Welcome to our latest roundup of what’s going on in the indie game space. There are a whole bunch of neat new games out this week, as well as updates on some interesting upcoming projects.

In case you missed it, the Steam Spring Sale is under way. There are lots of solid deals here, and my credit card is already screaming at me. I’ve picked up a bunch of games from my wishlist. For instance, at just $3, I couldn’t resist snagging Teenage Mutant Ninja Turtles: Splintered Fate.

Meanwhile, over on Bluesky, a prototype from developer Freya Holmér caught my eye. It’s for a falling-block game, but instead of filling a container to create straight lines that disappear, it’s based around a pivot point. As tetrominos join the mass, it rotates left or right by 90 degrees, adding a new dimension to a well-established format. I’m really hoping Holmér turns this into a full game, as it’s a rad concept.

New releases

Given all the bug slaughtering and the jingoistic satire, any Starship Troopers project is going to draw comparisons with Helldivers 2. Fortunately, Starship Troopers: Ultimate Bug War! is entirely its own thing.

This is a retro first-person shooter from Auroch Digital (the studio behind Warhammer 40,000: Boltgun) and publisher Dotemu. The framing of the game is quite meta: it’s based on the experiences of Major Samantha Dietz, who was on the frontlines against the bugs, and it’s effectively being used as a military recruitment tool.

Starship Troopers: Ultimate Bug War! is a blast. I thoroughly enjoyed my time with it. Not that I needed one, but it gave me an excuse to watch Paul Verhoeven’s original film again since the game (while having an original story) hits some of the same beats.

The tone is spot on. The writing in the cutscenes, in which Casper Van Dien reprises his role as Johnny Rico from the movies, is funny. You can’t tell me that it isn’t a thrill to blow up a giant bug with a tactical nuke. Plus, I was tickled by the consequences of “accidentally” shooting a fellow soldier in the training base and all hell breaking loose.

Alas, the pacing feels off — there’s a bit too much space between objectives in some levels — and it’s a little one-note. Still, it only takes around four or five hours to beat, particularly if you don’t care about hunting for secrets.

Starship Troopers: Ultimate Bug War! is out now on Steam, PS5, Xbox Series X/S and Nintendo Switch 2. It’ll usually cost $25, but there’s a 20 percent discount until March 24.

Retro Rewind is a solid name for a video store rental sim. You’ll manage a store in the early ’90s — the heyday of VHS — by doing everything from decorating the place, filling shelves with tapes and buying bootleg films to hiring staff, making recommendations to customers and collecting late fees.

My first job was behind the counter of a convenience store that had a small movie rental section, so I’ve got a tiny bit of experience with calling up customers who have overdue films. That part of the job wasn’t exactly fun, but like the idea of running an entire rental store, an experience that’s sadly almost extinct.

Retro Rewind – Video Store Simulator is available on Steam (normally $20, with a 20 percent discount until March 24). You can try it out by playing a demo.

In Their Shoes looks like an intriguing spin on the visual novel. From We Are Muesli, this is billed as a mumblecore narrative vein, indicating that it’s influenced by films from that subgenre (such as the works of the Duplass brothers, Lynn Shelton and, especially in the early part of her career, Greta Gerwig). Through a few dozen interactive scenes, it follows the intertwined lives and intimate moments of seven people in Milan. Each of these dialogue-focused segments lasts around five minutes. There are timed choices and you can arrange the scenes into a timeline.

You can pick up In Their Shoes on Steam now. The full price is $13, but there’s a 25 percent discount until March 31.

For this week’s dog game, here is World’s Goodest Pup. It’s another pooch-based roguelike deckbuilder. This time around, you’ll be trying to succeed in the realm of competitive dog shows. After selecting a dog from among three breeds, you’ll start building a deck of accessories, tricks and poses and combine them in strategic ways to be most effective in competitions and challenges, which are procedurally generated.

This is a cozy game first and foremost, though. You can spoil puppers in a pet resort that you’ll build and treat them with a visit to a dog spa. Cute.

World’s Goodest Pup  — from Pandamander — is out on Steam (normally $7, with 10 percent off until March 26). You can try it out via a demo.

