rights Archives

Winsage

April 30, 2026

Windows AI Recall is pushing data destruction upstream

The introduction of Copilot+ PCs has created new complexities in IT asset disposition (ITAD), as these devices may contain a comprehensive, time-stamped archive of user activity, which was not present on corporate laptops two years ago. Microsoft's Recall feature captures user activity screenshots and stores them securely, but recent research by Alexander Hagenah suggests that the safeguards may be ineffective, as his tool can extract sensitive data without breaking encryption. Microsoft defends the security of Recall, stating that observed access patterns align with intended protections. This situation presents challenges for ITAD operators, as pre-collection now constitutes a data-destruction event, requiring devices to be powered down or purged before leaving the client’s environment. Certificates of sanitization must evolve to address the specific destruction of Recall snapshot stores, and conversations with clients should differentiate between managed and unmanaged fleets regarding Recall settings. The presence of Recall shifts some data-destruction responsibilities upstream to clients, complicating traditional ITAD value propositions.

AppWizard

April 29, 2026

Slay the Spire 2 devs weren’t going to make a sequel, but then the publisher handling the first game’s ports shut down and things got ‘very murky’

Slay the Spire 2 has captivated many gamers, with one player logging 118 hours in the game. The sequel introduces a balance shift, two new characters, and a co-op feature. Mega Crit co-founder Casey Yano initially expressed reluctance to create a sequel, preferring to update the original game. However, as game publishing evolved, the studio faced challenges in justifying updates for the PC version while supporting console and mobile players. This led to the decision to develop Slay the Spire 2, which has proven successful.

AppWizard

April 29, 2026

Denuvo has been cracked in all single-player games it previously protected — 2K Games and Denuvo reportedly retaliate with mandatory 14-day online checks

The skull-and-bones community has declared that there are no games utilizing Denuvo that remain uncracked or bypassed. The MKDev collective and DenuvOwO developed a hypervisor-based bypass (HVB) in late 2025, which intercepts Denuvo's verification checks. The cracker voices38 successfully removed Denuvo from several titles, including Resident Evil: Requiem. Denuvo has since implemented a 14-day mandatory online check for certain games, complicating the HVB method. The latest version of HVB requires users to disable Core Isolation and Driver Signature Enforcement to run games. The community includes notable figures like repacker FitGirl, who has acknowledged the collaborative efforts of DenuvOwO and voices38.

AppWizard

April 29, 2026

Denuvo is finally dead: every PC game protected by the DRM can now be cracked or bypassed

A group of hackers has declared Denuvo, a digital rights management (DRM) software, as "fully useless" after successfully bypassing its protections, which have been in place since 2014. They achieved this through two main strategies: direct cracking, which removes Denuvo from games, and hypervisor bypass, which deceives Denuvo into functioning normally. These methods have been applied to games like Crimson Desert and Resident Evil Requiem. Recently, a prominent hacker announced the release of hypervisor bypasses for EA Sports games, confirming that all games using Denuvo can now be played for free.

AppWizard

April 29, 2026

How to turn off Meta AI (Facebook, Instagram, and WhatsApp)

Meta AI has been integrated into Facebook, Instagram, WhatsApp, and Messenger, enhancing user experiences with features like search functionalities, chat interactions, and content generation. Users express a desire to limit their interactions with Meta AI due to concerns about transparency, privacy, and data security. The AI model is trained on diverse data sources, including public posts and user interactions, raising issues regarding data control. On WhatsApp, personal messages and calls are end-to-end encrypted, while Instagram may share past messages with Meta AI for context. Security vulnerabilities have been reported, including incidents of data mishandling. Currently, there is no comprehensive option to disable Meta AI across all platforms, but users can take steps to limit interactions, such as muting AI prompts and adjusting privacy settings. Users in the E.U. and U.K. can object to certain data uses under GDPR by submitting requests through their Meta accounts. To protect privacy, users are advised to opt out of AI training, limit personal data sharing, and use privacy tools like VPNs.

