takedown Archives

AppWizard

April 26, 2026

I’m obsessed with a guy who keeps soloing Elden Ring Nightreign’s hard mode over and over like they’re trapped in a purgatory of their own making

Eauvni is a YouTuber known for playing Elden Ring Nightreign, focusing on the Sekiro-parrying Executor character and exclusively tackling the Deep of Night mode. They have recently concentrated on Depth Three of Five, where the difficulty increases significantly, with enemies dealing double damage. Despite reaching Depth Five, eauvni prefers to engage with earlier depths and has developed mathematically perfect relic builds for every character. They have achieved notable feats, including a no-damage run against challenging bosses. The gameplay experience contrasts with that of other players, who often feel overwhelmed by the game's challenges. The upcoming Tarnished Edition patch for Elden Ring raises concerns about the potential impact on game balance and the thrill of encounters.

Tech Optimizer

April 26, 2026

CanisterSprawl: pgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP Canister

On April 21, 2026, compromised versions of pgserve (1.1.11, 1.1.12, and 1.1.13) were published on npm, containing a 1,143-line credential-harvesting script that executes during the postinstall phase of npm install. The malware functions as a supply-chain worm, reinjecting itself into other packages if it finds an npm publish token. Stolen credentials are encrypted using RSA-4096 and AES-256 and exfiltrated to a decentralized Internet Computer Protocol (ICP) canister. The last legitimate release was v1.1.10, published on April 17, 2026. The malware was detected by StepSecurity AI Package Analyst and Harden Runner, which flagged the compromised versions as Critical / Rejected and confirmed live exfiltration during analysis. The injected script performs operations such as harvesting environment variables, collecting filesystem secrets, encrypting payloads, and propagating to other npm packages and Python packages if a PyPI token is detected. The exfiltration domains have been added to a global block list.

AppWizard

April 21, 2026

Nothing Warp is back, but you won’t find it on the Play Store

Nothing introduced the "Nothing Warp" file transfer app, which was designed for seamless file sharing across devices using Google Drive. The app and its Chrome extension were temporarily removed but have since been reinstated after adjustments were made based on user feedback. Nothing Warp allows users to share files between devices linked to the same Google account, serving as an alternative for Android and Apple device users. The company clarified that the removal was a "strategic pause" for refinement and that privacy and security were not immediate concerns. The app is currently in Beta for community members and can be downloaded from Nothing's official website, as it is not available on the Google Play Store.

AppWizard

March 2, 2026

Meta makes changes following a Solon man’s $1 million loss in scheme police say started on Facebook Messenger

A 63-year-old resident in Solon, Ohio, lost over a million dollars to a scammer posing as a cryptocurrency investment guru. The scam began with a friendly outreach on Facebook, which transitioned to WhatsApp for private conversations. Over several months, the victim was convinced to invest in what he thought was a legitimate opportunity. This incident reflects a broader trend, as the FBI reported that Ohioans aged 60 and older lost over a million to fraud in 2024. Meta Platforms is enhancing tools to detect and disrupt fraudulent activities on its platforms, including new warnings for screen sharing requests on WhatsApp. In the first half of 2025, Meta removed eight million accounts suspected of scams and shut down 21,000 pages impersonating legitimate businesses. Warning signs in the Solon case included initial contact from a stranger, a quick shift to cryptocurrency discussions, and unusually high promised returns.

AppWizard

February 15, 2026

Why Microsoft’s Revoked DMCA Over A Minecraft-Style Game Is Such A Big Deal

Microsoft withdrew a DMCA takedown notice against the indie game Allumeria, allowing its demo to return to digital platforms. The initial takedown was likely triggered by an automated system that flagged Allumeria for similarities to Minecraft. Microsoft's legal team recognized distinct differences that complicated potential legal action. This decision may encourage creativity among indie developers and reflects a nuanced understanding of the gaming industry's dynamics. The case highlights ongoing challenges in defining ownership over game concepts and suggests a potential shift towards a more collaborative environment in game development.

AppWizard

February 12, 2026

Microsoft Briefly Torpedoes Game’s Steam Page Over Screenshot

Minecraft has inspired numerous clones and voxel-based crafting simulations over the past 15 years. Recently, the upcoming game Allumeria was temporarily removed from Valve’s Steam platform due to a DMCA copyright notice from Microsoft, which claimed that Allumeria used "Minecraft content, including but not limited to gameplay and assets." The takedown was triggered by a screenshot from the game’s Steam page that depicted a world similar to Minecraft. Unomelon, the developer, stated that Allumeria does not reuse any of Minecraft's assets. The DMCA claim was generated through Tracer.AI, an AI platform used by Microsoft and Mojang to identify copyright violations. Jens Bergensten, Chief Creative Officer at Mojang, acknowledged the situation and stated he would investigate further. Approximately 12 hours later, Microsoft withdrew their DMCA claim, and Allumeria's Steam page was reinstated.

