bypass Archives

AppWizard

June 9, 2025

Pixel VIPs app makes an early appearance on the Play Store

The Google Pixel VIPs app has launched on the Play Store for select Pixel phone users, serving as a precursor to the upcoming Pixel VIPs home screen widget. This widget aims to consolidate information about preferred contacts into a single interface. The app allows users to connect with important contacts, view their last call and message, real-time location, and activity suggestions. It also enables selected contacts to bypass Do Not Disturb mode. The widget will support up to eight contacts, include birthday reminders, and offer notes functionality, with indications of WhatsApp integration. However, downloading the app does not currently provide access to the Pixel VIPs widget, which will require a future update or server-side change.

Winsage

June 8, 2025

Windows 10 is ending: How to install Windows 11 on an unsupported PC

Support for Windows 10 will officially conclude in October 2025, prompting users to seek alternative solutions for security and updates. Users with devices that do not meet Windows 11 requirements can install it on unsupported hardware using a tailored ISO and a tool called MicroWin. To create a personalized Windows 11 image, users must run a command in the Windows terminal to activate WinUtil, which allows downloading the latest official ISO from Microsoft. Users can customize their installation settings and generate a modified, lighter ISO. After creating the ISO, it can be transferred to a USB drive for installation. This method helps extend the lifespan of older PCs as users transition from Windows 10.

Winsage

June 6, 2025

Microsoft Issues Critical Windows Update—Do Not Delete This

Users may face a significant vulnerability related to a Windows update from April 2025, particularly concerning the "inetpub" folder, which is essential for the security of Windows 11 systems. Microsoft clarified that this folder, linked to Internet Information Services (IIS) and necessary for hosting capabilities, should not be deleted. If users have removed the folder, they must restore it to address the security patch for CVE-2025-21204, as its absence can lead to risks such as privilege escalation and unauthorized access. Microsoft has provided a PowerShell script to restore the folder without enabling IIS, and users are advised to follow specific commands to execute the fix. However, many users may not take action, leaving their systems vulnerable.

Winsage

June 6, 2025

Your Windows PC might be at risk if you deleted the “inetpub” folder, but there’s a fix

Windows users have encountered a new "inetpub" folder on their primary drive after the April 2025 Patch Tuesday update. This folder is empty and occupies no storage space, but many users have deleted it out of concern. Microsoft has stated that the folder is part of a security patch for vulnerability CVE-2025-21204 and should not be removed, as it is linked to Internet Information Services (IIS). Users can restore the folder using a PowerShell script if they have deleted it. The folder addresses a security flaw related to improper link resolution that could allow local attackers to manipulate files. Instructions for restoring the folder include running PowerShell as Administrator, allowing signed scripts, downloading a specific script, and applying the fix.

AppWizard

June 4, 2025

Meta found ‘covertly tracking’ Android users through Instagram and Facebook

Experts at Radboud University and IMDEA Networks found that Meta and Yandex have been covertly tracking Android users by monitoring browser activity without consent. This tracking was first identified in January and involves apps like Facebook, Instagram, and Yandex Maps operating in the background and loading scripts that transmit data back to their respective apps. These scripts bypass Android's security measures, allowing the companies to track users' web browsing activities. The tracking affects all major Android browsers, including incognito mode. Google confirmed that Meta and Yandex exploited Android's capabilities in violation of security and privacy principles. Meta is investigating the issue and has paused the feature, while Yandex claims to adhere to data protection standards. Meta's tracking has been ongoing for about eight months, while Yandex's practices date back to 2017. Facebook tracked users on around 16,000 websites in the EU, and Yandex was active on 1,300 sites. Google has begun implementing changes to address these tracking techniques and is conducting its own investigation. Browsers like Firefox, Microsoft Edge, and DuckDuckGo are also affected, with efforts underway to prevent future incidents.

Tech Optimizer

June 4, 2025

Do I need an antivirus and a VPN?