The release trailer for Bonnie Bear Saves Frogtime made me chuckle, so I had to include it. The latest project from Bonte Avond (the team behind Once Upon A Jester) is a comedy adventure game.

As Bonnie Bear, a bear in a frog onesie, you set out to defeat a local bully in a tactical frog-battling game called Frogtime. As with many real-life trading card games, you’ll buy and collect frogs to build a strong army. Most importantly, it seems to be a game about the power of community, friendship and self-worth.

Bonnie Bear Saves Frogtime is out now on Steam and Nintendo Switch for $17.

Upcoming

Gunbrella studio Doinksoft is back with another game that has a fantastic name. It’s a roguelite, side-scrolling action platformer with shoot-em’-up elements. And it’s called Dark Scrolls. It’s such a good title that I’m almost mad I didn’t think of it first.

There’ll be nine heroes to choose from, including a pup named Biscuit and a rat with a saxophone. The game features procedurally generated runs with branching paths, and there’s multiplayer support for two-player online co-op. I’m into the Master System-era art style and the utter chaos shown in the trailer.

The Devolver Digital-published Dark Scrolls (still not over that name) is coming to Steam and Switch later this year.

If you think about it, Scrabble is already a roguelike strategy game. Beyond Words takes that a bit further, with tiles that shift and explode, and boards that change up the rules. Much like in Balatro, you’ll be modifying, destroying and duplicating tiles as you seek powerful synergies and massive score multipliers. There are more than 300 modifiers and abilities, along with boss battles and optional time-based challenge boards.

What makes Beyond Words particularly interesting is that it’s from Steve Ellis and Dr David Doak — who made their names at Rare and Free Radical Design with the likes of GoldenEye 007, Perfect Dark and TimeSplitters — and their small team at MindFuel Games. PQube is the publisher of Beyond Words, which will hit Steam, PlayStation 5, Xbox Series X/S and Nintendo Switch on April 9. A demo is available on Steam now.

We’ve learned about a bunch of upcoming music rhythm games lately, and here’s another one from Guitar Hero, Rock Band and DJ Hero veterans. Echo Foundry Interactive seems to be hoping that the community-driven focus will help Sound System stand out.

When it goes into early access on Steam (October 16, $25), Sound System will have local multiplayer support. Echo Foundry Interactive plans to add online multiplayer with co-op and competitive modes. Players will be able to create charts for any song they like too.

We’ve had a dog game (or two) and a frog game. Now it’s time to wrap things up with a cat game. In Cat Me If You Can — great title, again — the Earth has frozen and lost its color. Only cats remain. By time-travelling and taking photos of them, you’ll gradually restore color to the world.

It’s a hidden cat puzzle game from Cosmic Stag Games that’s coming to PC, Switch and Xbox in the summer. You’ll be able to check out a demo on Steam on April 8.

Twitter is officially 20 years old. In another reality, that might make me kind of nostalgic. I’ve been lurking and scrolling and tweeting for 16 years; most of my adult life. There was a time when Twitter was a place where some internet strangers became my IRL friends, when I was excited to “live-tweet”. When my infinitely more well-adjusted friends would send me memes, I would smugly say “I saw that on Twitter days ago.”

Twitter stopped being that place a long time ago, but I don’t have any nostalgia for it. I don’t really feel anything at all, actually.

Because I can already hear the comments: Yes, I’m still on X. I don’t spend as much time there as I did a decade ago, but it’s still quite a lot of time, an unhealthy amount, if I’m being honest. My job is to report on social media companies, so I keep (doom)scrolling. That’s what I tell myself anyway.

A few of my favorite posters are still around. Dril’s still got it. The memes are still, occasionally, good, even though X’s recommendation algorithm seems to prefer pointing me toward endless AI slop, boring hot takes from thirsty mid-tier tech execs and blatant engagement bait. X’s algorithm — what little we can learn about it, anyway — now relies on Grok’s predictions about what you’ll like.The same Holocaust-loving Grok that has spewed racism and referred to itself as MechaHitler and declared Elon Musk “the single greatest person in modern history.” The same Grok that allegedly generated thousands of images of child abuse material. Hey @grok is that true?

