alert Archives

AppWizard

April 11, 2026

This Russian military intelligence group has been stealing people’s sensitive data, so you might want to connect your router through a VPN

The National Cyber Security Centre (NCSC) in the UK has reported that the Russian military intelligence group APT28 is exploiting vulnerabilities in routers to redirect internet traffic through malicious servers, siphoning off sensitive information from users. This includes login credentials, search histories, and private messages. APT28's servers function as anti-VPNs, designed to extract user data rather than protect it. The group appears to be gathering data for strategic objectives, particularly targeting businesses in sectors like manufacturing and military contracting, while also potentially weaponizing information from individuals to influence public opinion. The NCSC has issued guidance for businesses on online privacy, and recommends the use of VPNs as a protective measure for individuals, with NordVPN being highlighted as a top choice among various reliable options.

AppWizard

April 10, 2026

I didn’t know how much I needed Gemini’s scheduled actions until I tried them

Megan Ellis, a user of the Gemini app, has found scheduled actions to be a valuable feature that automates routine tasks, saving her time and enhancing her productivity. Scheduled actions allow users to set automated prompts for the chatbot to generate responses at designated intervals, such as weekly or monthly reports and daily news summaries. Access to this feature varies by account type: personal accounts require Google AI Pro or Ultra plans, while work and school accounts have access limited to specific Google Workspace editions. To set up a scheduled action, users can chat with the AI, input a prompt, and instruct Gemini to repeat the action at specified times. Notifications alert users when their scheduled actions are ready. Megan uses scheduled actions to receive weekly summaries of consumer tech news and curated series recommendations, helping her stay informed and manage her viewing preferences. She wishes the feature were available to free users with some limitations.

Winsage

April 9, 2026

BlueHammer: Windows zero-day exploit leaked

A proof-of-concept (PoC) exploit called BlueHammer has been released on GitHub, targeting an unpatched local privilege escalation vulnerability in Windows. The exploit, attributed to users Chaotic Eclipse and Nightmare Eclipse, has been modified by security researchers to work on updated versions of Windows 10, 11, and Windows Server. The exploit manipulates Microsoft Defender to create a Volume Shadow Copy, allowing access to sensitive registry files and enabling the extraction of NTLM password hashes. This facilitates the alteration of a local Administrator's password and subsequent login. The exploit can duplicate the Administrator's security token and create a malicious Windows Service that runs with SYSTEM privileges. While there are no reports of BlueHammer being exploited by malicious actors, researchers warn that such PoC code can be weaponized quickly. Microsoft has committed to investigating reported security issues related to this vulnerability.

AppWizard

April 8, 2026

VP Duterte warns public vs individuals posing as her on messaging app

Vice President Sara Duterte has warned the public about individuals impersonating her on messaging platforms. She posted on her Facebook and the Office of the Vice President's official page, advising citizens to be cautious of suspicious messages claiming to be from her. A screenshot of a conversation was included where the impersonator requested a list of supportive congressmen. Duterte emphasized not to engage, share personal information, or send money, stating she does not solicit favors from the public.

Tech Optimizer

April 8, 2026

Avast Antivirus: A Complete Guide to the Software and Its Security Features

Avast antivirus is a widely used digital security solution for mobile and desktop platforms, developed by Gen Digital. It offers a free version that is accessible and easy to set up, making it popular among first-time users. Key security features include real-time threat protection, web protection tools, email protection, behavior monitoring, and a network inspector. The software operates quietly in the background, has a clean and intuitive interface, and provides essential security features in its free version. However, users may experience intrusive upgrade prompts, and advanced tools require a paid subscription. Avast distinguishes itself by offering behavioral threat detection in both free and paid versions, and its extensive user base enhances its threat detection capabilities. The free version includes basic protections suitable for everyday online activities, but advanced features necessitate an upgrade. Users are encouraged to adopt strong passwords, utilize password managers, enable two-factor authentication, and practice safe browsing habits to ensure online privacy.

