termination Archives

AppWizard

March 19, 2026

In a wild turn for the Subnautica 2 lawsuit, a judge orders Krafton to restore fired Unknown Worlds CEO and gives them 9 more months to earn $250 million bonus

A judge has ruled in favor of former CEO Ted Gill, ordering his reinstatement at Unknown Worlds, the studio behind Subnautica 2, after Krafton breached the Equity Purchase Agreement by terminating key employees without just cause. The ruling emphasized that Krafton's actions were motivated by a desire to avoid a 0 million earnout, now extended to at least September 15, 2026. The judge stated that Krafton sought justification for the terminations after the fact, which is deemed unacceptable. While Gill is reinstated, the court did not restore co-founder Max McGuire and designer Charlie Cleveland, leaving their return to Gill's discretion. Krafton is considering whether to appeal the ruling and acknowledged that it does not resolve the former executives’ claims for damages or the earnout. Krafton also reported that CEO Kim Chang-han earned over 8 billion won (approximately .4 million) in compensation.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.

AppWizard

March 11, 2026

Meta Launches New Anti-Scam Tools on WhatsApp, Facebook, and Messenger

Meta has introduced a set of security tools for WhatsApp, Facebook, and Messenger to enhance user protection against scams. These tools utilize artificial intelligence to detect impersonation attempts and identify deceptive links, with the aim of removing malicious accounts proactively. In the previous year, Meta removed over 159 million scam ads and terminated 10.9 million accounts associated with scams. New features include alerts for users when scammers attempt to link their WhatsApp to a fraudulent device and notifications for suspicious Facebook friend requests, which provide information on account creation dates and mutual friends. Additionally, Meta is expanding its scam detection tools in Messenger to more countries, allowing users to report suspicious messages for AI analysis.

Winsage

February 19, 2026

Ex-Microsoft engineer says this is what Windows’ Task Manager would “probably” look like today — but it’s a “good thing” he stuck to his OS design lane

Dave W. Plummer, a former Microsoft employee, contributed to the Windows ecosystem, notably with the Task Manager, Calculator, and a classic pinball game. He left Microsoft in 2003 and recently expressed on Reddit that "there should be nothing that TaskMgr can't kill." Plummer shared a concept design for a modern Task Manager on his X account, inspired by his Tempest AI project, featuring a cyberpunk theme, various graphs, speedometer-style gauges, and music with a synthwave vibe. He selected Tempest for his AI project due to its challenging gameplay and holds the world record for it. The project utilizes about 75% of the GPU at 30 frames per second on his M2 Mac Pro.

AppWizard

January 30, 2026

Google’s New Android Lockdown—Do Not Install These Apps

Google is tightening its policies on sideloading practices, allowing app installations only from verified developers to enhance user security and reduce risks associated with malicious software. The company has removed numerous harmful applications and accounts to combat the exploitation of its ecosystem. Cybercriminals are replicating popular applications like Google, YouTube, and WhatsApp to deceive users into downloading malicious software, which often masquerades as “mod” or “pro” versions. These counterfeit apps can install the Arsink Remote Access Trojan (RAT), which allows hackers to control devices, record audio, harvest personal information, and perform unauthorized actions. The Arsink operation has affected tens of thousands of victims across approximately 143 countries. Users are advised to avoid installing apps from messengers, online forums, or direct links and to use official app stores instead. Google confirms that the RAT is not infecting Play Store apps and encourages users to keep Play Protect enabled.

AppWizard

January 27, 2026

GTA 6 To Thwart Leakers with Digital-Only Launch

Rockstar Games and Take-Two Interactive have terminated employees suspected of leaking information about Grand Theft Auto VI to protect the game's integrity. Reports indicate that GTA VI will launch as a digital-only title to reduce leak risks associated with retail access, with a physical edition expected to follow shortly after. The digital release is scheduled for November 19, 2026, and the physical version may be available in time for the holiday season, likely just a few weeks later.