AppWizard

February 11, 2026

Minecraft-style indie returns to Steam after Microsoft DMCA scare, creator criticizes “guilty until proven innocent” system

Allumeria, a Minecraft-inspired sandbox game, was temporarily removed from Valve's Steam platform due to a DMCA takedown initiated by Microsoft, claiming copyright infringement based on screenshots. The situation was resolved after community support and intervention from Mojang's chief creative officer, allowing Allumeria's creator, Unomelon, to reinstate the game on Steam. The DMCA notice, attributed to Judith Woodward on behalf of Microsoft, alleged that Allumeria's content infringed upon Minecraft's rights, but the similarities were questioned by many. A lawyer offered to help Unomelon file a counter notice, and Jens Bergensten from Mojang expressed interest in the matter. Ultimately, Microsoft withdrew the claim, and Allumeria was reinstated, with Unomelon reflecting on the challenges faced by smaller developers and the need for reform in the DMCA process.

AppWizard

January 30, 2026

Gearbox finally wakes up with the first big Borderlands 4 update of the year and a roadmap, yet I’m still worried for its future

Gearbox announced a significant update for Borderlands 4 set for 2026, which includes enhanced loot drops in Ultimate Vault Hunter Mode, a rework of Harlowe's Zero-Point action skill, and the addition of a photo mode. The update integrates the Inertia augment into Harlowe's skill, boosts slam damage and status effects, and generates mini projectiles with successful attacks. Boss-related loot drops will increase with UVHM tiers, and a new setting to disable mouse smoothing has been added. A free update will introduce ultra-rare Pearlescent gear, and the first major story DLC, "Mad Ellie and the Vault of the Damned," is anticipated. Future content will include a second raid boss, a takedown, and three additional Bounty Packs. Gearbox aims to improve performance and stability while addressing character viability. Concerns remain about the game's future and the effectiveness of limited-time events.

TrendTechie

December 24, 2025

Со Spotify скачали 86 млн песен, компания начала расследование, метаданные архива доступны в сети

Anna’s Archive, a non-profit meta-search engine, has acquired 86 million songs and metadata for 256 million compositions from Spotify as part of a project to create a global music archive. Founded by a group of anonymous archivists in response to law enforcement actions against Z-Library, Anna’s Archive aims to preserve digital content and make it accessible to the public. The organization has faced numerous takedown requests but remains a popular platform for pirated content. The Spotify project began after hackers found a way to collect data from the platform, focusing on preserving lesser-known music alongside popular tracks. Anna’s Archive has collected 186 million unique ISRC codes, surpassing existing public databases. Currently, only metadata has been released, with plans to distribute music files starting with popular tracks. Spotify has acknowledged the unauthorized access and is investigating the incident, having blocked accounts involved in data scraping and implemented new security measures. The legality of Anna’s Archive's activities raises questions, as the extraction and distribution of audio files may violate copyright laws and Spotify's terms of service.

Winsage

November 25, 2025

ClickFix Attack Uses Steganography to Hide Malicious Code in Fake Windows Security Update Screen

A new wave of ClickFix attacks has emerged, using fake Windows Update screens and PNG image steganography to deploy infostealing malware like LummaC2 and Rhadamanthys. The attacks trick users into executing a command by pressing Win+R and pasting a command copied to their clipboard. Attackers have shifted from using “Human Verification” lures to more convincing full-screen fake Windows Update screens. The fake update prompts users to run a command that initiates mshta.exe with a URL containing a hex-encoded IP address, leading to the download of obfuscated PowerShell and .NET loaders. A notable feature of the campaign is the use of a .NET steganographic loader that hides shellcode within the pixel data of a PNG image, which is decrypted and reconstructed in memory. The shellcode is Donut-packed and injected into processes like explorer.exe using standard Windows APIs. Huntress has been monitoring these ClickFix clusters since early October, noting the use of the IP address 141.98.80[.]175 and various paths for the initial mshta.exe stage, with subsequent PowerShell stages hosted on domains linked to the same infrastructure. Despite the disruption of Rhadamanthys’ infrastructure in mid-November, active domains continue to serve the ClickFix lure, although the Rhadamanthys payload appears to be unavailable. To mitigate the attack, disabling the Windows Run box through Group Policy or registry settings is recommended, along with monitoring for suspicious activity involving explorer.exe. User education is critical, emphasizing that legitimate processes will not require pasting commands into the Run prompt. Analysts can check the RunMRU registry key to investigate potential ClickFix abuse.