tokens Archives

Winsage

June 24, 2026

Windows RAT Uses Encrypted HTTP C2 and Registry Persistence After npm Infection

A malware campaign targets Windows systems through a malicious npm package named postcss-minify-selector-parser, which mimics the legitimate postcss-selector-parser. This counterfeit package installs a Remote Access Trojan (RAT) on developer machines, beginning with a multi-stage attack triggered by the installation of the package. The RAT can steal credentials, execute shell commands, and communicate with a remote attacker. Security researchers at JFrog identified this threat and reported it on June 22, 2026, noting that two additional related packages, postcss-minify-selector and aes-decode-runner-pro, are linked to the same publisher and remain live on the npm registry. The RAT employs encrypted HTTP communication with a command-and-control (C2) server and ensures persistence by creating a registry key under the Windows Run key. It has capabilities for remote shell execution, file uploads and downloads, and can steal saved login data from Google Chrome using Windows decryption APIs. The malware is designed for organized batch exfiltration of stolen data. Indicators of compromise include specific IP addresses, domains, file paths, and SHA-256 hashes associated with the malware components. JFrog advises users to remove the malicious packages, inspect their dependency trees, and treat any stored credentials as compromised.

AppWizard

June 13, 2026

Gemini 3.5 Flash lands on Google’s Android coding rankings, but it’s 3x the cost for slower performance

Google has released benchmark results for evaluating AI models in Android coding, revealing that the Gemini 3.5 Flash is the most resource-intensive model but ranks sixth overall. The benchmarks indicate that Gemini 3.5 Flash has higher latency and a 9% performance gap compared to its predecessor, Gemini 3.1 Pro Preview, despite being marketed as a faster alternative. In terms of cost, Gemini 3.5 Flash averages 355.9 tokens per benchmark run at approximately 7.1, while Gemini 3.1 Pro Preview uses only 73.3 tokens at about a third of that cost. The top-ranked models include GPT 5.5, GPT 5.4, and Gemini 3.1 Pro Preview, while Claude Opus 4.7 ranks fourth. The rankings feature both open-weight and closed-weight models, with the list remaining consistent since the last release, except for the removal of GPT 5.3 Codex.

AppWizard

June 12, 2026

People are cloning games like Minecraft and Pokémon with Claude Fable 5 in no time

On June 9, Anthropic launched the Claude Fable 5 “Mythos-class” model, which has gained attention for its capabilities in game development. The model can clone popular games like Minecraft and Pokémon efficiently, producing a Minecraft clone in 20 minutes and a Pokémon clone in one hour. Users have reported impressive results, including the recreation of all 151 Gen-1 Pokémon with real sprites and game mechanics. Claude Fable 5 is part of Anthropic's premium offerings, with a pay-as-you-go pricing model that is more expensive than previous models. Benchmarks show that both Mythos 5 and Fable 5 excel in various domains, including coding and cybersecurity.

AppWizard

June 12, 2026

Retro Arcade Shop Simulator Brings the Neon 80s to PC

The Retro Arcade Shop Simulator, developed by Alt Tab Game, will debut on PC with a demo available on June 11. The full version is expected in 2026/2027, with a console release in 2027. The game allows players to build and manage their own retro arcade, featuring 28 types of entertainment options and interactive machines. The demo includes four progression levels, six types of attractions, and customization options for layout and decor. Players can manage a cafeteria and hire staff. The minimum system requirements for the PC demo include Windows 10 (64-bit), Intel Core i3-14100F or AMD Ryzen 5 5560U, 8 GB RAM, NVIDIA GeForce GTX 1060 or AMD Radeon RX 5600, and 8 GB of available SSD space.

