NewApp Digest
search bot

scripts

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns
Winsage
March 2, 2026

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Cybersecurity experts at Microsoft Threat Intelligence have identified a trend where attackers distribute counterfeit gaming tools that install a remote access trojan (RAT) on users' systems. These trojanized executables, such as Xeno.exe or RobloxPlayerBeta.exe, are shared through browsers and chat platforms. The initial executable acts as a downloader, installing a portable Java runtime environment and launching a harmful Java archive, jd-gui.jar. Attackers use built-in Windows tools to execute commands via PowerShell and exploit trusted system binaries, minimizing detection risk. The embedded PowerShell script connects to remote locations, downloads an executable as update.exe, and executes it. The malware erases evidence of the downloader and modifies Microsoft Defender settings to allow RAT components to function undetected. It establishes persistence through scheduled tasks and a startup script named world.vbs, enabling prolonged access to the compromised device. Microsoft Defender can detect the malware and its behaviors, and organizations are advised to monitor outbound traffic and block identified domains and IP addresses. Users are encouraged to scrutinize Microsoft Defender exclusions and scheduled tasks for irregularities and remain cautious about downloading tools from unofficial sources.
Cara Ellison, senior narrative designer on Vampire: The Masquerade – Bloodlines 2 before Paradox switched developers, discusses her love of Troika's original RPG: 'Everyone on the team helped really make that maximum goth'
AppWizard
March 1, 2026

Cara Ellison, senior narrative designer on Vampire: The Masquerade – Bloodlines 2 before Paradox switched developers, discusses her love of Troika’s original RPG: ‘Everyone on the team helped really make that maximum goth’

Cara Ellison is a narrative designer whose journey in gaming began with a BBC Micro and the 1987 game Acheton. She has worked as a games journalist for publications like PC Gamer and transitioned into game design, contributing narratives to titles such as Dishonored 2, Void Bastards, God of War: Ragnarok, and Ghost Town. Her latest project is Sleight of Hand, a deckbuilding stealth game inspired by Metal Gear Solid and Vampire: The Masquerade—Bloodlines. She has a fondness for the original Vampire: The Masquerade—Bloodlines, despite its technical challenges, and has logged 103 hours in Kentucky Route Zero. Ellison keeps Sunless Sea installed on both her work and personal computers, appreciating its narrative depth. For her writing, she uses Scrivener, which she utilized for Void Bastards. Her desktop is relatively tidy, featuring a mix of business and leisure icons, with a wallpaper from Vertigo.
Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery
Winsage
March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.
Windows Package Manager 1.28.190 is final
Winsage
March 1, 2026

Windows Package Manager 1.28.190 is final

Microsoft has launched WinGet 1.28.190, aligning its version number with App Installer to resolve discrepancies. The previous version 1.12.470 has been replaced by this update. Key changes include consistent directory separators for portable packages, compatibility of the –suppress-initial-details option with winget configure test, corrections to the experimental “font” property, and the introduction of the experimental sourceEdit feature, which allows users to set a source for package management. The update signifies a consolidation of versioning and enhances clarity for users and administrators.
Microsoft testing Windows 11 batch file security improvements
Winsage
February 28, 2026

Microsoft testing Windows 11 batch file security improvements

Microsoft has released new Windows 11 Insider Preview builds that enhance security and performance for batch files and CMD scripts. IT administrators can now activate a secure processing mode by adding the LockBatchFilesInUse registry value, which prevents modifications to batch files while they are running. This update also requires signature validation only once per batch file, improving performance. Additionally, the Shared Audio feature has been refined, allowing users to share audio across multiple devices with individual volume sliders and a new taskbar indicator. The feature now supports more Bluetooth LE Audio accessories, including Samsung Galaxy Buds 4, Sony WF-1000XM6, and Xbox Wireless Headset. These updates are available for Windows Insiders in the Beta and Dev channels with specific preview builds installed.
We polled PC gamers on how much generative AI is acceptable in games, and here’s what they said
AppWizard
February 28, 2026

We polled PC gamers on how much generative AI is acceptable in games, and here’s what they said

Generative AI is increasingly integrated into video game development, with applications ranging from art assets to gameplay mechanics. A poll of approximately 1,000 respondents revealed that over 40% prefer traditional game development with no AI involvement. More than half of participants are open to generative AI to varying degrees: 20% oppose its inclusion in final products but accept its use as a productivity tool, while 21% approve of some AI involvement if disclosed. Additionally, 14% would engage with heavily AI-utilized games if enjoyable. Concerns about AI-generated code have been raised by developers, particularly regarding its quality. Despite skepticism, there is agreement on the benefits of AI-accelerated rendering techniques for performance improvements.
Numo Launches Bitcoin Tap-to-Pay App For Merchants
AppWizard
February 25, 2026

Numo Launches Bitcoin Tap-to-Pay App For Merchants

Numo has introduced a tap-to-pay point-of-sale app that allows merchants to accept Bitcoin payments without additional hardware, utilizing the Cashu open-source ecash protocol. The app is available for free as an open-source Android download, with plans for a Google Play Store release. It uses NFC technology for quick transactions, enabling customers to pay via a Cashu wallet interacting with an NFC tag on the merchant's device. Payments are settled in Cashu ecash, which can be automatically transferred to a merchant's Lightning address once a specified balance is reached. Numo also supports Lightning invoices and offers features like inventory management, payment history tracking, offline payment support, and tipping options. The app has no platform fees and is developed under the MIT license, aiming to simplify Bitcoin payments for merchants. Cashu employs blind signatures for privacy-preserving custodial payments and connects independent mints over the Lightning Network.
Search