tar Archives

AppWizard

March 24, 2026

Death Stranding 2 was my Game of the Year in 2025, and now on PC, it’s my GOTY for 2026

Death Stranding 2 has been released on PC after its initial launch as a PS5 exclusive. The game continues the story of Sam Porter Bridges, who is now raising his adopted daughter Lou while attempting to connect Australia to the chiral network. Players can unlock new gear and contribute to shared constructions, enhancing gameplay and fostering a sense of community. The game blends various genres and features a narrative with elements reminiscent of Metal Gear Solid. It includes a soundtrack by Woodkid, replacing Low Roar, and is available for .99 / £62.99 on Fanatical, providing a Steam key.

AppWizard

March 18, 2026

Death Stranding 2 is the first Decima game with Ray Tracing on PC

Death Stranding 2: On the Beach will feature Ray Tracing effects on PC, making it the first title using the Decima engine to support this technology. The integration of Ray Tracing by Nixxes will enhance visual fidelity through improved reflections and ambient occlusion. These features were not included in the initial PC specifications, indicating increased CPU and GPU demands. The game will feature returning characters Norman Reedus, Léa Seydoux, and Troy Baker, as well as new additions Elle Fanning, Shioli Kutsuna, and director George Miller. It will offer features such as uncapped framerates, ultrawide monitor support, DualSense controller compatibility, and various PC upscalers. The release date is set for March 19th, with pre-orders available but no review codes yet provided.

AppWizard

March 7, 2026

Minecraft Dungeons GitHub allegedly leaked online

Several posts on X suggest that a large amount of Minecraft Dungeons content is available for download, accompanied by screenshots with obscured details. The file linked to these claims is named spice.tar.bz2 and is 73.8 GB in size, leading to speculation that it contains significant content. The term "spice" is associated with "Project Spicewood," a potential follow-up to Minecraft Dungeons, although Mojang has not confirmed any such project. A recent Reddit post referenced a leaked developer mockup test mentioning both Dungeons and Spicewood materials. Additionally, a YouTube video based on leaked source code from 2016 and 2017 has gained significant views. These developments come shortly after reports of DMCA takedowns related to other Minecraft leaks. The authenticity of the latest file remains unverified, and caution is advised when encountering unofficial files due to potential security risks.

AppWizard

February 25, 2026

Death Stranding 2 was my Game of the Year for 2025, and it’s coming to PC with a major discount, too

The author expresses strong emotional reactions while playing Death Stranding 2, describing it as their personal Game of the Year after experiencing it on PS5. The game features Sam Porter Bridges, who is drawn back into action to connect chiral network terminals in Mexico after a tragedy. Players navigate diverse terrains and can unlock new vehicles and upgrades. The gameplay shifts towards a more action-oriented style, introducing weapons and the ability to capture BTs. The narrative is emotionally compelling, blending bizarre and poignant moments. The game is available for pre-order at Fanatical for .49 / £59.49, with a 15% discount using the code FANATICAL15. The author looks forward to experiencing the PC version and its graphics.

Winsage

December 18, 2025

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A newly identified cyber threat cluster called LongNosedGoblin has been linked to cyber espionage attacks targeting governmental entities in Southeast Asia and Japan, with activities traced back to at least September 2023. The group uses Group Policy to spread malware and employs cloud services like Microsoft OneDrive and Google Drive for command and control. Key tools include NosyHistorian, NosyDoor, NosyStealer, NosyDownloader, and NosyLogger, which perform functions such as collecting browser history, executing commands, and logging keystrokes. ESET first detected LongNosedGoblin's activities in February 2024, identifying malware on a governmental system. The attacks showed a targeted approach, with specific tools affecting select victims. Additionally, a variant of NosyDoor was found targeting an organization in an EU country, indicating a possible connection to other China-aligned threat groups.

Winsage

December 1, 2025

5 Essential Windows Apps Everyone Should Be Using In 2025

Everything is a free application from Voidtools that indexes file and folder names quickly, allowing searches of up to a million files in a minute. It can index mapped network drives and supports Boolean operators and wildcards for advanced search needs. Flow Launcher is an open-source application that serves as a quick launcher and search utility, integrating with Everything for fast file searches and allowing users to open applications, search for files, and perform calculations from a single interface. NanaZip is an open-source archive manager derived from 7-Zip, supporting various archive formats and offering faster processing times, improved encryption, dark mode, and context menu integration. Microsoft PowerToys is a suite of utilities for power users that includes tools like Command Palette, PowerRename, and FancyZones, available for free from the Microsoft Store. Ferdium is an open-source tool that consolidates web applications into a single platform, allowing users to manage multiple web apps within one window, supporting multiple instances of the same app and offering workspace management and a built-in To-do list panel.

