accounts Archives

AppWizard

June 6, 2026

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Arabic-speaking users are the target of a new Android spyware called Asin, identified by ESET in early 2025. The malware is distributed through fraudulent websites that mimic legitimate services, including: - govlens[.]net, registered on May 27, 2025, impersonating a government news source. - pdf-reader[.]help, registered on May 29, 2025, claiming to be a secure PDF editor. - live-war-map[.]com, registered on January 20, 2025, providing updates on military incidents. Two of these domains are promoted via social media accounts on Facebook and Telegram. The spyware combines legitimate functionality with covert capabilities, and its campaigns may target journalists and OSINT researchers in Arabic-speaking regions. Artifacts linked to Asin include an upload to VirusTotal from Türkiye in October 2025, an APK downloaded from c-pdf[.]net in December 2025, and a sample disguised as "Syria Defense Map" detected in January 2026. Users must manually install the applications and grant permissions for the spyware to operate.

AppWizard

June 5, 2026

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

A vulnerability in several Microsoft 365 Android applications, identified as FlagLeft, was caused by a development flag left enabled in production builds, which disabled checks meant to restrict account-token sharing to trusted applications. This flaw affected applications such as Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop, and OneNote, allowing unauthorized apps to request and obtain user tokens without permission. Microsoft Teams was unaffected. The vulnerability was demonstrated by Enclave, allowing access to user emails through an unverified app. On May 12, Microsoft issued four CVEs for the affected applications, categorized under improper access control. The patched version of Word for Android is 16.0.19822.20190, and users are advised to update their applications. The patch does not invalidate already compromised tokens, so users should revoke these tokens and sign in again.

AppWizard

June 5, 2026

“2,000 to 3,000 new hits every single day”: Dangerous malware “WeedHack” hides in Minecraft mods, gives attackers webcam access, Steam and Discord passwords, and more

Minecraft's modding community is facing a threat from a malware called WeedHack, identified by McAfee researchers. This malware is part of a Malware-as-a-Service campaign that has been active since January and is notably affordable compared to other hacking tools. WeedHack targets systems that mod Minecraft and can compromise Discord accounts, browsers, and cryptocurrency wallets. To reduce risks, users are advised to download mods only from reputable sources like CurseForge and Modrinth, and to invest in strong security software, such as McAfee, which offers features to protect against such threats.

Winsage

June 5, 2026

Linux is losing ground on Steam as Windows 11 continues its rise among PC gamers — is Microsoft repairing its reputation?

In May 2026, Linux accounts for 3.99% of Steam users, down from a peak of 5.33% in March and a decline from 4.52% in April. This decline follows a period of growth when Microsoft faced challenges with Windows. Despite being higher than sub-2% levels previously, the continuous decrease is notable. Microsoft is increasing its focus on gaming performance, likely in response to competition from Linux, especially with the upcoming launch of Project Helix, a hybrid of PC and console gaming.

AppWizard

June 4, 2026

Google gets ready to tighten up its account switcher in Android apps

Google Drive is undergoing a transformation with a new, more compact account switching interface aimed at enhancing user experience across Android applications. The update will condense the current spacious layout by removing the friendly greeting, resizing the user photo, and integrating the photo and email address into a collapsible menu. The "Manage your Google account" button will be repositioned for better accessibility, and the camera icon for updating profile pictures will be replaced with a pencil icon, directing users to their comprehensive Google account information page. This redesign aims to reduce clutter in various Google applications, allowing for more fluid navigation. While these features have been observed through an APK teardown, their inclusion in the final public release is not guaranteed.

