application Archives

AppWizard

June 24, 2026

Morphe v1.32.0 brings back a heavily missed YouTube feature

Morphe has released its v1.32.0 patch bundle, which includes interface enhancements and bug fixes. Key features include a settings toggle to revert to the previous video action bar layout, restoring the dislike counter on YouTube (as estimates), and the option to hide the “Connect” button. Users can filter comments using a keyword-based comment blocker and open videos in fullscreen mode. The update also enhances the top toolbar with options to hide the Cast and live Chat buttons. Compatibility updates include experimental support for Reddit (version 2026.25.0), YouTube Music (version 9.24.51), and YouTube (version 21.25.523). Bug fixes address issues with link redirects, app crashes in tablet mode, player popup panels, and playback issues in YouTube Music. The update is available through the Morphe Manager application.

AppWizard

June 24, 2026

This open source app unlocks the Fitbit Air’s premium features at no cost

The Fitbit Air is a screenless fitness wearable that allows users to subscribe to Google Health Premium for advanced health insights. An open-source desktop application named OpenFit, created by developer Flavio Adamo, replicates Google Health Premium's functionalities for free, providing comprehensive health data analysis from the Fitbit Air. OpenFit uses ChatGPT Codex to enhance user experience by interpreting health data. Another developer, Francesco Oddo, has created a similar open-source app, and both are considering collaboration. Users of Fitbit Air can access a three-month free trial of Google Health Premium, and subscribers to Google AI Pro and AI Ultra plans can use the service at no cost.

AppWizard

June 24, 2026

Government’s homegrown messaging app ‘NepaConnect’ appears on google play store

A government-developed messaging application named NepaConnect has been launched on the Google Play Store, aiming to provide a secure internal communications platform for state officials in Nepal. The initiative, disclosed by Finance Minister Dr. Swarnim Wagle, involves the creation of a sovereign digital infrastructure with a team of around 80 technical professionals. NepaConnect features include encrypted communication, document sharing, secure file storage, location sharing, voice messaging, document scanning, meeting scheduling, AI integration, status feeds, and ride-management services. The app is designed to centralize various workplace functions and reduce reliance on foreign communication platforms. However, details about its security standards, encryption protocols, and overall transparency remain limited. Currently, the application is in early development stages, with some features incomplete or non-functional. The future success of NepaConnect will depend on factors such as cybersecurity, user adoption, and the government's ability to encourage civil servants to switch from existing platforms.

AppWizard

June 24, 2026

I finally found the best personal knowledge management tool on Android after years of switching back and forth

The author explored various personal knowledge management (PKM) tools on Android and initially avoided Obsidian due to dissatisfaction with its earlier mobile app versions, which felt cramped and outdated. However, after revisiting the redesigned Obsidian app, they appreciated its modern user interface and improved usability. Obsidian's use of plain Markdown files allows for better file management and future-proofing of notes. The app supports both quick capture of ideas and deeper exploration through linking notes and creating a cohesive knowledge base. Features like Quick Note, Daily Note widget, and Graph View enhance its functionality. Data syncing requires some setup, with options for Obsidian Sync or third-party solutions. Ultimately, Obsidian stands out as a customizable and long-lasting PKM tool for the author’s workflow.

Winsage

June 24, 2026

Windows RAT Uses Encrypted HTTP C2 and Registry Persistence After npm Infection

A malware campaign targets Windows systems through a malicious npm package named postcss-minify-selector-parser, which mimics the legitimate postcss-selector-parser. This counterfeit package installs a Remote Access Trojan (RAT) on developer machines, beginning with a multi-stage attack triggered by the installation of the package. The RAT can steal credentials, execute shell commands, and communicate with a remote attacker. Security researchers at JFrog identified this threat and reported it on June 22, 2026, noting that two additional related packages, postcss-minify-selector and aes-decode-runner-pro, are linked to the same publisher and remain live on the npm registry. The RAT employs encrypted HTTP communication with a command-and-control (C2) server and ensures persistence by creating a registry key under the Windows Run key. It has capabilities for remote shell execution, file uploads and downloads, and can steal saved login data from Google Chrome using Windows decryption APIs. The malware is designed for organized batch exfiltration of stolen data. Indicators of compromise include specific IP addresses, domains, file paths, and SHA-256 hashes associated with the malware components. JFrog advises users to remove the malicious packages, inspect their dependency trees, and treat any stored credentials as compromised.