AppWizard

April 3, 2026

NCSC warns of messaging app targeting by Russia-linked actors

The UK National Cyber Security Centre (NCSC) has warned of an increase in cyber threats from Russia-based actors, targeting high-risk individuals through messaging applications like WhatsApp, Signal, and Messenger. These threats involve deceptive tactics such as coaxing users for login codes, unauthorized device access, group chat infiltration, impersonation of trusted contacts, and phishing links. The targeting is linked to state-affiliated groups from Russia, China, and Iran. High-risk individuals are those with access to sensitive information or influential roles. The NCSC recommends several protective measures: enabling two-step verification, not sharing verification codes, monitoring linked devices, being cautious with unknown contacts, limiting personal app use for work, and using disappearing messages to reduce data exposure.

AppWizard

April 1, 2026

NCSC warns of messaging app targeting | National Cyber Security Centre

The National Cyber Security Centre (NCSC) has issued guidelines for individuals vulnerable to targeted attacks via messaging applications, particularly due to increased malicious activities from actors based in Russia. High-risk individuals, such as those with access to sensitive information, are especially susceptible. Past incidents involve state-affiliated groups like APT31 from China, the Russian FSB actor Star Blizzard, and Iran's IRGC targeting government officials. Attackers may use deceptive methods to obtain login codes, add devices to accounts, infiltrate group chats, impersonate contacts, and execute phishing attempts. To mitigate risks, individuals should avoid sharing sensitive information via messaging apps, use corporate services for work-related communications, refrain from sharing verification codes, activate two-step verification, utilize passkeys, regularly review linked devices, stay alert for impersonations, and consider using disappearing messages. The NCSC also provides guidance for enhancing account and device security for high-risk individuals.

AppWizard

March 26, 2026

Extraction shooter Sand delayed from March as Ukrainian developer cites ‘a difficult few months’ with ‘severe power outages and air alert disruptions’

Hologryph announced that their game, Sand: Raiders of Sophie, will not be released in March due to ongoing challenges in Ukraine, such as power outages and air alerts. The developers are focused on refining key features, including enhancements to PvE mobs, server physics and performance, anti-cheat measures, and expanding the weapon arsenal. They plan to use the additional development time to incorporate feedback from playtests. A new release date has not been set, but the team will provide another update soon, including details about a community engagement event.

AppWizard

March 25, 2026

Alert warns of cyber actors using Telegram messaging app to push malware

The FBI issued an alert on March 20 about a sophisticated cyber technique linked to the Iranian government, using the Telegram app to distribute malware globally. This has led to data breaches and reputational damage for many victims. The FBI provided recommendations for organizations and individuals to enhance cybersecurity, including staying informed about cyber threats, implementing security protocols, and educating employees on suspicious communications. Contacts for further insights at the AHA include John Riggi and Scott Gee, with resources available at aha.org/cybersecurity.

AppWizard

March 25, 2026

FBI warns of Russian, Iranian cyber activity involving messaging platforms

The FBI issued alerts regarding cyber campaigns by Russian and Iranian actors targeting messaging platforms. Russian intelligence services are reportedly infiltrating applications like Signal, leading to unauthorized access of thousands of accounts of U.S. government officials, military personnel, political figures, and journalists. Russian operatives are using phishing messages disguised as support notifications to trick users into providing verification codes or account PINs, potentially allowing attackers to take over accounts. Once compromised, attackers can access messages, contact lists, and launch further phishing attempts. The advisory emphasizes that while Signal is targeted, similar tactics can affect any messaging app. In a separate alert, the FBI highlighted Iran’s Ministry of Intelligence and Security (MOIS) using Telegram to distribute malware aimed at Iranian dissidents and journalists, enabling them to steal sensitive information. This malware often disguises itself as legitimate software and connects to Telegram bots for remote access and data exfiltration. The FBI linked these activities to the Handala Hack group, which claimed responsibility for a recent attack on medical device manufacturer Stryker. The malware can be introduced through social media by hackers posing as technical support. Experts note that the use of Telegram for cyber compromises is increasing, as it helps malicious actors avoid detection by blending their traffic with trusted platforms.