If you are making a game on a custom engine or modified one, it will not pass Windows Smart Screen. The signature can be obtained by releasing it to MS Store or Steam, but do you know you can simply send your game to Microsoft?
https://www.microsoft.com/en-us/wdsi/filesubmission β it will take months, usually, but still better than nothing.
#Security@GameDEV
#Microsoft@GameDEV
https://www.microsoft.com/en-us/wdsi/filesubmission β it will take months, usually, but still better than nothing.
#Security@GameDEV
#Microsoft@GameDEV
π12π€3π1
Notepad++ update mechanism has been hacked in a way that under certain conditions hackers can replace the update system of the app and redirect users traffic to make people install custom version and any additional apps with it.
If you have NP++ on your machine and you have updated it since June 2025: backup data, remove NP++, check any oddities, and install the new safe NP++. Do not update your app via the app itself, since it can be compromised.
It seems that the whole thing was not random and was not targeting casual users, but high-end companies and state-related facilities. But anyway, you know.
#Hackers@GameDEV
#Security@GameDEV
If you have NP++ on your machine and you have updated it since June 2025: backup data, remove NP++, check any oddities, and install the new safe NP++. Do not update your app via the app itself, since it can be compromised.
It seems that the whole thing was not random and was not targeting casual users, but high-end companies and state-related facilities. But anyway, you know.
#Hackers@GameDEV
#Security@GameDEV
π±14π3
During the last few weeks I've got several "job offers" where "you can earn up to β¬650 a day remotely". But the workflow is slightly new:
They pretend to be an alternative App Store, which is a legit business. But you as a tester suppose to install tons of random apps on your phone every day. At first they will drop you random game APKs, then viruses to steal your data and money.
I'm pretty sure a lot of people will fall for it. The process looks chill and "reasonable" for a tester to install apps.
#Security@GameDEV
#Scam@GameDEV
They pretend to be an alternative App Store, which is a legit business. But you as a tester suppose to install tons of random apps on your phone every day. At first they will drop you random game APKs, then viruses to steal your data and money.
I'm pretty sure a lot of people will fall for it. The process looks chill and "reasonable" for a tester to install apps.
#Security@GameDEV
#Scam@GameDEV
π13π±3β2
Be careful, a relatively new scam: dozens if not hundreds of medium-size repos were infected by fake CVE warning, telling that Visual Studio Code is affected. These updates are often seen in the feed and via email notifications.
So you have to urgently download the fix (which is obviously a malware). They push to fear and urgency so a lot of people fell for it.
#Security@GameDEV
So you have to urgently download the fix (which is obviously a malware). They push to fear and urgency so a lot of people fell for it.
#Security@GameDEV
β€9π4π±1
Apparently, CPU-Z has been hacked for at least a day and the script was randomly sending users to get a legit app + a hacked DLL.
The same already happened to Notepad++ (but on a way longer scale, they hijacked the update server). A lot of other companies were affected over the years (MSI Afterburner, FileZilla, even fake Blender installers were common a few years ago). But usually they at least make a fake website.
#Security@GameDEV
#Hackers@GameDEV
The same already happened to Notepad++ (but on a way longer scale, they hijacked the update server). A lot of other companies were affected over the years (MSI Afterburner, FileZilla, even fake Blender installers were common a few years ago). But usually they at least make a fake website.
#Security@GameDEV
#Hackers@GameDEV
π±8
Holy crap, I missed this drama completely and apparently all the software to control fan speeds is using a system hack that (if active) sets your whole PC at risk...
WinRing0 is a driver that all monitoring apps and fan tuning apps were using to get deep access to sensors.
The problem? You definitely need this driver to run such apps for handhelds and laptops. On some models without this access the fans will spin at 100% all the time.
https://www.youtube.com/watch?v=H_O5JtBqODA
#Security@GameDEV
#WTF@GameDEV
#Windows@GameDEV
WinRing0 is a driver that all monitoring apps and fan tuning apps were using to get deep access to sensors.
The problem? You definitely need this driver to run such apps for handhelds and laptops. On some models without this access the fans will spin at 100% all the time.
https://www.youtube.com/watch?v=H_O5JtBqODA
#Security@GameDEV
#WTF@GameDEV
#Windows@GameDEV
YouTube
Insecure Code vs. the Entire RGB Industry | WinRing 0 Driver, ft. Wendell of Level1 Techs
Sponsor: ID-Cooling Frozn A720 Black on Amazon https://geni.us/VDnou4Y
This video is about the WinRing 0 driver (not to be confused with Security Ring 0, but related in this story) and how it has propped-up the fan control and RGB industry for over a decadeβ¦
This video is about the WinRing 0 driver (not to be confused with Security Ring 0, but related in this story) and how it has propped-up the fan control and RGB industry for over a decadeβ¦
π«‘5π±1π’1
Holy cow (via)
A quick summary: the attacker has to be a local Linux user on your system and then he can escalate the privileges with a very simple script.
#Linux@GameDEV
#Security@GameDEV
A quick summary: the attacker has to be a local Linux user on your system and then he can escalate the privileges with a very simple script.
#Linux@GameDEV
#Security@GameDEV
π±11π«‘4β€1π1
Do not install suspicious free games on Steam. It's the 20th time the game was packed with malware!
This one was called Beyond the Dark and the issue has been discovered by Eric Parker.
It was using a fake Unity DLL that booted a custom virus, depends on the system (which browser the user had, which antivirus, etc).
#Security@GameDEV
#Steam@GameDEV
This one was called Beyond the Dark and the issue has been discovered by Eric Parker.
It was using a fake Unity DLL that booted a custom virus, depends on the system (which browser the user had, which antivirus, etc).
#Security@GameDEV
#Steam@GameDEV
π11π2
Honestly, using Wallpaper Engine always seemed like a dumb idea. But yeah, now it's slightly worse!
#Hackers@GameDEV
#Security@GameDEV
#Hackers@GameDEV
#Security@GameDEV
π«‘8π―4