X is not Twitter but it’s also not not-Twitter. Last year, an online marketplace startup bought the 560-pound Twitter bird that once adorned the company’s San Francisco office and blew it up in a Nevada desert surrounded by Tesla CyberTrucks as part of an elaborate publicity stunt. Dumb? Yes. But also a somehow fitting adieu for “Larry.”

It’s been 20 years since Jack Dorsey sent the first-ever tweet, which was never even a good tweet anyway. It’s been five years, by the way, since he turned that tweet into an NFT (remember NFTs??) and auctioned it for nearly $3 million. It’s now functionally worthless. Another chapter in Dorsey’s confusing, complicated legacy.

The flash from my iPhone camera illuminates my dirty socks and underwear as I hold each item up for the video recording to capture clearly. As I load my smelly clothes into the washer, I tremble a bit each time the phone loudly beeps, detecting that my hands may be out of frame. Gotta see those fingers! No, I haven’t pivoted to filming some kind of fetish content to make ends meet—I’m trying the latest gig work app from DoorDash, called Tasks.

The new Tasks app from food delivery app DoorDash has nothing to do with delivering food—it’s all about gathering training data from humans, that’s you, for improving generative AI models and humanoid robots. “This data helps AI and robotic systems understand the physical world,” reads DoorDash’s press release. “Pay is shown upfront and determined based on effort and complexity of the activity.” Most of the gigs involve strapping a smartphone to your chest and recording your hands performing specific tasks.

This kind of video data can be used by developers of AI models and robotics to improve performance. For example, thousands of videos of people folding laundry, with their hands clearly visible, could help teach a robot how to do the same task using computer vision.

Photograph: Reece Rogers

DoorDash plans to expand this service to include an even wider range of tasks and users in the future. It’s unclear where exactly the app is available for users at launch in the US—residents of California, New York City, Seattle, and Colorado are explicitly blocked from using Tasks. (I was able to use the Tasks app and complete gigs while residing in Kansas.)

Curious about what kinds of tasks DoorDash is offering right now, I signed up to be a “dasher” and downloaded the Tasks app. After logging in, the onboarding quest was to film yourself moving three objects across a table. Easy! I turned the camera on and shifted my coffee cup, pen, and laptop from one side of my desk to the other. My reward for this wasn’t cash—DoorDash shipped a free body-mount for my smartphone camera afterward, so I could complete more gigs in the app.

After that quick onboarding session, I could see the full list of potential jobs and start making some cash. The gigs currently available in the Tasks app mainly fall into five major categories: household chores, handiwork projects, cooking food, location navigation, and foreign language conversations.

The tasks within these categories are fairly broad. The chore list includes everything from making a bed and loading a dishwasher to repotting plants and taking out the trash. The handiwork projects range from simple tasks, like changing a lightbulb, to more complex ones, like pouring cement. The cooking gigs mostly revolve around eggs: frying them, poaching them, scrambling them. Navigation gigs include exploring a museum and walking around an apartment complex. For the language-based tasks, the app requests “natural conversations” in Russian and Mandarin Chinese, as well as other languages.

An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages.

The investigation, led by Germany and supported by Europol, began in mid-2021 and focused on a platform called “Alice with Violence CP,” operated by a 35-year-old suspect based in China.

These sites advertised child sexual abuse material (CSAM) and cybercrime-as-a-service offerings, including stolen credit card data and access to compromised systems.

According to Europol, the sites used showed previews of claimed CSAM “packages” to trick users into entering their email addresses and paying between EUR 17 and EUR 250 in Bitcoin, receiving nothing in return.

“Each package had an estimated cost of between EUR 17 and EUR 215, and promised data volumes ranging from a few gigabytes to several terabytes of CSAM,” explains Europol.

“However, these were purely fraudulent sites where CSAM was advertised and previewed but never delivered.”

The fraudulent CSAM platform fooled around 10,000 users into paying roughly $400,000 to the operator of the sites. Of those, the authorities have identified 440 users in 23 countries, and are currently investigating 100 of them.

Although these people never received the illegal material, they still tried to purchase CSAM, financially supporting child abuse and demonstrating criminal intent. Even attempting to buy such material is prosecuted in many jurisdictions.

