NewApp Digest
search bot

attachments

Microsoft Patches Widely Exploited Windows LNK Zero-Day
Winsage
December 4, 2025

Microsoft Patches Widely Exploited Windows LNK Zero-Day

Cybercriminals are exploiting a vulnerability in Windows LNK (.lnk shortcut) files, identified as CVE-2025-9491, to deliver malware in targeted attacks. This flaw allows attackers to hide malicious commands within shortcut files, which execute when a user opens the crafted shortcut, leading to malware installation. The vulnerability has been actively exploited by at least 11 threat actor groups, including Evil Corp and Mustang Panda, with malware such as Ursnif and Trickbot being delivered through this exploit. Microsoft released a patch for this vulnerability in November 2025 after initially delaying it, citing the need for user interaction to trigger the exploit. Security recommendations include avoiding suspicious .LNK files, implementing strict email filtering, and applying the latest security updates.
Microsoft mitigates Windows LNK flaw exploited as zero-day
Winsage
December 3, 2025

Microsoft mitigates Windows LNK flaw exploited as zero-day

Microsoft has addressed a security vulnerability in Windows tracked as CVE-2025-9491, which allows malicious actors to embed harmful commands in Windows LNK files, requiring user interaction to exploit. Threat actors often distribute these files in ZIP formats to bypass email security. In March 2025, 11 hacking groups, including Evil Corp and Kimsuky, were actively exploiting this vulnerability using various malware payloads. Although Microsoft initially did not consider the issue urgent, it later modified the handling of LNK files in November updates to allow users to view the entire character string in the Target field. However, this change does not eliminate the malicious arguments embedded in the files. ACROS Security has released an unofficial patch that restricts shortcut target strings to 260 characters and alerts users about risks associated with long target strings, covering multiple Windows versions.
Wacatac Trojan: What Is It And How To Remove It
Tech Optimizer
December 3, 2025

Wacatac Trojan: What Is It And How To Remove It

The Wacatac Trojan is a type of malware first documented in January 2020, known for disguising itself as benign software to trick users into installation. It operates under various aliases, including Trojan:Script/Wacatac and Trojan:Win32/Wacatac, and can connect to Command-and-Control (C2) servers for remote manipulation. Its capabilities include stealing credentials, evading antivirus detection, creating or joining botnets, causing system damage, enabling spyware functions, acting as Remote Access Tools (RATs), and downloading additional malware. Symptoms of infection include sluggish performance, program failures, unexplained storage reductions, and unfamiliar processes. Wacatac spreads through unofficial software, malicious web pages, and phishing emails. Removal is best achieved using reputable antivirus software, while prevention involves avoiding questionable downloads, practicing good digital hygiene, keeping software updated, backing up data, and using quality antivirus solutions. False positives can occur, where legitimate programs are mistakenly flagged as Wacatac.
Fileless protection explained: Blocking the invisible threat others miss
Tech Optimizer
December 3, 2025

Fileless protection explained: Blocking the invisible threat others miss

Fileless malware operates within a computer's active memory, avoiding detection by traditional antivirus solutions that rely on file scanning. It uses legitimate tools like PowerShell to execute harmful commands without creating files, making it difficult to identify. Cybercriminals can use fileless malware for various malicious activities, including data theft and cryptocurrency mining. Malwarebytes combats fileless attacks through two defense layers: Script Monitoring, which intercepts potentially dangerous scripts at execution, and Command-Line Protection, which scrutinizes command-line tools for suspicious activities. Examples of fileless attacks include malicious email attachments activating PowerShell to download ransomware, hidden JavaScript on websites mining cryptocurrency, and attackers using Windows Management Instrumentation (WMI) to create backdoors. Malwarebytes' Fileless Protection operates automatically in the background, ensuring legitimate applications function normally while monitoring for threats. It is part of a comprehensive security framework that includes machine-learning detection and web protection, designed to stop attacks that do not write files. This protection is included with Malwarebytes Premium, aimed at safeguarding personal and small business systems.
Call of Duty Warzone is planning "frequent meta shake ups" with weapon balancing up to four times a season
AppWizard
November 29, 2025

