for communication. Researchers have confirmed its Telegram traffic, and its behavior aligns with various MITRE ATT&CK techniques. Security teams are advised to monitor for unusual Telegram traffic and scrutinize registry keys related to startup and UAC.
Search