We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

worldwide

Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks
Winsage
August 11, 2025

Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks

Security researchers have identified a "zero-click" denial-of-service (DoS) exploit that can covertly turn Microsoft Windows Domain Controllers (DCs) into a global botnet. DDoS attacks increased by 56% year-over-year in late 2024, with Cloudflare blocking an attack that peaked at 7.3 Tbps in 2025. The average minute of downtime from these attacks costs businesses approximately ,000, with incidents for small and midsize firms exceeding 0,000. The exploit, known as Win-DDoS, leverages the Lightweight Directory Access Protocol (LDAP) client in Windows, allowing DCs to automatically target victim servers through LDAP referrals without user interaction. This results in thousands of DCs inadvertently overwhelming a target with TCP traffic. Four vulnerabilities (CVEs) related to this exploit were disclosed to Microsoft in March 2025 and addressed in subsequent patch releases in June and July 2025. These vulnerabilities include: - CVE-2025-32724: LSASS (LDAP client) - None needed, causes memory exhaustion/DC crash, patched June 2025. - CVE-2025-26673: NetLogon (RPC) - None needed, causes TorpeDoS memory crash, patched May 2025. - CVE-2025-49716: NetLogon (RPC) - None needed, causes Stateless RPC DoS, patched July 2025. - CVE-2025-49722: Print Spooler (RPC) - Authenticated user needed, causes any Windows endpoint crash, patched July 2025. The vulnerabilities indicate significant architectural flaws in the LDAP client’s referral logic and RPC interfaces. SafeBreach advises administrators to apply patches promptly and limit DC exposure to the Internet. The emergence of Win-DDoS marks a shift in attack strategies, utilizing legitimate servers for amplification without leaving malware traces, complicating detection and response efforts. Enterprises are urged to enhance their threat models and implement DoS hardening measures.
Win-DoS Epidemic: New DoS and DDoS Attacks Start with Microsoft Windows
Winsage
August 11, 2025

Win-DoS Epidemic: New DoS and DDoS Attacks Start with Microsoft Windows

During DEF CON 33, Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic.” They identified four significant Windows DoS vulnerabilities, all categorized as “uncontrolled resource consumption,” including: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in the Windows print spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints and servers, including domain controllers (DCs), which are essential for managing authentication and resources in enterprise networks. The researchers also revealed a new DDoS attack method, termed Win-DDoS, which exploits a flaw in the Windows LDAP client referral process, allowing attackers to redirect DCs to a victim server and continuously repeat this redirection, creating a large-scale DDoS botnet using public DCs without leaving forensic traces.
New 'Win-DoS' Zero-Click Vulnerabilities Turns Windows Servers/Endpoints, Domain Controllers Into DDoS Botnet
Winsage
August 11, 2025

New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Servers/Endpoints, Domain Controllers Into DDoS Botnet

Researchers Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic” at DEF CON 33. They identified four new vulnerabilities in Windows DoS and one zero-click distributed denial-of-service (DDoS) flaw, classified as “uncontrolled resource consumption.” The vulnerabilities include: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in Windows Print Spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints or servers, including Domain Controllers (DCs), potentially allowing for the creation of a DDoS botnet. The researchers also discovered a DDoS technique called Win-DDoS that exploits a flaw in the Windows LDAP client’s referral process, enabling attackers to redirect DCs to a victim server for continuous redirection. This method can leverage public DCs globally, creating a large, untraceable DDoS botnet without specialized infrastructure. Additionally, the researchers examined the Remote Procedure Call (RPC) protocol and found three new zero-click, unauthenticated DoS vulnerabilities that can crash any Windows system. They also identified another DoS flaw exploitable by any authenticated user on the network. The researchers released tools named “Win-DoS Epidemic” to exploit these vulnerabilities, highlighting the need for organizations to reassess their security measures regarding internal systems and services like DCs.
8 forgotten Android classics I still play today
BetaBeacon
August 10, 2025

8 forgotten Android classics I still play today

Dead Trigger is a single-player, story-driven first-person zombie shooter game that offers a fairly pure experience without pushing micro-transactions for upgrades. The game was optimized for Tegra chipsets and had stunning graphics for its time. It remains playable despite looking a bit dated and offers bite-sized missions for players.
Warner Bros Discovery beats second-quarter revenue estimates
AppWizard
August 8, 2025