Reliance on antivirus software for device protection is common, but certain threats, especially ransomware, can bypass even the best solutions. Cybercriminals have shifted tactics from encrypting data for ransom to exfiltrating sensitive information and threatening to leak it. The availability of ransomware kits and the use of AI by attackers have made cybercrime more accessible and targeted. Remote work environments increase vulnerabilities, as hackers exploit unsecured networks and personal devices. Antivirus software can help protect against malware and viruses, but built-in solutions often lack comprehensive security. A high-quality antivirus program can enhance protection through advanced features and AI. A Virtual Private Network (VPN) encrypts data and secures internet traffic, making it a valuable tool for cybersecurity. Implementing a VPN is cost-effective compared to potential data breach costs. Using both a VPN and antivirus software is essential for comprehensive coverage, as they address different security aspects. Businesses may need advanced endpoint protection solutions for heightened security, which continuously scans for suspicious behavior and integrates multiple security features. Despite these tools, proper personal practices and cybersecurity awareness are crucial to minimize vulnerabilities and human error, which is a leading cause of cyberattacks.

AppWizard

June 4, 2025

Meta Pixel halts Android localhost tracking after disclosure

Security researchers have found that Meta and Yandex used native Android applications to access localhost ports, allowing them to link web browsing data with user identities and bypass privacy protections. Following these findings, Meta stopped its data transmission to localhost and removed much of the tracking code to comply with Google Play policies. A report from researchers at IMDEA Networks, Radboud University, and KU Leuven detailed how apps like Facebook and Instagram collected web cookie data via the loopback interface. This method allowed the companies to associate browsing sessions with user identities, undermining privacy measures. Meta's tracking process involved the Meta Pixel script, which transmitted cookies to native apps through various protocols. Meta began using this technique in September 2024 but ceased these practices by June 3rd, 2025. Yandex's localhost tracking dates back to 2017, and while they did not respond to inquiries, browser vendors have implemented mitigations against these practices. Proposed solutions include a new permission for local network access to prevent such tracking in the future.

AppWizard

June 2, 2025

Explore New Worlds and Sounds: How to Safely Download Minecraft APK and Spotify Premium APK

Smartphones are essential for accessing creative and entertainment applications like Minecraft and Spotify. The Minecraft APK allows users to play the game on unsupported devices, access updates without delays, and experiment with mods. The Spotify Premium APK enables ad-free streaming, offline downloads, and superior sound quality. Safe downloading involves choosing trusted sources, enabling "Unknown Sources" in device settings, installing cautiously while monitoring permissions, and keeping the device updated to prevent vulnerabilities.

AppWizard

June 2, 2025

Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection

Significant vulnerabilities have been identified in pre-installed applications on Ulefone and Krüger&Matz Android smartphones, disclosed on May 30, 2025. Three vulnerabilities affect these devices, including CVE-2024-13915, which targets the com.pri.factorytest application, allowing unauthorized factory resets. CVE-2024-13916 and CVE-2024-13917 affect the com.pri.applock application on Krüger&Matz smartphones, enabling malicious apps to extract user PIN codes and inject arbitrary intents. These vulnerabilities stem from improper export of Android application components, allowing malicious applications to bypass Android’s permission model. Users are advised to check for updates and consider disabling vulnerable applications.

Tech Optimizer

June 2, 2025

Hackers Allegedly Selling Windows Crypter Claims Bypass of All Antiviruses

Underground cybercriminal forums are seeing an increase in advanced malware tools, including a Windows crypter that claims to bypass major antivirus solutions. This crypter is marketed as fully activated and capable of achieving Full Undetectable (FUD) status against contemporary antivirus engines. It employs advanced obfuscation techniques to evade detection, including code injection methods, entropy manipulation, and anti-debugging features. The tool allows for granular control over obfuscation parameters, enabling customization for specific target environments. The rise of such sophisticated evasion tools poses challenges for traditional endpoint security, making organizations vulnerable if they rely solely on signature-based antivirus solutions. To defend against these threats, organizations should adopt multi-layered security architectures, including behavioral analysis and endpoint detection and response (EDR) solutions.