breach Archives

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

Tech Optimizer

February 24, 2026

Hackers Are Using Fake Invitations to Take Over Your PC

Cybercriminals are sending counterfeit email invitations that, when clicked, install a backdoor on the victim's computer, allowing hackers full control. The scam often involves downloading a file named “invites.msi,” which is a Windows Installer package. This file can install ScreenConnect, a legitimate remote support tool that can be exploited by attackers to monitor screens, access files, and deploy additional malware. Many security engines fail to flag this software as malicious, making it difficult to detect. If someone suspects they have fallen victim to this scam, they should disconnect from the internet, check for and uninstall any remote management software, run a comprehensive antivirus scan, change passwords for critical accounts, enable two-factor authentication, inform their IT department if applicable, and consider performing a full Windows reset. The scam originated from a compromised email account, which was used to send the malicious link to contacts. Implementing two-factor authentication and using a password manager can help prevent such incidents. Users should be cautious of any email invitations that require downloading and running installer files.

BetaBeacon

February 24, 2026

RAINBOW SIX Goes Mobile Worldwide And Is Now Available On iOS And Android

Ubisoft has launched Rainbow Six Mobile worldwide, a free-to-play first-person shooter game that brings the tactical intensity of Rainbow Six Siege to iOS and Android devices.

AppWizard

February 21, 2026

Unsecured AI apps are leaking personal data of Android users

Many unregulated or inadequately secured AI applications on platforms like the Google Play store pose significant privacy risks to users. A specific Android application, "Video AI Art Generator & Maker," linked to a data leak, compromised 1.5 million user images, over 385,000 videos, and millions of AI-generated media files due to a misconfiguration in a Google Cloud Storage bucket. Another app, IDMerit, exposed sensitive know-your-customer data from users in 25 countries, including full names, addresses, birthdates, IDs, and contact information, totaling a terabyte of data. Both developers addressed the vulnerabilities after being alerted by researchers. However, cybersecurity experts warn that lax security among AI applications is a widespread issue, with 72 percent of analyzed Google Play apps exhibiting security flaws, including the practice of "hardcoding secrets" in their source code.

AppWizard

February 19, 2026

Android AI app exposes nearly 2m user files – including private videos

A privacy breach involving the "Video AI Art Generator & Maker" app has exposed millions of private user files due to a misconfigured Google Cloud Storage bucket lacking authentication. Since June 2023, approximately 8.27 million media files, including nearly 2 million original user-uploaded files, have become publicly accessible. This includes over 1.57 million private images, more than 385,000 personal videos, and millions of AI-generated assets. The app's developer, Codeway Dijital Hizmetler Anonim Sirketi, has fixed the configuration issue, but users remain at risk for phishing attacks, identity theft, and misuse of their private content. Legal experts suggest the app's privacy documentation may not comply with international standards like GDPR. Additionally, Codeway has a history of similar issues, as another app they developed also faced a security breach exposing 300 million messages from over 25 million users.

Tech Optimizer

February 17, 2026

Stay safe online with Bitdefender antivirus

Bitdefender is a cybersecurity company founded in 2001, known for its advanced, AI-powered threat prevention and user-friendly interface. It offers real-time protection, scheduled background scanning, and a straightforward installation process. Bitdefender does not disrupt app or device performance and currently provides a 50% discount on its security software compatible with Windows, Android, macOS, and iOS. The software includes antivirus, malware protection, data breach detection, identity protection, and a VPN with 200MB of traffic per day per device. A single account can secure up to three devices. Bitdefender Total Security protects against various online threats and includes a password manager and firewall, while Bitdefender Premium offers unlimited VPN access and the Scam Copilot AI assistant for enhanced security against scams. Users also have access to resources like user guides, video tutorials, and direct support through the Bitdefender Central mobile app.

AppWizard

February 15, 2026

Max Messenger: A fake data breach with genuine consequences?

A user claimed to have breached Max but later clarified that no large-scale breach or critical vulnerabilities were found. False claims about data breaches can cause significant reputational damage, as demonstrated by a Russian hacking group that falsely claimed to have accessed Epic Games' data, which was later admitted to be a ruse. Similarly, EuroCar reported that fake breach reports may have been generated by ChatGPT, misleading customers. Russian users are distrustful of the Max app, perceived as buggy and insecure. The Russian Federal Security Service blocked its integration with government services due to encryption concerns. Although the government pressures citizens to adopt Max, many may install it without using it regularly. There is skepticism among Russian citizens regarding the app's security, making them susceptible to damaging rumors. Future claims about Max Messenger data breaches are anticipated. Recommendations for organizations to protect against misinformation include maintaining a good reputation, being transparent if a breach occurs, and investing in digital forensics to counter false claims.

AppWizard

February 15, 2026

Why you need a VPN if you’re using ChatGPT or other AI chatbots

AI chatbots collect a significant amount of personal information, including email address, username, subscription plan, messages sent, responses generated, features used, timestamps, device/browser type, IP address, and any files or images shared. Although ChatGPT claims not to sell user data, the extensive data collected raises privacy concerns, especially in the event of a data breach. Users may not be fully aware of potential changes in data policies, which could allow for future selling or misuse of their data. To protect their data while using chatbots, individuals are advised to utilize a VPN service.

Winsage

February 13, 2026

Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities

Security researcher Wietze Beukema revealed vulnerabilities in Windows LK shortcut files at the Wild West Hackin' Fest, which could allow attackers to deploy harmful payloads. He identified four undocumented techniques that manipulate these shortcut files, obscuring malicious targets from users. The vulnerabilities exploit inconsistencies in how Windows Explorer handles conflicting target paths, allowing for deceptive file properties. One technique involves using forbidden Windows path characters to create misleading paths, while another manipulates LinkTargetIDList values. The most sophisticated method alters the EnvironmentVariableDataBlock structure to present a false target in the properties window while executing malicious commands in the background. Microsoft declined to classify the EnvironmentVariableDataBlock issue as a security vulnerability, stating that exploitation requires user interaction and does not breach security boundaries. They emphasized that Windows recognizes shortcut files as potentially dangerous and provides warnings when opening them. However, Beukema noted that users often ignore these warnings. The vulnerabilities share similarities with CVE-2025-9491, which has been exploited by various state-sponsored and cybercrime groups. Microsoft initially did not address CVE-2025-9491 but later modified LNK files to mitigate the vulnerability after it was widely exploited.

AppWizard

February 13, 2026

Promising good old fashioned co-op FPS action, Half-Life remake dev’s Rogue Point has finally hit early access

Rogue Point is a co-op, PvE FPS game developed by the creators of the Black Mesa Half-Life remake, recently launched in Steam Early Access. Players form squads of up to four resistance fighters against mercenaries hired by wealthy backers. Missions include objectives like eliminating targets, gathering intelligence, and rescuing hostages, with success yielding cash rewards for loadout improvements. The game features a Dead Drop mechanic for acquiring new gear without real-money transactions. Gameplay emphasizes tactical realism and strategic movement, with elements reminiscent of games like Ready or Not and Rainbow Six Siege, while also incorporating chaotic enemy types. Rogue Point is currently priced at .99 / £14.44, with a 20% discount for its first two weeks.