Winsage

January 22, 2026

Windows 11’s 2026 goes from bad to worse as two new bugs cause havoc crashing apps — but there are possible fixes

Windows 11 users are experiencing application crashes, particularly with programs like MSI's Armoury Crate and the Alienware Command Center, due to issues related to the Microsoft Store and user accounts. A licensing validation error (0x803f8001) is a primary cause, often linked to a corrupted Store cache or temporary sync issues. Additionally, after the January update, users have reported that applications like Outlook freeze when saving files to cloud services such as OneDrive or Dropbox. Microsoft has acknowledged this issue, indicating that certain Outlook configurations may become unresponsive if PST files are stored on OneDrive. Users are advised to move PST files out of OneDrive and may consider resetting the Store cache or reinstalling affected applications as potential fixes. Microsoft is working on a resolution, but no timeline has been provided. Some users have found success by reinstalling the January update, while others have resolved issues by simply waiting.

Winsage

January 12, 2026

EDRStartupHinder Disables Antivirus and EDR Protections During Windows 11 25H2 Startup

A new tool named EDRStartupHinder was unveiled on January 11, 2026, which allows attackers to inhibit the launch of antivirus and endpoint detection and response (EDR) solutions during the Windows startup process. Developed by security researcher Two Seven One Three, it targets Windows Defender and various commercial security products on Windows 11 25H2 systems by redirecting essential system DLLs during boot using the Windows Bindlink API and Protected Process Light (PPL) security mechanisms. The tool employs a four-step attack chain that includes creating a malicious service with higher priority than the targeted security services, redirecting critical DLLs to attacker-controlled locations, and modifying a byte in the PE header of the DLLs to cause PPL-protected processes to refuse loading them. This results in the termination of the security software. EDRStartupHinder has been tested successfully against Windows Defender and other unnamed antivirus products, demonstrating its effectiveness in preventing these security solutions from launching. The source code for EDRStartupHinder is publicly available on GitHub, raising concerns about its potential misuse. Security teams are advised to monitor for Bindlink activity, unauthorized service creation, and registry modifications related to service groups and startup configurations to detect this attack vector. Microsoft has not yet issued any statements regarding patches or mitigations for this technique.

Tech Optimizer

December 30, 2025

Hackers Advertised VOID ‘AV Killer’ with Kernel-level Termination Claims

A new threat actor named Crypt4You is promoting a tool called VOID KILLER on underground forums and dark web marketplaces. VOID KILLER is designed as a kernel-level antivirus and endpoint detection response process killer, specifically engineered to bypass existing security defenses. It targets the core of operating systems to dismantle protective barriers, posing a significant challenge to contemporary defensive architectures. VOID KILLER can terminate Windows Defender and around fifty consumer-grade antivirus solutions without detection, utilizing polymorphic build techniques to evade signature-based detection systems. It features automatic User Account Control (UAC) bypass mechanisms and can inject any executable file, making it compatible with various malware families. Custom builds of VOID KILLER are priced at three hundred dollars, and payment is accepted in cryptocurrencies. Organizations using Windows Defender, consumer antivirus software, and advanced EDR solutions face increased risk exposure due to this tool.

AppWizard

December 27, 2025

How to Properly Benchmark your PC Games Using CapFrameX

Average Frames Per Second (FPS) is a common metric in PC gaming performance, but consistency in gameplay experience is equally important, highlighted by metrics such as 1% low and 0.1% low average FPS. CapFrameX is a tool used for capturing and analyzing detailed performance data, including frametimes, which provide a more accurate assessment of gaming performance than basic FPS counters. Key metrics generated by CapFrameX include: - Average FPS: Overall framerate averaged across the capture session. - 1% low average FPS: Average of the worst 1% of framerates, indicating sustained performance. - 0.1% low average FPS: Average of the worst 0.1% of framerates, highlighting rare but significant performance dips. To ensure accurate benchmarking results with CapFrameX, users should update their UEFI BIOS, operating system, and drivers, clear unnecessary applications, configure power settings for maximum performance, monitor temperatures, and conduct multiple benchmark runs under consistent conditions. The setup process for CapFrameX includes downloading the software, configuring capture options, and verifying the setup through test captures. After capturing benchmark runs, users can analyze the data using the Analysis and Comparison tabs in CapFrameX to evaluate performance metrics and identify potential issues. Common pitfalls in benchmarking include inconsistent scenes, overlooking frametime variance, and not preparing the system properly.