worm Archives

AppWizard

May 4, 2026

How a ’90s Zelda PC port became a fangame factory, turning one legend into a thousand

Whale falls occur when whales die and their carcasses create nutrient-rich ecosystems that attract various marine life, including the bone-eating snot flower worm. In gaming, ZQuest Classic is a user-friendly game creation tool that allows fans to create their own games, often inspired by the Zelda series. The platform has a supportive community, with a database of custom games categorized by genre. Notable creations include The Deep, a metroidvania quest, and larger projects like Lost Isle and The Hero of Dreams. Developers like Eddy Oliveira have made significant contributions, and the dynamic between lead developers Emily Venezia and Clark is essential for the platform's evolution. They are preparing for the 3.0 release, which will introduce new features to enhance game development.

Tech Optimizer

April 26, 2026

CanisterSprawl: pgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP Canister

On April 21, 2026, compromised versions of pgserve (1.1.11, 1.1.12, and 1.1.13) were published on npm, containing a 1,143-line credential-harvesting script that executes during the postinstall phase of npm install. The malware functions as a supply-chain worm, reinjecting itself into other packages if it finds an npm publish token. Stolen credentials are encrypted using RSA-4096 and AES-256 and exfiltrated to a decentralized Internet Computer Protocol (ICP) canister. The last legitimate release was v1.1.10, published on April 17, 2026. The malware was detected by StepSecurity AI Package Analyst and Harden Runner, which flagged the compromised versions as Critical / Rejected and confirmed live exfiltration during analysis. The injected script performs operations such as harvesting environment variables, collecting filesystem secrets, encrypting payloads, and propagating to other npm packages and Python packages if a PyPI token is detected. The exfiltration domains have been added to a global block list.

Tech Optimizer

March 16, 2026

What Is a Crypto Miner Virus?

A crypto miner virus, or cryptojacking malware, secretly uses a device’s CPU or GPU to mine cryptocurrency for an attacker, leading to increased electricity costs and potential hardware damage for the victim. It typically infects devices through phishing emails, pirated software, compromised websites, and malicious browser extensions. Monero is the preferred cryptocurrency for mining due to its efficiency on standard CPUs and privacy features. Signs of infection include overheating, high CPU usage, and increased electricity bills. Detection involves monitoring system performance and running antivirus scans. Prevention includes using antivirus software, keeping systems updated, and avoiding pirated software. Notable incidents include attacks on a European water utility and the Los Angeles Times website.

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

Tech Optimizer

February 13, 2026

MyDoom virus: What it is and why it mattered

In January 2004, the MyDoom computer worm quickly spread to email inboxes in 168 countries, becoming one of the fastest-spreading pieces of malware in internet history. It exploited human behavior by enticing users to open email attachments that appeared to be delivery errors or system notifications. MyDoom replicated itself through email without corrupting files or destroying data, harvesting email addresses from infected computers to send copies to new victims. The two main variants, MyDoom.A and MyDoom.B, targeted the SCO Group and Microsoft, respectively, and demonstrated the potential for email worms to be weaponized for coordinated attacks. MyDoom primarily targeted Windows-based operating systems and used deceptive emails to propagate. Once infected, it installed a backdoor for unauthorized remote access, forming a botnet for further attacks. MyDoom's effectiveness was due to its alignment with user behavior and the limited security measures of the time, leading to significant disruptions in email communication and an estimated economic impact of approximately billion. Although no longer a current threat, MyDoom's legacy influenced modern email security protocols, leading to improved filtering, behavior-based detection, and multi-layered defense strategies.

AppWizard

December 4, 2025

Eldritch horrors grasp your frail teammates’ minds in Neath, an upcoming tactical roguelike RPG where you also control the enemy

Neath is an upcoming tactical RPG developed by Cellar Door Games, known for Rogue Legacy and Don't Shit Your Pants. The game features a unique aesthetic and a pixelated nightmare world filled with grotesque creatures, including worm-infested monstrosities and goblin archers. The announcement trailer highlights morally ambiguous decisions, such as a bone-encrusted mass with a sword. Neath is available for wishlist on Steam and is expected to be released sometime in 2006, though no specific date has been confirmed.

Winsage

December 3, 2025

Ex-engineer blasts Microsoft – argues it must fix Windows 11 ‘until it doesn’t suck’, never mind about AI

Dave Plummer, a former Microsoft software engineer, has expressed concerns about Windows 11's direction, advocating for a focus on stabilizing and enhancing performance rather than adding new features, particularly AI-related ones. He compares the current situation to the response to the Blaster worm in 2003, when Microsoft halted feature development to address security vulnerabilities and bugs. Plummer believes Microsoft should prioritize improving Windows 11's performance and usability for power users before introducing new features. He notes that the current emphasis on AI capabilities may detract from addressing core functionalities and that shareholder value seems prioritized over user experience. There is a call for Microsoft to refine Windows 11's underlying code and resolve performance issues, although the feasibility of pausing feature development for an entire release cycle is questioned.

Winsage

December 1, 2025

Win 11 needs an XP SP2 moment, says ex-Microsoft engineer

The Windows operating system is currently criticized for prioritizing artificial intelligence features over user satisfaction. Retired Microsoft engineer Dave Plummer, who contributed to Windows XP, suggests that Microsoft should reflect on its approach, recalling a pivotal moment in 2003 when the company focused solely on improving security after the Blaster worm incident. Plummer argues that this focus on fixing existing issues rather than adding new features led to a more stable operating system. He believes that Windows 11 should similarly prioritize stability and performance over new features, recommending that Microsoft dedicate one release cycle exclusively to these improvements. Recent comments from Windows chief Pavan Davuluri and AI chief Mustafa Suleyman indicate that there has been negative feedback from users regarding AI integration.

BetaBeacon

November 15, 2025

I hand picked 16 of today’s Meta Quest games announcements you need to see, plus several stealth releases you can play right now!

- Vampire Survivors is now available in virtual reality. - Hotel Infinity is a VR game that features shifting and changing worlds with impossible architecture. - Glassbreakers: Champions of Moss is a MOBA spinoff that is a real-time strategy game. - Syberia VR is a remastered point-and-click adventure game from the early 2000s playable in VR. - EXOSHOCK is a co-op PvE sci-fi squad shooter with unique combat and art style. - Banners & Bastions is a strategy puzzle game with new content and improvements. - Dimensional Double Shift is a multiplayer game where players work together in different dimensions.

Winsage

October 24, 2025

Windows Server emergency patches fix WSUS bug with PoC exploit

Microsoft has released out-of-band security updates to address a critical-severity vulnerability in its Windows Server Update Service (WSUS), tracked as CVE-2025-59287. This remote code execution flaw affects Windows servers with the WSUS Server Role enabled, allowing low-complexity remote attacks without user interaction. If the WSUS server role is enabled and the fix is not installed, the server becomes vulnerable. Microsoft recommends that customers install the updates immediately and provided alternative measures, such as disabling the WSUS Server Role or blocking inbound traffic to Ports 8530 and 8531. The update is cumulative and supersedes all previous updates for affected versions. After installation, WSUS will no longer display synchronization error details as a temporary risk mitigation measure.