program Archives

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

Winsage

April 13, 2026

Microsoft tightens Windows 11 driver security rules

Microsoft will enforce a new mandate requiring all hardware drivers to comply with the Windows Hardware Compatibility Program (WHCP) standards starting April 1, 2026. This change will eliminate the "cross-signing" system that allowed older drivers with expired certificates to remain trusted. The enforcement of WHCP certification will apply to various versions of Windows 11 and Windows Server 2025. Users may face blocks when installing older drivers on new systems, but existing installations will not be immediately disrupted. Microsoft plans to introduce an "allow list" for vetted legacy drivers to ensure essential equipment remains operational during the transition. The initial rollout will occur in "evaluation mode," allowing Microsoft to monitor driver behavior without blocking software. For corporate environments, Microsoft offers "Application Control for Business" to allow specific software while maintaining security measures.

Winsage

April 13, 2026

The engineer who built Windows Task Manager in the 90s says its 80KB footprint was a feature not an accident

David Plummer, a veteran Microsoft engineer, created the original Windows Task Manager (Taskmgr.exe) in the 1990s, which had a file size of only 80KB. This small size was crucial for its functionality during system freezes. Plummer used a mutex to check if another instance of the program was running, allowing for efficient operation without complex process lists or loops. His recent reflections in early 2026 have sparked discussions about the evolution of software, particularly criticizing Windows 11 for straying from its foundational purpose and emphasizing resource efficiency. The 1990s hardware constraints forced developers to innovate, contrasting with today's environment where abundant resources allow for less efficient applications. Plummer's mutex technique is now seen as a benchmark in application design, highlighting a generational shift in development practices. The discourse around his 80KB Task Manager raises questions about the future of software procurement and the importance of memory footprint in purchasing decisions.

Winsage

April 13, 2026

Mozilla accuses Microsoft of running the old browser wars playbook to lock in AI dominance through Windows

Mozilla has accused Microsoft of using its dominance in the Windows operating system to marginalize competitors in the AI sector, particularly through the promotion of its Copilot feature. Mozilla claims that misleading update mechanisms are being used to push Copilot onto users and that system settings are being adjusted to hinder the performance of alternative browsers like Firefox. This situation is reminiscent of the 1990s browser wars when Microsoft bundled Internet Explorer with Windows to eliminate competition. In July 2025, Opera filed a formal antitrust complaint in Brazil against Microsoft, leading to an investigation into whether Microsoft was coercing hardware manufacturers to bundle Edge exclusively. A ruling against Microsoft could require a separation between the operating system and AI services. Microsoft's current strategy aims to control the AI inference layer, with each interaction through Copilot representing valuable data and monetization opportunities. Reports indicate that Microsoft is removing Copilot branding from standalone applications to further integrate it into the operating system. Despite Edge being the third most popular browser, Microsoft's tactics suggest a focus on securing AI infrastructure rather than just competing for browser market share. Regulatory scrutiny may increase due to ongoing antitrust challenges related to Microsoft's OpenAI investment and cloud AI bundling practices. The development of OEM relationships and potential resistance to Microsoft's requirements could significantly impact its integration strategy.

Winsage

April 12, 2026

Original Windows Task Manager Was Just 80 KB, Says Microsoft Engineer

The original Windows Task Manager was 80 KB in size, while its current version is 4 MB. Dave Plummer designed it to remain operational during system freezes, emphasizing that every line of code has a cost. The Task Manager could manage multiple instances by sending private messages to existing ones and launching new instances if the original was unresponsive. It utilized global strings and direct access to the kernel’s process table for speed and efficiency. Users have noted that modern systems consume more resources for similar tasks compared to older versions like Windows 7.

AppWizard

April 12, 2026

DayZ creator Dean ‘Rocket’ Hall has over 2,000 hours in Kerbal Space Program and played the original XCOM at Mount Everest base camp: ‘I think when I die, I will still be playing that game’

Dean Hall, the founder of RocketWerkz, began his gaming journey with a Commodore 64 and developed a passion for computers after a challenging five-hour gaming session. He is currently developing Icarus, a space survival game that has recently become profitable after a difficult launch. Hall has logged 1,400 hours in RimWorld, where he has released two popular mods. He enjoys playing Ostranauts, accumulating at least 150 hours per playthrough, and is looking forward to its upcoming update. Hall has also played the original XCOM for around 600 hours over the past year. He has nearly 5,000 hours in Stationeers, a game developed by his studio, and over 2,000 hours in Kerbal Space Program. His favorite game is Space Station 13, where he plays a character named Colton Murphy. For non-gaming software, he relies on Rider for programming development. Hall maintains a very clean desktop, regularly organizing it for security and efficiency in his game development process.