Call of Duty Warzone is planning “frequent meta shake ups” with weapon balancing up to four times a season

Raven Software has announced its strategic vision for balancing gameplay in Call of Duty Warzone, focusing on a dynamic meta and prioritizing trade-offs over universal dominance. The developers plan to introduce open matchmaking and a new experience inspired by Blackout on the Avalon map in spring. They aim to implement up to four meta updates each season, enhancing build diversity and ensuring meaningful loadout choices. Attachments will now be limited to five per weapon, and the Overkill Wildcard will be a default benefit for all players. Raven is committed to balancing Warzone attachments independently from BO7 multiplayer, fostering meaningful trade-offs and preserving weapon category identities. The largest magazines for assault rifles will be capped at 60 rounds, and slug ammo for pump-action shotguns will allow for one-shot headshots within range. As of December 4, pistols will be removed from ground loot to improve recovery satisfaction.
Google could be secretly training Gemini to focus on user 'Projects'
AppWizard
November 26, 2025

Google could be secretly training Gemini to focus on user ‘Projects’

Google is developing a feature called "Projects" for the Gemini app, allowing users to focus the AI on a specific topic by uploading "up to 10" files and providing instructions. This feature is designed to help organize work and ideas, similar to OpenAI's "Projects in ChatGPT." Additionally, Google is reportedly looking to integrate NotebookLM into the Gemini app, enabling users to import their NotebookLM notebooks. Updates to Gemini are expected to include a more personalized experience based on user interests and search behaviors.
This new Android malware can control your phone and swipe your banking data
AppWizard
November 26, 2025

This new Android malware can control your phone and swipe your banking data

A new malware called Sturnus spreads through sideloaded APKs and can steal chats, banking information, and control devices. It reads decrypted chats, creates fake banking overlays, and can remotely access Android devices. Sturnus disguises itself with fake Android update screens, and users in Europe have already fallen victim to it. The malware is primarily spread through attachments sent via messaging applications and exploits Accessibility settings to read screen content and impose overlays on banking applications. Google has not detected this malware in the Google Play Store, thanks to Play Protect's scanning efforts. Users are advised to exercise caution when downloading APKs.
Apex Legends' new gun may be the most broken weapon in its history, but boy is it fun to shoot missiles from an SMG
AppWizard
November 25, 2025

Apex Legends’ new gun may be the most broken weapon in its history, but boy is it fun to shoot missiles from an SMG

The Bird of Prey is a new variant of the R99 introduced in Apex Legends' Mixtape mode, available in Care Packages during the Supersonic event. It features a unique ability to fire five homing missiles that deal an additional ten damage each when locked onto an enemy for a sufficient duration. The weapon is equipped with gold attachments and is designed to provide a tactical advantage similar to Valkyrie's abilities, but it has a brief recharge period. The Bird of Prey is not available in ranked matches or competitive formats. Its introduction has led to a chaotic gameplay experience, especially during endgames, but it is intended for casual play.
Gmail gives Android users a window into email attachments with this update
AppWizard
November 24, 2025

Gmail gives Android users a window into email attachments with this update

Gmail is rolling out an update for Android users that includes notification previews, allowing users to see email titles and attachment previews in the notification panel. A unified Purchases Tab will be introduced to track online orders, featuring an "Arriving Soon" section for order and tracking details. The Promotions tab will be updated to provide timely notifications about personalized offers. Additionally, a one-tap appointment booking feature will be integrated with Google Calendar, enabling users to manage appointments directly within Gmail and allowing Workspace customers to add booking pages to email drafts easily.
NotebookLM is so great, Google is adding even more ways to access it
AppWizard
November 24, 2025

NotebookLM is so great, Google is adding even more ways to access it

Google is enhancing its Gemini platform by integrating it with applications like Google Photos and Messages, and is considering adding NotebookLM as a Connected App. Currently, Gemini connects with YouTube Music and various Google Workspace applications. The anticipated NotebookLM feature may allow users to import notebooks into the Gemini chatbot, enabling interaction with notebook content without returning to the NotebookLM interface. Google is also exploring linking notebooks as attachments in the text input box of the chatbot. These enhancements aim to improve accessibility and productivity across devices.
Search