Winsage

April 28, 2026

‘Unlimited Attack Vectors’—All Windows Versions At Risk From New Flaw

Microsoft is facing a significant security vulnerability in its Windows operating system known as PhantomRPC, which allows for privilege escalation. Cybersecurity experts have expressed concern over the company's delayed response in issuing a patch for this flaw. The vulnerability resides within the Windows Remote Procedure Call (RPC) architecture and enables processes with impersonation privileges to elevate their permissions to SYSTEM level. Researcher Haidar Kabibo identified five distinct paths for exploitation, which require user interaction, coercion, or compromise of background services. Despite disclosing the vulnerability to Microsoft in September 2025, the company categorized it as moderately severe and did not issue a patch or a Common Vulnerabilities and Exposures (CVE) listing. Microsoft stated that the technique requires an already-compromised machine and emphasized the importance of following security best practices. Experts have criticized Microsoft's lack of action, arguing that it is operationally negligent and places the burden of risk management on users. In the absence of a patch, security professionals recommend focusing on access control and environmental hygiene to mitigate the risks associated with the vulnerability.

TrendTechie

April 27, 2026

Суд взыскал 600 тыс руб за размещение пиратских копий “Универа” и “Физрука”

The Moscow City Court has ordered a website administrator to pay a penalty of 600,000 rubles for hosting pirated copies of television series such as "Univer," "Fizruk," and "Devushki s Makarovym." The court found that the website generated revenue through advertisements and engaged in "intentional piratical activity" by offering downloads via torrent. The administrator was also required to pay an additional 11,000 rubles in court fees. Although he attempted to appeal the ruling, he missed the deadline and the court allowed him to restore it, but the original ruling remained in effect.

Winsage

April 25, 2026

In France they “buried” Windows 10 at the Microsoft office

On April 24, a protest organized by environmental and consumer advocacy groups took place outside the Microsoft France office in Paris to oppose the company's decision to discontinue support for the Windows 10 operating system. Activists claim this could lead to the obsolescence of approximately 300 million computers worldwide, resulting in 58 million tons of carbon dioxide emissions and significant depletion of raw materials. Consumers may face an average cost of €600 for new devices if they upgrade. Experts warn users must choose between expensive new hardware or risking financial fraud due to lack of security updates. The organization Halte à l'Obsolescence Programmée is gathering signatures for a petition advocating for a mandatory 15-year software support period. Public advocacy previously convinced Microsoft to extend its software update releases by an additional 12 months. The protest aims to raise awareness and apply pressure until the end of October.

AppWizard

April 24, 2026

Founder of Telegram messenger app Pavel Durov says he got a summons in Russia naming him as a ‘suspect’

Pavel Durov has been summoned as a "suspect" in a criminal investigation in Russia, with allegations linking him to terrorism-related activities. This comes amid intensified scrutiny by Russian authorities over Telegram, which is a significant communication tool in the region.

AppWizard

April 24, 2026

Another spyware maker caught distributing fake Android snooping apps

The Italian digital rights organization Osservatorio Nessuno has revealed a new malware called Morpheus, used by government agencies for surveillance. Morpheus is disguised as a phone updating application and can extract various data from targets' devices. The spyware is linked to IPS, an Italian firm specializing in lawful interception technologies, which claims to operate in over 20 countries. Morpheus is categorized as "low cost" due to its straightforward infection method, which involves tricking targets into installing the software. Authorities collaborated with the target's mobile service provider to obstruct data and send an SMS prompting the installation of the malware. Once installed, Morpheus exploits Android's accessibility features to access extensive information and masquerades as the WhatsApp application to solicit biometric data. The spyware's code contains Italian phrases and references to "Gomorra," indicating its connection to the Italian spyware industry. The attack is likely linked to political activism in Italy. IPS is among several Italian spyware manufacturers that have emerged following the decline of Hacking Team.