AppWizard

April 12, 2026

Android 17: All new Features, Release Date, & Major Leaks So Far

Android 17 Beta 2 was unveiled in April 2026, introducing significant features aimed at enhancing user experience and supporting autonomous AI agents. Key features include: 1. A "Dual-Shade" UI redesign with a Split Control Center for notifications and customizable toggles. 2. A system-level Native App Lock for securing individual apps with biometric authentication. 3. Integration of Project Astra, enabling real-time contextual memory and live translation through the camera. 4. A "Frosted Glass" aesthetic with translucency and glassmorphism in UI elements. 5. Advanced desktop windowing capabilities for larger screens, including free-form resizing and a persistent taskbar. 6. A Battery Health Dashboard providing insights into battery performance. 7. Introduction of the RAW14 Image Format for professional-grade image capture and a redesigned Screen Recording toolbar for creators. The release roadmap includes developer previews completed by March 2026, public beta phases in April 2026, platform stability expected in June 2026, and a final public release anticipated in August/September 2026 with the Pixel 11. Devices expected to receive Android 17 include Pixel 7 and newer models, Samsung Galaxy S24, S25, S26 series, and flagships from OnePlus, Xiaomi, and Nothing.

Winsage

April 11, 2026

Microsoft Overhauls Windows Insider Program To Fix Channel And Feature Rollout Confusion

Microsoft has revamped the Windows Insider Program by streamlining it from three channels to two: Experimental and Beta. Experimental replaces the Dev and Canary channels, allowing users to test new features immediately, while Beta provides a more stable preview of major updates. The program now offers previews across three branches: Windows 11 25H2 for x86 PCs, Windows 11 26H1 for ARM PCs, and a "Future Platforms" branch for upcoming Windows 11 26H2. Feature Flags have been introduced to customize notifications for new features, and the program has eliminated gradual rollouts, providing immediate access to new features for Experimental users. The process of unenrolling or switching between channels has been simplified with a new In-Place Upgrade (IPU) system, allowing users to transition between versions without losing applications, data, or settings.

Winsage

April 11, 2026

Microsoft terminated accounts tied to VeraCrypt, WireGuard, and Windscribe

Several prominent security and privacy developers, including those behind VeraCrypt, WireGuard, and Windscribe, had their Microsoft developer accounts terminated, preventing them from accessing essential publishing and verification tools. Microsoft acknowledged the terminations but did not provide a detailed explanation. The lead developer of VeraCrypt, Mounir Idrassi, expressed frustration over the inability to sign drivers and ship updates for WireGuard due to the account suspension. Windscribe reported similar issues and difficulties in reaching Microsoft support. The situation gained attention on social media, prompting Microsoft’s EVP for Windows and Devices, Pavan Davuluri, to assure that the company was working to resolve the issue and had reached out to VeraCrypt and WireGuard to reinstate their accounts. The terminations were attributed to a new mandatory account verification process that took effect on October 16, 2025, requiring partners to verify their identities with government-issued IDs. Microsoft acknowledged the need to improve communication regarding such changes.

Winsage

April 11, 2026

Announcing Windows 11 Insider Preview Build for Canary Channel 29565.1000

Windows Insider Preview Build 29565.1000 has been released in the Windows 11 Insider Canary Channel. Key updates include improved performance for the Bubbles screensaver on high refresh rate monitors, refinements to the drag tray based on user feedback, and enhancements to the Windows Security app, which now features color-coded icon badges for Secure Boot status. The Feedback Hub has also received updates, including a new default window size that remembers dimensions, mouse back button navigation, and improved visibility for community feedback. Canary Channel builds may be unstable and are subject to change. Users can enable a toggle in Settings to access new features gradually. A clean installation of Windows 11 is required to exit the Canary Channel.