AppWizard

June 23, 2026

Leaked Google Pixel ‘Audio Memory’ poised to remember what you’ve heard

Google is developing a feature called "Audio Memory" for its Pixel phones, which aims to enhance user experience by capturing music and significant conversations, potentially transcribing them for future reference. This feature will allow users to recall music they've encountered and may transcribe important discussions to create notes. The discovery of Audio Memory was made during an exploration of the latest Android System Intelligence for Pixel devices, enhancing the existing "Music Recognition" capability. Google envisions Audio Memory as a tool to track what users hear throughout the day, although details on its application remain uncertain. Additionally, Google has introduced memory features in its Gemini app that leverage users' personal context to recall previous discussions. Concerns about privacy are anticipated, and Google is expected to implement controls for managing what devices remember.

AppWizard

June 23, 2026

I found an Android app that makes using my phone one-handed so much easier

Accessibility features in smartphones are crucial for users with vision, hearing, or mobility impairments. Quick Cursor: One-Hand Aid is an Android application designed to assist individuals with dexterity challenges by providing a virtual mouse pointer that can be controlled from a designated area on the screen. Users can adjust the pointer's height to improve reachability for tapping icons or buttons. The app is available in free and paid versions, with the Pro version costing .99 for additional features. To use Quick Cursor, users set up a trigger area on their device, which can be adjusted in size and position. The app supports both portrait and landscape orientations and offers customization options like cursor speed. Users activate the cursor by swiping from the trigger area and can easily navigate the screen. Quick Cursor enhances usability, particularly for those with mobility challenges, making it easier to operate larger smartphones with one hand.

AppWizard

June 23, 2026

Google is putting more of Gemini’s best features right at your fingerprints

Google has updated its Gemini overlay, introducing an expanded Plus (+) menu that includes new tools such as video generation, music creation, Canvas, and Guided Learning. The redesigned layout allows users to perform common actions directly from the overlay, enhancing accessibility and usability. The Plus (+) button now serves as a more robust entry point, although the repositioning of the feature carousel may slightly hinder one-handed usability on larger devices. Familiar shortcuts like Photos, Camera, Files, and Drive remain, ensuring continuity for users. The updated overlay integrates more deeply into the Android ecosystem, reducing the need to launch the main app and aiming to make Gemini a more integral part of users' daily tasks.

Tech Optimizer

June 23, 2026

Active Exploitation of Critical CVE-2026-20253 in Splunk Enterprise: Unauthenticated RCE via PostgreSQL Sidecar Service

A critical security vulnerability, SVD-2026-0603 (CVE-2026-20253), has been identified in Splunk Enterprise versions 10.0.0 through 10.0.6 and 10.2.0 through 10.2.3. This flaw allows unauthenticated, remote attackers to create or truncate arbitrary files on the host system by exploiting the PostgreSQL Sidecar Service endpoints. The vulnerability is actively exploited, with public proof-of-concept code available, and has been added to the CISA Known Exploited Vulnerabilities (KEV) list. Successful exploitation can lead to full remote code execution (RCE) as the Splunk user. The vulnerability arises from inadequate authentication controls on the PostgreSQL Sidecar Service endpoints, specifically /v1/postgres/recovery/backup and /v1/postgres/recovery/restore, which are accessible without authentication. It is classified under CWE-306: Missing Authentication for Critical Function and has a CVSS v3.1 base score of 9.8 (Critical). Attackers can exploit the vulnerability by sending crafted HTTP POST requests to the exposed endpoints, allowing them to create or truncate files and potentially execute malicious scripts. Indicators of compromise include unexpected files in directories such as /tmp/ or /opt/splunk/var/run/supervisor/pkg-run/, modified Splunk Python scripts, and unusual outbound connections from Splunk to unknown PostgreSQL servers. The vulnerability aligns with several MITRE ATT&CK techniques, including T1190 (Exploit Public-Facing Application) and T1059 (Command and Scripting Interpreter). Active exploitation of CVE-2026-20253 has been confirmed, and it is likely that both opportunistic cybercriminals and sophisticated threat actors will use this exploit. The affected versions of Splunk Enterprise are 10.2.0 through 10.2.3 and 10.0.0 through 10.0.6, with the issue resolved in versions 10.2.4 and 10.0.7. Organizations are advised to upgrade to fixed versions or disable the PostgreSQL Sidecar Service as a mitigation strategy.

AppWizard

June 22, 2026

Gemini overlay gets expanded ‘plus’ menu to do more without opening app

Google has updated the Gemini overlay on Android, introducing an expanded plus menu that now includes Videos, Music, Canvas, and Guided Learning, in addition to the existing Images and Personal Intelligence tools. Deep Research remains exclusive to the full app due to its requirement for a larger prompt box. The top section of the interface, including Screen, Photos, Camera, Files, Drive, and Notebooks, remains unchanged, but the repositioning of the carousel may affect one-handed usability. These enhancements allow users to access most of the Gemini experience seamlessly across Android devices without launching the full application. The changes are being rolled out with stable version 17.32 of the Google app.