Warner Bros Discovery beats second-quarter revenue estimates

Warner Bros Discovery reported a second-quarter profit driven by the international rollout of HBO Max and successful film releases, including “A Minecraft Movie,” which grossed nearly billion globally. The company added 3.4 million subscribers to its streaming division, surpassing expectations. Total revenue for the quarter reached .81 billion, exceeding analyst predictions. However, shares fell approximately 7 percent due to a 9 percent revenue drop in the cable TV unit and a 12 percent decline in advertising revenue for its linear network division. The streaming unit achieved an adjusted core profit of 3 million, a turnaround from a loss of million the previous year. Warner Bros Discovery anticipates a further decline in advertising revenue in the current quarter.
Indaina's Largest Corn Maze Has a Minecraft Theme
AppWizard
August 8, 2025

Indaina’s Largest Corn Maze Has a Minecraft Theme

North Folk Farms, located in Waterloo, Indiana, is home to the largest corn maze in the state, a tradition since 2011. The farm features various activities such as pumpkin picking, hayrides, and a zip line. This year's corn maze theme is inspired by Super Mario Bros, while the 2025 design will be based on the upcoming Minecraft Movie. The corn maze opens on August 29th.
18 essential Minecraft tip and tricks that will help you master the game
AppWizard
August 8, 2025

18 essential Minecraft tip and tricks that will help you master the game

Minecraft has approximately 204.33 million monthly players and is available on all mobile devices and gaming consoles. Llamas can be used as pack mules, with inventory capacity varying from 3 to 15 slots based on strength. Players can break blocks to leave a breaking pattern on the north side for navigation. Lava is a superior fuel source compared to wood or coal. Diamonds are now typically found between levels 15 and 63. Blue sheep can be turned red by an Evoker. Torches can help harvest sand and gravel more effectively. Mushroom biomes do not spawn aggressive mobs at night. Carved pumpkins can prevent Endermen attacks. Iron Golems can be created for protection using iron blocks and a carved pumpkin. Cats deter Creepers. Doors create air pockets underwater. Snowballs are effective against Blazes. Placing torches around mob spawners can halt enemy production. The Swift Sneak enchantment allows quick movement while crouching. Mooshrooms produce mushroom stew when milked. Players can dye their dogs' collars for identification. Adding a glass pane to a map preserves pixel art. Zombies are attracted to turtle eggs, which can be used to lure them away.
Epic Games Store Updated With $45 Worth of Free Games
AppWizard
August 7, 2025

Epic Games Store Updated With $45 Worth of Free Games

The Epic Games Store is offering two free PC games until August 14: Road Redemption and 112 Operator. Road Redemption, an action-packed racing game released in 2019, has an 82% approval rating on Steam and is typically priced at .99. It allows players to lead a motorcycle gang on a cross-country journey with intense driving combat. 112 Operator, a simulation and strategy game released in 2020, has an 89% approval rating on Steam and is usually priced at .99. In this game, players manage emergency services in various cities, responding to calls and navigating different scenarios.
Kaiju No. 8 THE GAME Roars Onto Mobile & PC Aug. 31 After 850K Pre-Regs
AppWizard
August 7, 2025

Kaiju No. 8 THE GAME Roars Onto Mobile & PC Aug. 31 After 850K Pre-Regs

Akatsuki Games, TOHO, and Production I.G announced Kaiju No. 8 THE GAME, set to launch on August 31 (JST) for mobile and PC platforms, including the App Store, Google Play, and Steam. Pre-registration opened on April 25 and has surpassed 850,000 sign-ups. The game features 3D battles against kaiju, with players taking on the roles of Japan Defense Force units and new characters from the CLOZER squad, led by Sagan Shinomiya. A new trailer showcases combat sequences and visuals, with voice actor Masaya Fukunishi demonstrating game controls. New characters include strategist Chester Lochburn and weapons specialist Suited. Pre-registration rewards include two four-star characters, and players can select a five-star character if sign-ups reach one million. The game will support multiple languages: Japanese, English, Traditional and Simplified Chinese, Korean, and French.
Microsoft's anniversary edition Windows XP-themed Crocs are definitely a look, but I'm not entirely sure I could carry them off
Winsage
August 7, 2025

Microsoft’s anniversary edition Windows XP-themed Crocs are definitely a look, but I’m not entirely sure I could carry them off

Microsoft has released a special anniversary edition of Crocs inspired by Windows XP, featuring a design that replicates the iconic Bliss wallpaper. The upper part of the footwear showcases fluffy white clouds against a blue sky, while the soles depict lush green grass. A worldwide launch is expected, though no specific dates have been provided. The Bliss image, captured by photographer Charles O’Rear in 1996 and acquired by Microsoft before Windows XP's release in 2001, depicts a hill in Sonoma County, California, which has since become a vineyard. Bliss was once one of the most viewed photographs globally, reflecting the popularity of Windows XP.
Search