reports Archives

AppWizard

April 30, 2026

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A Brazilian cybercriminal group known as LofyGang has re-emerged after three years, targeting Minecraft players with malware called LofyStealer, also known as GrabBot. This malware is disguised as a Minecraft hack named 'Slinky' and uses the official game icon to attract young users. The group has been active since late 2021 and previously leaked thousands of Minecraft accounts. The attack begins with the 'Slinky' hack, which deploys LofyStealer (identified as "chromelevator.exe") to harvest sensitive information from web browsers, including cookies, passwords, and credit card information, sending this data to a command-and-control server. ZenoX reports a shift in LofyGang's tactics from JavaScript supply chain attacks to a malware-as-a-service model, offering both free and premium tiers. Cybercriminals are increasingly exploiting trusted platforms like GitHub to distribute malware through bogus repositories and various deceptive tactics, including fake security alerts and counterfeit accounts. This trend highlights a strategy focused on volume targeting rather than precision, prompting cybersecurity experts to prioritize threats from GitHub-hosted downloads that appear legitimate.

AppWizard

April 30, 2026

LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection

Minecraft players are being targeted by a deceptive hacking tool called “Slinky,” which is actually an infostealer known as LofyStealer linked to the Brazilian cybercrime group LofyGang. The malware uses a Node.js-based loader and a C++ payload to extract sensitive browser data, disguising itself as a Minecraft hack. It primarily targets younger players who may unknowingly execute it. The malware operates through a two-stage architecture, with a 53.5 MB loader binary that injects a smaller 1.4 MB payload into browser processes, bypassing detection methods. It collects sensitive information such as cookies, passwords, and credit card details, compressing and encoding the data for exfiltration. The command-and-control (C2) infrastructure is hosted in Brazil, and the malware's design reflects advanced compilation techniques. The campaign is attributed to LofyGang, which has evolved into a more professional entity, posing severe risks to players who download cheats and cracked tools. Indicators of compromise include a specific C2 IP address and associated endpoints.

AppWizard

April 30, 2026

Xbox CEO knows there’s “work to do” to win players back, as Microsoft boss recommits to “core” fans

Microsoft's gaming division is returning to its Xbox roots, with a recent price reduction for the Game Pass subscription. Asha Sharma, the new CEO of Xbox, has indicated plans for collaborations with Discord to enhance community engagement. Under her leadership, Xbox has faced challenges, including a 5% decline in content and services revenue and a 33% drop in hardware sales. However, Microsoft's overall revenue increased by 18% year-on-year. Despite mixed results, new records for monthly active Xbox users and game streaming hours were announced. Sharma and Xbox Chief Content Officer Matt Booty outlined a vision for Xbox that is "affordable, personal, and open," focusing on initiatives like Project Helix and expanding the franchise portfolio.

AppWizard

April 30, 2026

Chinese-made soulslike Wuchang: Fallen Feathers, set in historical China, is now owned by… Italians?

The ownership of Wuchang: Fallen Feathers has transitioned to the Italian gaming company Digital Bros., the parent entity of 505 Games. The game, which received mixed reviews, sold over one million copies and generated more than €30 million in revenue. Digital Bros. acquired the intellectual property for RMB 32 million. The acquisition follows a controversial patch that altered the game's storyline and historical figures. Internal issues at the development studio, Leenzee, led to the game director's layoff and the studio's eventual dissolution.

AppWizard

April 29, 2026

Google Home’s latest update wants to solve your biggest smart camera headaches

Google is updating its Home app to improve smart home management, particularly for camera devices. Key changes include a redesigned camera user interface with dynamic theming, AI-generated event descriptions for Google Home Premium subscribers, streamlined AI descriptions of video events, faster loading times for search results, and a reorganized camera settings menu. Additionally, prompts have been added for troubleshooting connectivity issues with third-party devices. The media control UI has also been updated to display album art more prominently. However, some users have reported issues with the web view of Google Home-connected cameras, experiencing unresponsive feeds and fluctuating online/offline statuses.