AppWizard

June 9, 2026

This New Computer Virus Is Disguising Itself As A Popular Video Game

Old-school gaming consoles are seeing a resurgence, but hackers are exploiting this trend with a malware campaign called "WeedHack," which emerged in January. This malware operates on a "Malware-as-a-Service" model, allowing users to purchase it to infect victims. WeedHack functions as a remote access infostealer, compromising computers to manipulate screens, access webcams, and steal sensitive data. It propagates by enticing users with unofficial "Minecraft" mods and clients, often using videos and download links as bait. Additionally, it employs "SEO poisoning" to promote fake websites as legitimate sources for these mods on platforms like Discord and Reddit. WeedHack disguises itself as a JAR file, similar to the official "Minecraft" client, and once executed, it installs its payload from Ethereum server domains. It can insert itself into antivirus exclusion lists, evading detection, and McAfee's tests show that Windows Defender is ineffective against it. The malware collects extensive information, including Wi-Fi networks and browser cookies, and grants hackers complete control over infected computers. The WeedHack virus serves as both malware and a training ground for aspiring hackers, structured into two tiers: a free version with core capabilities and a paid subscription for advanced features. A community has formed around WeedHack, offering tutorials, a Discord server, and a website for feature requests and custom payload creation. This community aspect lowers the barrier for newcomers, particularly targeting a younger audience that may not understand online safety.

AppWizard

June 6, 2026

Meta’s AI agent for WhatsApp Business is now available globally

Meta has launched the Meta Business Agent, a customer support AI bot, on WhatsApp, following nearly two years of testing in India and Mexico. The bot can respond to inquiries, recommend products, schedule appointments, qualify sales leads, and escalate queries to human representatives. It will also be available through Instagram DMs. Meta is testing a feature for the Business Agent that provides daily briefings on chats and insights. Future functionalities under exploration include market research, product showcases, calendar management, and integration with competitive insight tools. Meta is developing a platform for larger enterprises to create custom agents that connect with systems like Shopify and Zendesk. The Business Agent will be incorporated into WhatsApp Business Premium subscriptions, with charges based on usage.

AppWizard

June 5, 2026

I stop looking for 5 seconds and now Crimson Desert has pinball and a rideable wyvern

Crimson Desert has released Patch 1.10.00, which includes several new features and improvements. Notable additions are the introduction of a pinball minigame at the inn near the Deleysian Institute, where players can earn tokens for various items, and a new minigame called "Orb Roll" located at the Great Gate of Urdavah. Players can now nurture a baby wyvern that can be fed and eventually ridden. The update also includes improved Re-Blockade mechanics, the ability to request "Protection" for strongholds, new mounts and pets, enhanced item management, combat enhancements, and UI improvements.

AppWizard

June 5, 2026

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

A vulnerability in several Microsoft 365 Android applications, identified as FlagLeft, was caused by a development flag left enabled in production builds, which disabled checks meant to restrict account-token sharing to trusted applications. This flaw affected applications such as Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop, and OneNote, allowing unauthorized apps to request and obtain user tokens without permission. Microsoft Teams was unaffected. The vulnerability was demonstrated by Enclave, allowing access to user emails through an unverified app. On May 12, Microsoft issued four CVEs for the affected applications, categorized under improper access control. The patched version of Word for Android is 16.0.19822.20190, and users are advised to update their applications. The patch does not invalidate already compromised tokens, so users should revoke these tokens and sign in again.

BetaBeacon

June 3, 2026

Fake GTA 6, real malware: the new scam targeting Windows and Android

Attackers create fake GTA 6 beta scams that install trojans on machines, stealing credentials and mining cryptocurrency. Gamers' anticipation for highly anticipated games makes them vulnerable to these scams. NordVPN's antivirus can intercept these files and protect users from phishing sites impersonating gaming platforms. NordVPN's Premium plan includes VPN and antivirus for .85/month. NordVPN's antivirus works well on Windows and macOS, but is limited on mobile versions. The plan comes with a 30-day money-back guarantee.

AppWizard

June 2, 2026

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk

A significant security vulnerability has been found in six Microsoft 365 Android applications, including Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop, and OneNote, due to an active debug flag left in the production code. This oversight allowed untrusted apps to request and receive access tokens, compromising user account security. An attacker could exploit this vulnerability by embedding malicious code in a widely distributed app, enabling unauthorized access to sensitive information such as emails, documents, and communications. Microsoft confirmed the issues and issued CVE numbers CVE-2026-41100, -41101, and -41102, releasing patches through their Patch Tuesday mechanism and a specific patched build on the Google Play Store. Users are advised to update their applications to mitigate the risk.