At its peak, the scam network’s infrastructure comprised 287 servers, with a significant portion (105) located in Germany, all of which have now been seized. German authorities have also issued an international arrest warrant for the Chinese operator.

Europol highlights its broader child protection work, including the Help4U support platform launched in November 2025, and its “Stop Child Abuse – Trace an Object” initiative, which invites people to identify the origin of objects seen in CSAM material that may lead to the identification of perpetrators, and the saving of children from abuse.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account.

Azure Monitor is Microsoft’s cloud-based monitoring service that collects and analyzes data from Azure resources, applications, and infrastructure. It enables users to track performance, notify about billing changes, detect issues, and trigger alerts based on various conditions.

Over the past month, numerous people have reported receiving Azure Monitor alerts warning of suspicious charges or invoice activity on their accounts, urging them to call an enclosed phone number.

“Alert rule description MICROSOFT CORPORATION BILLING AND ACCOUNT SECURITY NOTICE (REF: MS-FRA-6673829-KP). Our system has detected a potentially unauthorized charge on your account. Transaction Details: Merchant: Windows Defender. Transaction ID: PP456-887A-22B. Amount: 389.90 USD. Date: 03/05/2026l,” reads the fake billing alert.

“For your protection, this transaction has been temporarily placed on hold by our Fraud Detection Team. To prevent possible account suspension or additional fees, please verify this transaction immediately. If you did NOT authorize this payment, contact our 24/7 Microsoft Account Security Support at +1 (864) 347-2494 or +1 (864) 347-4846.”

“We apologize for any inconvenience and appreciate your prompt response. Microsoft Account Security Team.”

Unlike other phishing campaigns, these messages are not spoofed, but are sent directly by the Microsoft Azure Monitor platform using the legitimate azure-noreply@microsoft.com email address.

As the emails are sent through Microsoft’s legitimate email platforms, they pass SPF, DKIM, and DMARC email security checks, making them appear more trustworthy.

Authentication-Results: relay.mimecast.com;
	dkim=pass header.d=microsoft.com header.s=s1024-meo header.b=CKfQ8iOB;
	arc=pass ("microsoft.com:s=arcselector10001:i=1");
	dmarc=pass (policy=reject) header.from=microsoft.com;
	spf=pass (relay.mimecast.com: domain of azure-noreply@microsoft.com designates 40.107.200.103 as permitted sender) smtp.mailfrom=azure-noreply@microsoft.com

The threat actors are conducting this campaign by creating alerts in Azure Monitor for easily triggered conditions, such as new orders, payments, generated invoices, and other billing events. 

When creating alerts, you can enter any message you want in the description field, which the attackers use to put their callback phishing message.

These alerts are then configured to send emails to what is believed to be a mailing list under the attacker’s control, which forwards the email to all the targeted people in the attack.

This also preserves the original Microsoft headers and authentication results, helping the emails bypass spam filters and user suspicion.

BleepingComputer has seen multiple alert categories used in this campaign, mostly using invoice and payment-themed rules designed to resemble automated billing notifications:

• Azure monitor alert rule order-22455340 was resolved for invoice22455340
• Azure monitor alert rule Invoice Paid INV-d39f76ef94 was resolved for invd39f76ef94
• Azure monitor alert rule Payment Reference INV-22073494 was resolved for purchase22073494
• Azure monitor alert rule Funds Successfully Received-ec5c7acb41 was triggered for subec5c7acb41
• Azure monitor alert rule MemorySpike-9242403-A4 was triggered
• Azure monitor alert rule DiskFull-3426456-A6 was triggered for locker3426456

The campaign relies on creating a sense of urgency, which in this case is the unusual $389 Windows Defender charge, to trick the users into calling the listed phone number.

While BleepingComputer did not call the number in this scam, previous callback phishing campaigns led to credential theft, payment fraud, or the installation of remote access software.

As these emails use a more enterprise or corporate theme, they may be intended to gain initial access to corporate networks for follow-on attacks.

Users should treat any Azure or Microsoft alert that includes a phone number or urgent request to resolve billing issues with suspicion.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report