browsers Archives

Tech Optimizer

March 27, 2026

Bogus Avast website fakes virus scan, installs Venom Stealer instead

A deceptive website impersonating Avast antivirus tricks users into downloading Venom Stealer malware, which steals passwords, session cookies, and cryptocurrency wallet information. The site conducts a fake virus scan, falsely reporting threats to encourage users to download a malicious file named Avastsystemcleaner.exe. This file mimics legitimate software and operates stealthily, targeting web browsers to harvest credentials and session cookies. It also captures screenshots and sends stolen data to the command-and-control domain app-metrics-cdn[.]com via unencrypted HTTP. The malware employs evasion techniques to avoid detection and is part of a long-standing cybercrime tactic that exploits user trust in security software. Indicators of compromise include the file hash SHA-256: ecbeaa13921dbad8028d29534c3878503f45a82a09cf27857fa4335bd1c9286d, the domain app-metrics-cdn[.]com, and the network indicator 104.21.14.89.

Winsage

March 24, 2026

I’m seriously tempted to drop Microsoft Edge after the latest Firefox update

Mozilla Firefox has released version 149, which includes features such as Split View, a free VPN for public Wi-Fi, enhanced PDF performance, and improved security measures that block notifications and revoke permissions on malicious websites. Firefox allows users to easily disable all AI features with a single switch, while Microsoft Edge requires users to navigate through multiple settings. Firefox is available for download on its website and the Microsoft Store.

Winsage

March 23, 2026

The latest AI-integrated Windows OS is only $13 for a bit longer

Microsoft Windows 11 Pro is available for .97, down from its regular retail price of 9. The operating system features a modern interface with a centered taskbar, revamped menus, enhanced search functionalities, and productivity tools like Snap Layouts. It includes advanced security features such as BitLocker encryption, biometric login options, and TPM 2.0 protection. The integration of Microsoft's AI assistant, Copilot, helps users summarize information, answer queries, and assist with writing or coding tasks. The upgrade is cost-effective for compatible PCs.

Tech Optimizer

March 19, 2026

ClickFix Lures Power LeakNet’s Growing Ransomware Attack Chain

The ransomware group LeakNet has evolved its tactics, increasing its average targets from three per month and shifting from purchasing stolen network access to launching its own campaigns. They now use deceptive error screens and a new tool that executes malicious code in a computer's memory. Their strategy includes ClickFix lures, which compromise legitimate websites to display fake security checks, tricking users into executing malicious commands. This method broadens their victim reach and reduces costs. The Deno loader, part of this strategy, collects machine information and retrieves additional malicious code without leaving standard files, making detection difficult. After infiltrating a network, LeakNet checks for active user credentials and uses PsExec for lateral movement, employing Amazon S3 buckets for payload staging and data exfiltration. Defenders are advised to monitor for suspicious behavior rather than just known malicious files, focusing on unusual web commands and unexpected cloud storage connections.

Winsage

March 19, 2026

Want to set up Windows like a power user? Start with these 4 tools

The command line on Windows can be intimidating for average users, but tools like Windows Terminal enhance its usability with features such as tabbed browsing and improved text rendering. Winget allows users to install multiple applications simultaneously in the background, streamlining the setup process for new PCs. Oh My Posh improves the PowerShell prompt by providing contextual information and customizable themes. Git enables users to track changes and revert mistakes in files, while the bat command allows for quick viewing of text files in the terminal with syntax highlighting. These tools collectively enhance the Windows user experience by making the command line more accessible and efficient.

Winsage

March 18, 2026

Thoughts About Switching ⭐️

Microsoft is tightening user freedoms in Windows 11, such as requiring a Microsoft account for access. While alternatives to Windows exist, the author finds Windows to be the superior choice for desktop productivity despite its challenges. The landscape of desktop operating systems is evolving, with mobile platforms incorporating desktop features, but options like Mac and Linux have their own challenges. User preferences vary, with some prioritizing smartphones over traditional computers. Change aversion affects users of all ages, making it difficult to embrace new workflows. The author has transitioned from Microsoft Word to Markdown for writing, highlighting the complexities involved in changing platforms.

Winsage

March 16, 2026

Microsoft has lost the plot: 5 Windows “features” nobody asked for

Windows 11 has faced criticism for design choices that prioritize corporate interests over user experience, including aggressive monetization strategies and privacy concerns. The Recall app was designed to take frequent screenshots of the desktop but functioned like a keylogger, leading to privacy issues. Initially set to be enabled by default on new Copilot+ PCs, backlash prompted Microsoft to make it an opt-in feature during setup, allowing users to uninstall it. Microsoft also introduced biometric encryption and moved screenshot processing to secure enclaves for data protection. The Start Menu has shifted to include third-party advertisements in the "Recommended" section, turning it into a platform for promotions rather than a personal navigation tool. Microsoft replaced the right Control or Menu key with a dedicated Copilot key, disrupting standard keyboard layouts and complicating workflows for users. Setting up a new PC now requires an active internet connection and a Microsoft account, making it difficult to operate without relinquishing digital identity. This change illustrates a shift towards subscription revenue and data collection. Windows 11 often ignores users' default browser choices, defaulting to Microsoft Edge and Bing for web searches initiated from the taskbar, reflecting a trend of prioritizing Microsoft's ecosystem over user autonomy. These developments indicate a strategy by Microsoft to erode user control, suggesting users are becoming products rather than customers as the company focuses on data collection and subscription services.

Winsage

March 14, 2026

Microsoft: Windows 11 users can’t access C: drive on some Samsung PCs

Microsoft is investigating an issue affecting some Samsung laptops running Windows 11, particularly after the February 2026 security updates, where users are losing access to their C: drive. This problem prevents them from launching essential applications and is reported to display an error message stating, "C: is not accessible – Access denied." The issue appears to be linked to specific Samsung software, with reports mainly coming from Brazil, Portugal, South Korea, and India, particularly involving the Samsung Galaxy Book 4. The problem is confined to Windows 11 versions 25H2 and 24H2. A workaround has been suggested that involves changing the ownership of the C: drive to the "Everyone" group, but this poses security risks, and users are advised to wait for an official fix from Microsoft.

AppWizard

March 13, 2026

The FBI is looking for victimized Steam users who downloaded games with hidden malware — Investigation underway into multiple infected titles from 2024 to 2026

The FBI is investigating malware-infested games on Steam that may have affected players between 2024 and 2026. Affected individuals are encouraged to come forward confidentially. Notable games under scrutiny include Chemia, Dashverse / DashFPS, Lampy, Lunara, PirateFi, Tokenova, and BlockBasters, the latter of which reportedly siphoned off ,000 in cancer donations from a streamer. Cybercriminals exploit players logged into multiple platforms, compromising their online presence and Steam libraries. Valve is working to combat these threats, but the volume of new releases can overwhelm their vetting system. The FBI urges reporting relevant information to assist in prosecuting offenders. Affected individuals can fill out a form on the FBI's website or email Steam_Malware@fbi.gov to report incidents.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.