caution Archives

AppWizard

June 22, 2025

All Minecraft players risk having money stolen in seconds in ‘undetected’ attack

Recent findings from CheckPoint Research indicate that millions of Minecraft players are at risk of having their sensitive information compromised due to a malicious campaign targeting the game's modding community. This campaign exploits the modding ecosystem by disseminating malware through platforms like GitHub, specifically using a network of accounts known as the Stargazers Ghost Network. These accounts impersonate popular cheats and scripts, misleading users into downloading harmful Java files that can extract personal information from their systems. Since March 2025, CheckPoint Research has been monitoring these malicious repositories, which have evaded detection by antivirus engines. The potential data at risk includes private conversations, cryptocurrency wallets, and browser logins. Additionally, a significant data breach has exposed approximately 16 billion logins for various platforms, increasing the urgency for users to protect their digital identities.

Winsage

June 21, 2025

Windows 11 finally gets a feature I’ve been begging Microsoft to add for years

Microsoft is set to introduce a feature for Windows 11 that allows users to adjust the placement of on-screen indicators, such as the volume control pop-up. This update aims to enhance customization options, which have been limited in previous Windows versions. Users will have a select few positions available for adjustment. The introduction of this feature has been positively received by some users, who express a desire for more control over their interface. However, there are concerns about other regressions in the Windows experience amidst these enhancements.

AppWizard

June 21, 2025

Understanding Android 14 Privacy Changes: Key Insights

The introduction of Android 14 features a sophisticated permissions model that requests app permissions only when needed, allowing users to choose between "approximate" and "precise" location access. Apps handling transactions must justify their need for real-time access. Background location usage must be disclosed in Play Store listings, and developers must complete Data Safety Forms. Android enforces scoped storage, isolating apps in sandboxed environments to reduce data leakage risks. Visual indicators for microphone and camera usage were introduced in Android 12, and Android 14 requires apps to specify the nature of access. In-app transactions in gaming apps must meet elevated security standards, including encryption and biometric logins, and undergo audits under PCI DSS. Background access for location services requires clear justification, and developers must submit a Permission Declaration Form. Google Play mandates disclosure of third-party SDKs and their data practices. User awareness is emphasized through concise permission dialogs and Data Safety summaries in Play Store listings. Secure login protocols like OAuth 2.0 are required for sensitive applications, with stronger encryption mandates. Apps for children must comply with COPPA and GDPR-K regulations, with manual reviews by the Play Store. Google's Privacy Sandbox initiative aims to enhance privacy in advertising practices, with expected rollout in 2024.

AppWizard

June 20, 2025

Dino Patti says Playdead is taking him to court

Dino Patti, co-founder of Playdead, is facing legal action from the company following a LinkedIn post he made about the game Limbo, which included an image that Playdead claims is unauthorized and owned by co-founder Arnt Jenson. Playdead is demanding 500,000 DKK (approximately ,000) in compensation from Patti. The tensions between Patti and Playdead have escalated since the launch of Inside in 2016, with Patti's credit recognition diminishing over time. Playdead's legal team has warned Patti that his use of the company's assets and disclosure of inside knowledge could constitute a breach of confidentiality. Patti has expressed a willingness to be transparent about the situation and indicated he may release materials related to Playdead's early years.

AppWizard

June 20, 2025

New Android 16 update could impact Dexcom G6 mobile app usage, Dexcom warns

Dexcom has warned that users of its G6 continuous glucose monitoring (CGM) app should avoid downloading the Android 16 operating system update, as it may disrupt app functionality. Users of the Dexcom G7 will not be affected by this update. The Android 16 update is currently available for select Android smartphones, and ignoring the warning could lead to issues with app performance critical for diabetes management.

AppWizard

June 20, 2025

Minecraft players warned of mods stealing passwords & personal data

A recent investigation by Check Point Research has revealed a campaign targeting Minecraft mods that could compromise players' personal information. The campaign, orchestrated by the Stargazers Ghost Network, exploits the modding ecosystem and platforms like GitHub to reach players. Malware disguised as popular scripts or cheats, specifically targeting mods like “Oringo” and “Taunahi,” is crafted in Java and requires the Minecraft runtime to execute. Once installed, these malicious files initiate a multi-stage attack, compromising systems and extracting sensitive data. Check Point Research has been monitoring fraudulent GitHub repositories since March 2025, noting their legitimacy and ability to evade antivirus detection. Potential data breaches include browser logins, cryptocurrency wallets, and private messages on platforms like Discord.

AppWizard

June 19, 2025

‘Stargazers’ use fake Minecraft mods to steal player passwords

A malware campaign targeting Minecraft players has been identified, utilizing malicious mods and cheats to infect Windows devices with infostealers that steal sensitive information, including credentials and cryptocurrency wallets. The campaign, orchestrated by the Stargazers Ghost Network, has been active on GitHub and has previously infected over 17,000 systems with a new type of malware. Researchers found around 500 GitHub repositories linked to this operation, disguised as Minecraft mods. The malware employs a Java-based loader that downloads a stealer targeting Minecraft account tokens and user data, as well as Discord and Telegram tokens. It also includes a .NET-based stealer called '44 CALIBER,' which collects data from browsers, VPNs, and applications like Steam and Discord. The stolen data is sent via Discord webhooks, indicating a potential Russian origin for the operators. To protect against these threats, players are advised to download mods from reputable sources and use separate accounts for testing.

AppWizard

June 19, 2025

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Check Point researchers have discovered a malware campaign targeting Minecraft users, utilizing a distribution-as-a-service model called Stargazers. This malware, disguised as cheat tools, employs Java and .NET stealers to compromise player systems. The attackers have been active since March 2025, using GitHub repositories that appear to offer legitimate mods but contain malicious JAR files. The infection process begins with the installation of a compromised JAR file, which triggers a multi-stage attack that extracts sensitive data from Minecraft and Discord, as well as broader information like browser credentials and cryptocurrency wallet details. The malware is linked to Russian-speaking threat actors, and the Stargazers Ghost Network is identified as the distributor. The report highlights the need for caution when downloading third-party content in gaming communities.

AppWizard

June 17, 2025

How to neutralize corrupted items in FBC: Firebreak

The Black Rock Neutralizer is a special weapon in FBC: Firebreak essential for neutralizing corrupted items that complicate gameplay. Players can typically find it at ammo collection points or in safe rooms, which require unlocking. It fires stones to destroy corrupted items, rewarding players with samples. The weapon has limited ammo that cannot be replenished, so it should not be used on regular enemies. If players run out of ammo, they will have to deal with the corrupted modifiers without the weapon's help.

AppWizard

June 17, 2025

What’s the best Crisis Kit to pick in FBC: Firebreak?

The game FBC: Firebreak allows players to choose from three Crisis Kits at the start, which can be switched in the loadout menu for strategic flexibility. Players engage in tasks within the Federal Bureau of Control, using the unique abilities of each kit: the Fix Kit for repairs, the Jump Kit for energizing devices, and the Splash Kit for extinguishing fires. The Fix Kit is identified as the most versatile, particularly effective during the Hot Fix job, featuring a wrench that expedites tasks, a Swivel Cannon for damage, and an ultimate upgrade that creates a whirlwind effect. The Splash Kit provides healing and fire extinguishing capabilities but is limited in job scenarios. The Jump Kit is considered less effective, with abilities that often fail to perform as intended, despite having a powerful ultimate augment.