Winsage

April 29, 2026

Microsoft engineer says native apps are back, and it could finally revive Windows 11’s fight against web apps

A distinguished Engineer at Microsoft has suggested that native apps are making a comeback, aligning with the company's initiatives to revitalize Windows 11. The Windows Store, currently dominated by web apps, has improved significantly in performance and offers a diverse array of applications. Microsoft expanded options for developers to create apps using preferred methods, attracting notable applications like Netflix and WhatsApp to transition to WebView2-based Progressive Web Apps (PWAs). However, this shift has led to high resource consumption issues, with WhatsApp consuming up to 600MB of RAM and Electron-based applications like Discord using as much as 4GB of RAM. Users have expressed dissatisfaction with PWAs lacking essential functionalities compared to native apps. In response to feedback, Microsoft plans to develop 100% native apps for Windows 11, with Rudy Huyn confirming this intention. David Fowler declared, “Native apps are back,” indicating a focus on restoring native applications. The Start menu is transitioning from React-based elements to WinUI to enhance performance. The recently launched .NET 10 introduces Native AOT compilation, which aims to decrease app startup times and optimize memory usage. Microsoft's web-based Copilot app has also faced criticism for high resource consumption. The company must persuade developers to prioritize native app creation and demonstrate the advantages of native apps by converting its own applications to be fully native on Windows 11.

AppWizard

April 29, 2026

Denuvo is finally dead: every PC game protected by the DRM can now be cracked or bypassed

A group of hackers has declared Denuvo, a digital rights management (DRM) software, as "fully useless" after successfully bypassing its protections, which have been in place since 2014. They achieved this through two main strategies: direct cracking, which removes Denuvo from games, and hypervisor bypass, which deceives Denuvo into functioning normally. These methods have been applied to games like Crimson Desert and Resident Evil Requiem. Recently, a prominent hacker announced the release of hypervisor bypasses for EA Sports games, confirming that all games using Denuvo can now be played for free.

AppWizard

April 28, 2026

Now, Gemini might get proactive with timely, personalized ‘suggestions’

Google is developing a feature called "Proactive Assistance" for its Gemini app, which aims to provide users with personalized suggestions by utilizing data from connected applications, potentially including Gmail. This feature is linked to another rumored feature called "Your Day," which offers a curated overview of daily highlights. The "Proactive Assistance" feature will prioritize secure data handling and is expected to enhance user engagement by delivering tailored reminders and tasks. There are indications that this feature may have been rebranded to "Daily Brief." Additionally, Gemini has received an upgrade with Nano Banana 2 support, allowing the AI to access content in Photos and create unique images based on user memories.

AppWizard

April 28, 2026

Denuvo dealt major blow as crackers claim all non-VR games with the anti-tamper have been bypassed

Every non-VR game utilizing Denuvo DRM has been successfully compromised due to the emergence of the Hypervisor bypass, a method that deceives Denuvo into believing it is functioning correctly. This technique requires users to disable Driver Signature Enforcement, raising security concerns. The CrackWatch subreddit reports that all non-VR Denuvo games have been cracked or bypassed to some degree, with Capcom's Pragmata being completely bypassed just two days before its official launch. Cracking Denuvo within the first week of a game's release can lead to revenue losses of up to 20% for developers and publishers. Irdeto is actively developing updated security versions to address the Hypervisor bypass, assuring that these measures will not compromise game performance.

AppWizard

April 28, 2026

Valve’s new Steam Controller has a major problem for PC games not on Steam

The new Steam Controller lacks native Windows drivers, making it dependent on the Steam application for functionality. This means it cannot be used effectively with games from other platforms like the Epic Games Store or Xbox Game Pass, as it cannot interface with locked files on Windows 11. Gamers wanting to play titles like Forza Horizon 6 via Game Pass must purchase them directly from Steam to use the controller. While Valve could release standard Windows drivers to address this issue, there is skepticism about their willingness to do so. The gaming community previously developed a tool called GlosSI to enable the original Steam Controller to work with non-Steam applications, and a similar solution may emerge for the new model.