Winsage

October 31, 2025

Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution

A cyber espionage campaign targeting European diplomatic institutions has been attributed to the Chinese-affiliated threat actor UNC6384, which exploits the ZDI-CAN-25373 vulnerability in Windows shortcut files. The campaign, noted for its use of social engineering tactics that mimic legitimate diplomatic events, has specifically targeted entities in Hungary, Belgium, and surrounding European nations between September and October 2025. The attack utilizes spearphishing emails with malicious LNK files related to European Commission and NATO meetings, leading to the deployment of PlugX, a remote access trojan. The attack chain involves a weaponized LNK file that executes PowerShell commands to unpack a tar archive containing a malicious DLL and an encrypted payload. UNC6384 employs advanced techniques to evade detection, including dynamic loading of Windows API functions and anti-analysis measures. The malware allows extensive espionage activities and creates hidden directories for persistent access. Recommendations for organizations include disabling automatic LNK file resolution, blocking known command and control domains, and enhancing user training to defend against such threats.

Winsage

October 31, 2025

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor, UNC6384, has been conducting cyber attacks targeting diplomatic and governmental entities in Europe, including Hungary, Belgium, Italy, the Netherlands, and Serbia. These attacks exploit an unpatched Windows shortcut vulnerability (CVE-2025-9491) through spear-phishing emails that appear relevant to diplomatic events. The emails deliver malicious LNK files that deploy PlugX malware via DLL side-loading. PlugX is a remote access trojan that allows extensive control over compromised systems and has been linked to another hacking group, Mustang Panda. Microsoft Defender can detect these attacks, and Smart App Control provides additional protection. The LNK file executes a PowerShell command to extract a TAR archive containing a legitimate utility, a malicious DLL, and an encrypted PlugX payload. The size of the malicious artifacts has decreased significantly, indicating ongoing evolution. UNC6384 has also begun using HTML Application files to load external JavaScript for retrieving malicious payloads, aligning with Chinese intelligence objectives regarding European defense policies.

Winsage

October 31, 2025

Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution

A cyber espionage campaign has been launched by the Chinese-affiliated threat actor UNC6384, targeting European diplomatic institutions using a vulnerability in the Windows shortcut (LNK) user interface, identified as ZDI-CAN-25373. This vulnerability was disclosed in March 2025. Between September and October 2025, entities in Hungary, Belgium, and neighboring European nations were specifically targeted. The attack utilizes spearphishing emails with conference-themed LNK files that exploit the Windows vulnerability to execute PowerShell commands, leading to the deployment of the PlugX remote access trojan (RAT). The attack sequence involves a weaponized LNK file that unpacks a tar archive containing a legitimate Canon printer assistant executable, a malicious DLL, and an encrypted payload. The Canon binary, despite being digitally signed, loads the malicious DLL which injects the PlugX payload into memory. The malware employs anti-analysis techniques and creates a hidden directory for persistent access. Recommendations for organizations include disabling automatic LNK file resolution, blocking known command and control domains, and monitoring for DLL side-loading attacks.

Winsage

October 31, 2025

Windows LNK File UI Misrepresentation Enables Remote Code Execution Attacks

A vulnerability in the Windows operating system, identified as ZDI-CAN-25373 and disclosed in March 2025, allows advanced persistent threat (APT) actors to deploy malware by manipulating whitespace in Windows LNK files. This technique has been adopted by espionage groups from North Korea, China, Russia, and Iran for data theft and intelligence-gathering. The flaw enables malicious PowerShell commands to be concealed within seemingly legitimate shortcut files, which execute automatically when opened. The exploitation involves weaponized LNK files that initiate obfuscated PowerShell commands to decode embedded TAR archives containing a legitimate Canon printer utility, a malicious loader DLL, and an RC4-encrypted payload with remote access trojan malware. The legitimate executable, although signed with an expired certificate, is trusted by Windows due to its valid timestamp. As of October 2025, Microsoft has not released a patch for this vulnerability, prompting organizations to implement defensive measures against its exploitation.