communicate

AppWizard
July 1, 2026
Samsung has announced the discontinuation of its Samsung Messages app for Galaxy phone users, effective July 2026. Users on Android 11 and earlier will still have access to the app until it ceases to function, but they will lose regular messaging capabilities. Emergency services can still be contacted through the app. Samsung is facilitating a transition to Google Messages, which will serve as the official replacement, and has provided resources to help users transfer their message history. Google Messages has evolved significantly and may offer enhanced features to ease the transition.
Winsage
June 17, 2026
The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.
Winsage
June 16, 2026
Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.
Winsage
June 15, 2026
The Linux 7.2 kernel has introduced enhancements for reporting case-folding behavior in local file systems, allowing file servers to accurately convey their case sensitivity capabilities. Linus Torvalds merged Virtual File System (VFS) related pull requests that enable local file systems to report case-folding behavior, benefiting services like NFSD and KSMBD, particularly for Microsoft Windows NFS clients. Filesystems can now report case-insensitive and case-nonpreserving behavior through new filekattr flags in their fileattrget implementations. Supported filesystems include FAT, exFAT, NTFS3, HFS, HFS+, XFS, CIFS, NFS, VBoxSF, and ISOFS, with others defaulting to POSIX behavior. NFSd uses this information to report case folding via NFSv3 PATHCONF and implement NFSv4 attributes for case insensitivity and case preservation. The enhancements aim to improve interoperability, allowing Windows NFS clients to function correctly by reporting case-insensitivity, which streamlines operations and avoids unnecessary requests. The Linux NFS client has previously supported case-insensitive shares, requiring adjustments to caching behavior. Accurate case folding reporting is crucial for servers operating in multi-protocol environments to maintain interoperability.
AppWizard
June 13, 2026
Users globally faced challenges accessing Facebook and Instagram due to a widespread technical failure affecting millions. Disruptions were also reported with Messenger and WhatsApp. Meta's business status tracker identified significant issues with Facebook's advertising network. Outage monitoring tools noted an increase in user complaints, indicating the scale of the disruption. Common symptoms included lag and issues loading new Stories on social media, and problems connecting to Facebook and Messenger. The cause of the outage is unclear, and there is no timeline for service restoration. Downdetector indicated possible issues with WhatsApp as well.
Search