communication Archives

AppWizard

June 17, 2026

Pixel phones just got the biggest multitasking upgrade in years — here’s how to use it

The app bubbles feature in Android 17 is now available to all users, enhancing multitasking on devices like the Google Pixel 10a. Users can create app bubbles by long-pressing an app in the app drawer and selecting the Bubble option, allowing for up to five app bubbles at a time. This feature helps users manage multiple tasks more efficiently, as it allows for quick access to frequently used apps such as Slack, Gmail, YouTube, and Instagram. The setup can be customized based on personal usage habits, making it easy to integrate into daily routines.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

AppWizard

June 17, 2026

Google removes messaging app Telegram from Play Store, Apple likely to follow suit

The Indian government has removed numerous channels, groups, and bots from Telegram that were allegedly promoting fraudulent activities and misleading information, following insights from the National Testing Agency (NTA) and state law enforcement. This action has drawn criticism from digital advocacy organizations, such as IGAP and the Internet Freedom Foundation, which argue that the approach may disproportionately affect legitimate users of the platform and that fraud can occur across various platforms. The restrictions, enacted under Section 69A of the Information Technology Act, 2000, will limit access to Telegram throughout India until June 22, 2026, and require the platform to disable message-editing capabilities for all Indian users until June 30, 2026.

AppWizard

June 16, 2026

New Rokarolla Android malware targets 217 banking, crypto apps

A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications and features 137 commands for malicious activities. It is distributed via deceptive websites posing as legitimate application sources and impersonates Google Play Protect to lure users into installing infected apps. Once installed, it seeks Accessibility service permissions and access to notifications, SMS, and calls. Rokarolla communicates with a command-and-control server, sending device profiles to generate unique identifiers for victims. Its primary goal is to steal financial information by using deceptive login overlays to capture sensitive data and maintain control over the device. The malware employs evasion tactics such as disabling Google Play Protect, hiding its icon, silencing notifications, and keeping the screen awake. It can steal SMS messages, extract contacts, capture keystrokes, record screen content, manipulate clipboard contents, block calls, and take screenshots. Zimperium confirms that Rokarolla is not found on Google Play, and users are advised to avoid downloading APK files from untrusted sources and to be cautious with Accessibility permissions.

AppWizard

June 16, 2026

Telegram ban in India: 6 messaging apps to switch to right now

WhatsApp is the predominant messaging platform in India, known for its extensive user base and robust features, including end-to-end encryption, voice and video calls, communities for large group interactions, document sharing, status updates, and business messaging. It provides a seamless transition for users coming from Telegram due to its intuitive interface and widespread acceptance, allowing easy adaptation without extensive onboarding.

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.

AppWizard

June 16, 2026

1 Million Users Donate To Rescue Session Messenger From Shutdown

Session, a decentralized encrypted messenger, has over a million monthly users and has secured its future through community donations after facing a funding crisis earlier this year. The Session Technology Foundation had to reduce its paid staff and warned of a potential closure in July due to a significant financial shortfall. However, the community raised sufficient funds to prevent shutdown, allowing development to continue until at least 2027. The majority of contributions came from everyday users passionate about privacy communication. Session operates without requiring phone numbers and uses a decentralized network to enhance privacy. Under the leadership of Jason Rhinelander, the team is focusing on new features like post-quantum encryption. The organization also aims to achieve self-sustainability with a new paid Pro tier. Co-founder Chris McCabe's public appeal for support in March preceded staff layoffs on April 9, and Ethereum co-founder Vitalik Buterin previously donated 128 Ether (ETH) to assist the foundation.

AppWizard

June 15, 2026

Xbox is reportedly closing South of Midnight studio Compulsion Games after bragging about its award-winning developers earlier this year

Compulsion Games, known for titles like We Happy Few and South of Midnight, may be facing imminent closure as Microsoft’s gaming division undergoes significant layoffs and restructuring. Reports indicate that Compulsion and Double Fine are in negotiations to potentially spin off to avoid shutdown. Employees have expressed concern over job security, with many searching for new opportunities. Compulsion Games, founded in 2009 and based in Montreal, received critical acclaim for its recent title, South of Midnight, which won several awards. Despite previous praise from Xbox executives for the studio's achievements, the future remains uncertain amid corporate changes.

AppWizard

June 15, 2026

Facebook, Messenger, