We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

coding practices

Surge in Android Malware Targets Banking Apps with NFC Fraud
AppWizard
August 14, 2025

Surge in Android Malware Targets Banking Apps with NFC Fraud

A new wave of Android malware is targeting banking applications, utilizing techniques such as NFC relay fraud, call hijacking, and root-level exploits. Variants like PhantomCard, SpyBanker, and KernelSU are designed to infiltrate devices and manipulate transactions in real time. PhantomCard mimics legitimate NFC payment processes, SpyBanker hijacks calls from financial institutions, and KernelSU exploits kernel vulnerabilities for persistent access. This malware has affected thousands of devices, with attackers using disguises on the Google Play Store and phishing campaigns. A related variant, Anatsa, impacted over 90,000 users through fake PDF applications. The rise of such malware correlates with the increasing adoption of contactless payments, particularly in Europe and Asia. Experts recommend that banks enhance their defenses with behavioral analytics and that users enable app verification. Additionally, malware like KernelSU allows evasion of detection by operating at the system's core. Cybersecurity firms suggest a multi-layered security approach, including device encryption and AI-driven threat detection, to combat these evolving threats.
AWS Open-Sources pgactive PostgreSQL Extension
Tech Optimizer
July 17, 2025

AWS Open-Sources pgactive PostgreSQL Extension

Amazon Web Services (AWS) has launched pgactive, an open-source extension for PostgreSQL that enables active-active replication, allowing databases to stream data asynchronously between instances. Announced in June 2025, pgactive was previously proprietary within AWS's Relational Database Service (RDS) and first appeared in late 2023. The extension supports conflict resolution and bidirectional data syncing, enhancing resiliency for high-availability applications. It is available under the Apache 2.0 license, encouraging community contributions and customization. Pgactive's architecture includes logical replication slots and customizable conflict handlers, essential for fault-tolerant systems. The open-source model promotes transparency and peer review, with potential integrations discussed in developer communities. The initiative aims to transform enterprise database replication and empower developers to innovate without vendor lock-in.
Critical PHP Vulnerabilities Expose Systems to SQL Injection & DoS Attacks
Tech Optimizer
July 5, 2025

Critical PHP Vulnerabilities Expose Systems to SQL Injection & DoS Attacks

A security vulnerability identified as CVE-2025-1735 in the PHP pgsql extension has been disclosed, classified with moderate severity. It arises from inadequate error checking during input data escaping, specifically the failure to pass error parameters to the PQescapeStringConn() function and not verifying NULL values from PQescapeIdentifier(). This flaw affects PHP versions prior to 8.1.33, 8.2.29, 8.3.23, and 8.4.10, allowing potential SQL injection attacks and application crashes due to null pointer dereferences. The vulnerability is linked to a recent PostgreSQL vulnerability (CVE-2025-1094) related to invalid multibyte character handling. Developers are urged to upgrade to patched releases to mitigate risks.
silver Android smartphone
Winsage
June 18, 2025

XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users

A cyber espionage campaign attributed to the XDSpy threat actor has been discovered, exploiting a zero-day vulnerability in Windows shortcut files identified as “ZDI-CAN-25373.” This vulnerability allows attackers to conceal executed commands within specially crafted shortcut files. XDSpy has primarily targeted government entities in Eastern Europe and Russia since its activities became known in 2020. Researchers from HarfangLab found malicious LNK files exploiting this vulnerability in mid-March, revealing issues with how Windows parses LNK files. The infection begins with a ZIP archive containing a malicious LNK file, which triggers a complex Windows shell command to execute malicious components while displaying a decoy document. This command extracts and executes a first-stage malware called “ETDownloader,” which establishes persistence and downloads a second-stage payload known as “XDigo.” The XDigo implant, written in Go, collects sensitive information and employs encryption for data exfiltration. This campaign represents an evolution in XDSpy's tactics, combining zero-day exploitation with advanced multi-stage payloads.
Preventing App-Based Threats on Android Devices
AppWizard
May 20, 2025

Preventing App-Based Threats on Android Devices

By 2025, the Android platform faces increasingly sophisticated app-based threats, including ransomware, fake apps, social engineering, and remote access attacks. Cybercriminals exploit Android's open architecture, prompting the need for advanced security measures. Android's security architecture includes: 1. Google Play Protect: Scans applications before installation using real-time machine learning to detect emerging malware and deceptive tactics. 2. Application Sandboxing: Isolates apps to prevent data access between them, utilizing Linux permissions and SELinux policies. 3. App Signing and Code Integrity: Requires cryptographic signatures for apps, complicating the introduction of rogue certificates and runtime modifications. Advanced protections include Runtime Application Self-Protection (RASP) for high-security apps, which monitors behavior in real time, and secure coding practices that encourage regular code reviews, strong authentication, and data encryption. User vigilance is crucial, emphasizing responsible downloading, limiting permissions, keeping software updated, enabling two-factor authentication, and being cautious with public Wi-Fi. Google continuously updates security measures, ensuring older devices receive new protections, while collaboration with the security community aids in identifying and countering emerging threats.
Mystery of the vanishing seaplane: why did Windows 11 24H2 cause the vehicle to disappear from Grand Theft Auto: San Andreas?
Winsage
April 25, 2025

Mystery of the vanishing seaplane: why did Windows 11 24H2 cause the vehicle to disappear from Grand Theft Auto: San Andreas?

A coding error within Grand Theft Auto: San Andreas caused the Skimmer plane to launch into the sky after the Windows 11 24H2 update. The issue was traced to an incorrect calculation for the vehicle's Z axis in the configuration file, which had gone unnoticed until the update changed how the game processed positioning values. Prior to the update, the game read values from a previous vehicle, but the update introduced a new platform that altered this behavior, resulting in the plane receiving an excessively high Z value.
Enhanced XCSSET Malware Targets MacOS Users with Advanced Obfuscation
Tech Optimizer
March 12, 2025

Enhanced XCSSET Malware Targets MacOS Users with Advanced Obfuscation

Microsoft Threat Intelligence has identified a new variant of the XCSSET malware targeting macOS, specifically aimed at software developers who share Xcode project files. This variant features enhanced obfuscation techniques, updated persistence mechanisms, and a four-stage infection chain that begins with an obfuscated shell payload activated during the building of an infected Xcode project. The malware communicates with a command-and-control (C2) server to download additional payloads and employs encoding methods to hinder detection. It checks the version of XProtect to evade detection and modifies shell configuration files for persistence. The final stage involves an AppleScript payload that collects system information and redirects logs to the C2 server. The malware includes sub-modules for various malicious activities, such as stealing system information and extracting digital wallet data. Although observed in a limited number of attacks, its advanced capabilities pose a significant threat to macOS users. Users are advised to exercise caution with Xcode projects, keep systems updated, and use robust antivirus software.
GitHub Copilot now available in Apple Xcode and Windows Terminal
Winsage
October 31, 2024

GitHub Copilot now available in Apple Xcode and Windows Terminal

Windows Terminal is a host application for command-line shells like Command Prompt, PowerShell, and bash through WSL, featuring multiple tabs and panes, Unicode and UTF-8 support, and customizable themes. GitHub Copilot is now integrated within Windows Terminal, allowing command suggestions and explanations through the Terminal Chat feature in Windows Terminal Canary, accessible to all Copilot users. Additionally, GitHub Copilot for Xcode has entered public preview, offering code completions, multi-language support, multiline suggestions, content filtering, and block suggestions matching public code. Microsoft has also introduced web search capabilities in GitHub Copilot Chat for VS Code, Visual Studio, and GitHub.com, enabling discussions about recent events and technologies for Copilot Business and Enterprise users.
CapraRAT malware targeting Android users with fake apps
AppWizard
July 4, 2024

CapraRAT malware targeting Android users with fake apps

A politically motivated threat actor known as Transparent Tribe, backed by the Pakistani state, has launched a new malware campaign targeting Android devices. The malware, called CapraRAT, disguises itself as popular apps and is designed to spy on user activity, particularly focusing on users in India. CapraRAT is capable of tracking GPS positions, reading SMS messages and contacts, managing network connections, and monitoring user browsing. Researchers believe it is being used more as spyware and surveillance tool rather than a remote access trojan. Users are advised to only download software from trusted app stores and to be cautious of apps that request unusually invasive permissions and hardware access.
Search