Chrome

AppWizard
July 10, 2025
Google has introduced the Android Canary Release Channel, a new testing environment for developers to access early test builds and upcoming features of Android. This channel is available for Pixel devices, including the Pixel 6 series to Pixel 9, and offers tools for developing features in Wear OS 6. Developers can flash the latest Canary build or use the Android Emulator via Android Studio, with future updates expected to roll out monthly. Opting out of the channel requires a complete data wipe of the device. The Android Canary channel will have a more measured update schedule compared to Chrome Canary, which receives daily updates.
Winsage
July 10, 2025
Microsoft released patches for 130 vulnerabilities in the July 2025 Patch Tuesday update. Notable vulnerabilities include CVE-2025-49719, an uninitialized memory disclosure in Microsoft SQL Server, and CVE-2025-47981, a wormable remote code execution flaw in Windows. CVE-2025-49719 is assessed as having "unproven" exploit code, while CVE-2025-47981 has a high likelihood of exploitation within 30 days. Other vulnerabilities include CVE-2025-49717, a buffer overflow in SQL Server, and CVE-2025-49704, which allows code injection in SharePoint. Additionally, updates address vulnerabilities in Windows Routing and Remote Access Service (RRAS) and Microsoft Edge, including CVE-2025-6554, which has been actively exploited. Administrators are advised to prioritize patching internet-facing assets and consider additional mitigations for RRAS vulnerabilities.
AppWizard
July 9, 2025
A new Android vulnerability named TapTrap allows malicious applications to bypass the operating system's permission system without requiring special permissions. It exploits activity transition animations to mislead users into granting sensitive permissions or executing harmful actions. Researchers from TU Wien analyzed 99,705 applications on the Google Play Store and found that 76.3% are susceptible to this attack. TapTrap uses low-opacity animations (approximately 0.01 alpha) to make sensitive permission dialogs nearly invisible while still registering touch events. The attack can last up to six seconds and can lead to unauthorized access to critical functionalities like the camera and microphone, and even device administrator privileges. TapTrap bypasses existing defenses against tapjacking in Android, affecting popular web browsers as well. A user study showed that all participants failed to detect at least one variant of the attack. As of June 2025, Android 15 remains vulnerable, with no timeline for a comprehensive fix. The vulnerability has been assigned two CVEs, and researchers disclosed their findings to Google in October 2024. They propose solutions to mitigate the risks, including blocking touch events during low-opacity animations and setting an opacity threshold of 0.2.
AppWizard
July 9, 2025
A technique for Android devices called TapTrap allows malicious applications to intercept user taps without requiring special permissions. It uses transparent screen transitions to mislead users into triggering hidden actions. Devices running Android versions 15 and 16 are particularly vulnerable. TapTrap operates by overlaying a nearly transparent screen on top of another application, making it appear as if users are interacting with one app while their taps are registered by the hidden screen. A study of around 100,000 Android applications revealed that approximately 76 percent contained screens vulnerable to TapTrap. The researchers successfully executed the attack on a Google Pixel 8a running Android 16. Google has acknowledged the issue and plans to include a fix in a future software update, but no specific timeline has been provided. Users can enhance their security by disabling animations in their system settings.
Winsage
July 9, 2025
Microsoft has released the KB5062554 cumulative update for Windows 10 22H2 and 21H2, which includes thirteen new fixes and enhancements. This mandatory update addresses one critical zero-day vulnerability and 136 other flaws, and users can install it by checking for updates in the Windows Update settings. After installation, Windows 10 22H2 will be updated to build 19045.6093 and Windows 10 21H2 to build 19044.6093. The update features various fixes, including issues with the Start Menu, file server responsiveness, and USB-connected printers. A known issue with the update is that NOTO fonts may appear blurry at 96 DPI, particularly affecting CJK text in Chromium-based browsers, with a suggested workaround of adjusting display scaling to 125% or 150%.
AppWizard
July 8, 2025
Google is planning to enhance its Play Protect service by potentially adding scanning capabilities for Progressive Web Apps (PWAs) and WebAPKs during installation to improve user security against malicious threats. Recent code discoveries indicate that Google intends to enable verification for PWAs, as suggested by a code snippet found in the Google Play Store version 46.9.20-31. PWAs can be installed on devices through an "Add to Home screen" option, and when done via Chrome on Android, they receive a WebAPK, which integrates them more deeply into the Android ecosystem. Code snippets hinting at WebAPK scanning have also been uncovered, indicating a response to reports of malicious use of PWAs and WebAPKs for phishing schemes. However, the implementation of these scanning features has not been officially announced, and their availability remains uncertain.
Tech Optimizer
July 8, 2025
Nearly a dozen malicious extensions in Google’s Chrome Web Store have collectively received 1.7 million downloads. These extensions can track browser activity, redirect users to harmful websites, and include various types such as VPNs and weather tools. Koi Security reported these extensions to Google, resulting in the removal of some, but others remain available. Users are advised to monitor their online activities and utilize antivirus software for protection.
AppWizard
July 8, 2025
AI applications are gaining popularity among Android users in India, transforming content creation, communication, and leisure activities. A list of seven notable AI applications includes: 1. CapCut AI Tools - Evolved from a video editor to a tool for content creators with features like script-to-video conversion and automatic captioning. 2. Picsart AI Photo Studio - Offers AI background removal, text-to-image generation, and various filters, catering to digital artists and marketers. 3. Reface AI - Known for face-swapping and animated avatars, utilizing advanced AI face-tracking technology. 4. AI Mirror - Converts photos into stylized anime or fantasy portraits, popular among Gen Z users. 5. Lensa AI - Features intelligent retouching and portrait enhancement, particularly for profile pictures and dating apps. 6. YouTube Summarized - Summarizes lengthy videos into concise bullet points, useful for students and news enthusiasts. 7. Pi AI - Engages users in a conversational style with emotional intelligence, suitable for journaling and self-reflection.
Winsage
July 8, 2025
Microsoft has announced significant enhancements to the Edge browser, achieving a First Contentful Paint (FCP) of under 300 milliseconds, which improves user interface responsiveness. This performance metric indicates that the browser can display initial website elements in less than 300 milliseconds. Microsoft emphasizes that waiting longer than 300 to 400 milliseconds can negatively affect user satisfaction. Edge currently holds less than five percent of the global browser market share, while Chrome has 68 percent. Recent upgrades include faster downloads, browsing history, and private tabs, with improvements to 13 additional features. Microsoft plans to introduce further performance enhancements targeting Print Preview and Extensions in the coming months.
Search