Tech Optimizer

June 4, 2026

How We Test Antivirus and Security Software

Most software applications clearly indicate their functionality, but the effectiveness of antivirus utilities is often less tangible. PCMag rigorously evaluates antivirus products through comprehensive tests that validate their claims, including real-world malware samples and various protective measures. Each antivirus tool is assessed based on its on-demand scanner and real-time monitor capabilities. PCMag compiles fresh malware samples annually, analyzing them to ensure they are suitable for testing. The testing process includes evaluating malware-blocking capabilities and web-level protection against known malware-hosting sites. Phishing site detection is also tested using recent URLs, and antispam testing has been simplified due to the effectiveness of email providers. Performance impact tests have been discontinued as modern security suites show improved efficiency. Firewall protection is evaluated through program control, exploit defenses, and overall resilience against malware. Parental control features are tested for effectiveness in content filtering and monitoring. Ransomware protection is assessed by releasing real-world samples in a controlled environment. PCMag monitors independent antivirus lab tests from various organizations, including AV-Test, AV-Comparatives, SE Labs, MRG-Effitas, and AVLab, to inform their reviews. An aggregate testing score is calculated to summarize lab results. Testing methodologies do not include VPN evaluations, which are covered separately.

AppWizard

June 4, 2026

Meta rolls out Meta Business Agent globally on WhatsApp, Instagram, and Messenger

Meta is expanding its Meta Business Agent, a feature that enhances customer engagement using artificial intelligence. This global rollout follows a successful testing phase called "Business AI," which began in October 2024 in markets like India, Mexico, and Brazil, involving over one million active shops. The Meta Business Agent functions across WhatsApp, Instagram, and Messenger, helping businesses with customer inquiries, lead management, appointment scheduling, and product suggestions. Initially available to select businesses on the WhatsApp Business app, Instagram Pro, Messenger, and Meta Business Suite, the service will evolve to handle daily operations such as market research and competitive analysis. Businesses can join a waitlist for early access. The Business Agent adapts to a brand's voice and facilitates customer interactions. Meta is also launching the Meta Business Agent Platform for creating and managing virtual assistants, integrating with services like Shopify and Zendesk. However, there have been security concerns, including hackers accessing Instagram accounts through the Meta AI support assistant.

AppWizard

June 3, 2026

Meta expands content protections for teen accounts

Meta has enhanced content settings for teen users on Facebook, Instagram, Messenger, and WhatsApp to create a safer online environment. This includes blocking teenagers from viewing inappropriate content and restricting interactions with unsuitable groups, events, profiles, and pages. This initiative follows a legal ruling in Los Angeles that found Meta and YouTube negligent in their application designs, contributing to harmful effects on children. The changes reflect Meta's commitment to safeguarding younger users and responding to concerns about social media's impact on youth.

AppWizard

June 3, 2026

Australia warns of crypto investment scams on messaging apps

Australia's financial regulatory authority, the Australian Securities and Investments Commission (ASIC), has issued a cautionary note about a rise in investment scams that exploit messaging apps and social media, particularly targeting younger individuals. These scams often start with enticing ads on social media promoting stock trading tips, leading victims to messaging apps where they are misled into thinking they are receiving legitimate investment advice from impersonated figures. Victims are then directed to counterfeit digital asset trading platforms, resulting in lost funds and additional withdrawal fees. Research from Moneysmart reveals that 23% of Australians aged 18 to 28 own digital assets, with 66% taking a speculative approach to investing, and 29% influenced by social media personalities. Additionally, 72% of Gen Z respondents encountered social media ads for digital assets, and 41% were approached to invest in cryptocurrencies. ASIC has proposed measures to mitigate risks, including avoiding sharing personal information from social media, verifying investment platforms through AUSTRAC, and acting quickly if something seems suspicious. The Australian Parliament passed a digital asset framework bill in April requiring digital asset platforms to obtain an Australian Financial Services License (AFSL) within a year to comply with new regulations.

AppWizard

June 3, 2026

Malware campaign targeting Minecraft users infects over 116,000 systems

A recent investigation by McAfee researchers has identified a Malware-as-a-Service (MaaS) operation called WeedHack, which targets Minecraft users. Since its launch in January 2026, WeedHack has compromised over 116,000 systems, with 2,000 to 3,000 new infections daily. The operation uses YouTube and SEO poisoning to distribute malware, promoting Minecraft mods and utilities through videos. WeedHack is accessible for free, with premium features available at low costs. The malware targets Minecraft session IDs, collects system information, and extracts credentials from various platforms. It includes a web-based dashboard for tracking infections and offers tools for injecting malware into legitimate mods. The operation has also been linked to incidents of cyberbullying among its users. McAfee advises caution when engaging with Minecraft-related content on YouTube.