We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

API

Android users lose key Nextcloud feature because Google said so, and the reason doesn’t add up
AppWizard
May 16, 2025

Android users lose key Nextcloud feature because Google said so, and the reason doesn’t add up

Google has restricted file upload capabilities for the Nextcloud Files Android app by revoking the "All files access" permission, which has been essential for the app since 2011. This change prevents Android users from uploading various file types to their Nextcloud accounts. Nextcloud has expressed frustration over this decision, suggesting it is a strategic move by Google to maintain dominance in the cloud storage market and favor its own applications. The alternatives proposed by Google, such as the MediaStore API or Storage Access Framework (SAF), do not meet Nextcloud's functionality needs. Nextcloud draws parallels to past corporate tactics that limited competition and highlights ongoing concerns regarding fair competition and regulatory responses.
Marbled Dust leverages zero-day in Output Messenger for regional espionage
AppWizard
May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.
Nextcloud cries foul over Google Play Store app rejection
AppWizard
May 14, 2025

Nextcloud cries foul over Google Play Store app rejection

Nextcloud, a European software vendor, has raised concerns about Google's treatment of its Android Files application, which has over 800,000 users. The issue centers on the "All files access" permission, which was revoked by the Play Store in 2024, impairing the app's functionality. Nextcloud argues that alternatives like the Storage Access Framework (SAF) and MediaStore API are inadequate for their needs. The app has been able to read and write all file types since its launch in 2016 without security concerns from Google until the recent revocation. Nextcloud claims that Google's policies are stifling competition and that they have faced bureaucratic inefficiencies in addressing their complaints. Despite having a fully functional version on F-Droid, the Google Play version is restricted. Nextcloud has previously lodged a complaint with the EU regarding Microsoft's anti-competitive behavior, and they express frustration over the lack of action taken. They believe larger tech companies are trying to suppress smaller competitors.
Microsoft Build 2025: What to expect, from Azure to Copilot upgrades
Winsage
May 12, 2025

Microsoft Build 2025: What to expect, from Azure to Copilot upgrades

Microsoft's annual Build developer conference will occur from May 19 to 22, focusing on new AI integrations, services, and applications for Windows. Last year's conference featured the integration of Copilot into Microsoft Teams and the introduction of AI-powered PCs. This year, deeper integrations of Copilot generative AI are expected, catering to consumer and enterprise needs. Keynotes will be streamed online for free. Microsoft raised prices on various software products by 5% last November and may use new AI features to justify these increases. Copilot is anticipated to have significant enhancements, with reports suggesting Microsoft is considering alternative AI models from xAI, Meta, Anthropic, and DeepSeek. Copilot may gain “agentic” capabilities for executing basic PC tasks, with references to an Action button found in the Copilot client for Windows. Microsoft is rumored to have developed a suite of models called MAI to compete with OpenAI’s offerings, potentially to be unveiled at Build. There are also rumors about a successor to the Azure Maia 100 AI Accelerator, possibly named “Maia 2,” with Marvell contracted for its production.
Samsung could get you a secret vault for your photos in One UI 8
AppWizard
May 12, 2025

Samsung could get you a secret vault for your photos in One UI 8

Samsung is enhancing user privacy in its upcoming One UI 8 Gallery app with a new feature called "Private album," designed to discreetly store photos and videos. This feature is currently in beta testing within the hidden “Labs” section of the app, indicating it may not be included in the final release. The Private album aims to provide a simpler alternative to the existing Secure Folder for managing visual content. One UI 8 is built on the forthcoming Android 16 and is expected to launch after the stable release of Android 16 in June. The update will introduce various refinements to enhance user experience, including improved background task management, smarter app suggestions, and better battery management. There are also rumors of new features like video summarization in Samsung Internet and an upgraded Secure Folder.
Microsoft Defender Discovers Zero-Day Vulnerability in Windows CLFS
Winsage
May 12, 2025

Microsoft Defender Discovers Zero-Day Vulnerability in Windows CLFS

The deployment of PipeMagic preceded a sophisticated exploit targeting the Common Log File System (CLFS) kernel driver, initiated from a dllhost.exe process. The exploit began with the NtQuerySystemInformation API, which leaked kernel addresses to user mode. In Windows 11, version 24H2, access to specific System Information Classes within this API was restricted to users with SeDebugPrivilege, rendering the exploit ineffective on this version. The exploit then used a memory corruption technique with the RtlSetAllBits API to overwrite its process token with 0xFFFFFFFF, granting it all available privileges and enabling process injection into SYSTEM-level operations. A CLFS BLF file was created at C:ProgramDataSkyPDFPDUDrv.blf, marking the exploit's activity.
Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution
Tech Optimizer
May 12, 2025

Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution

Defendnot is a tool that disables Windows Defender by using the Windows Security Center (WSC) API, presenting itself as a legitimate antivirus solution. It was created by a developer named “es3n1n” and follows the removal of a previous tool called “no-defender.” The tool engages directly with WSC, which disables Windows Defender when third-party antivirus software is installed to avoid conflicts. Defendnot was developed through reverse engineering of the WSC service and involves understanding how WSC verifies processes. It registers a phantom antivirus product using COM interfaces and undocumented Windows APIs, leading Windows to disable its built-in protection. The tool requires administrative privileges to operate and adds itself to autorun to maintain its functionality after a reboot. Security experts express concern about its potential misuse by malware authors, while it also provides insights into vulnerabilities in Microsoft’s security architecture.
Defendnot: A Tool That Disables Windows Defender by Registering as an Antivirus
Tech Optimizer
May 12, 2025

Defendnot: A Tool That Disables Windows Defender by Registering as an Antivirus

Cybersecurity developers have created a tool called defendnot, which disables Windows Defender by utilizing undocumented Windows Security Center (WSC) APIs. This tool is a successor to the no-defender project, which was taken down due to DMCA challenges. The developer reverse-engineered WSC’s validation algorithms and identified Taskmgr.exe as a suitable process to host the necessary code. Defendnot persists across reboots by adding itself to Windows autorun and can be managed via a command-line interface with options to disable Windows Defender and Windows Firewall. Unlike its predecessor, defendnot does not use third-party antivirus code. Security experts warn that disabling protection mechanisms should only be done in controlled environments by knowledgeable users.
The Search Stack That Nearly Broke Us — Until We Did This
Tech Optimizer
May 8, 2025

The Search Stack That Nearly Broke Us — Until We Did This

The initial architecture for the finlight.me real-time financial news API utilized Postgres full-text search, which was effective for early needs but faced limitations as article volume increased. Key challenges included performance degradation due to the inability to combine GIN indexes with regular B-Tree indexes, leading to slow query performance, especially with complex user queries and pagination. The decision was made to transition to OpenSearch for its optimized search capabilities while retaining Postgres as the source of truth for data integrity. Testing with OpenSearch revealed the need for production-grade resources, which led to a successful deployment that improved search response times significantly. The current architecture separates ingestion, storage, and retrieval responsibilities, with Postgres managing data storage and OpenSearch handling user-facing search queries. Regular snapshotting and thoughtful index management ensure resilience and scalability.
Google Play update may break apps on Android 12 and older
AppWizard
May 6, 2025

Google Play update may break apps on Android 12 and older

Google will implement an update to its Play Integrity API in May 2025, affecting devices running Android 12 or earlier. This update coincides with the end of security updates for these older versions, potentially leading to app failures and increased vulnerability to cyber threats. Developers will need to revise their applications to comply with the new API standards, while users on outdated systems may face degraded performance or complete app failures. The urgency to upgrade to Android 13 or newer is emphasized for both users and developers.
Search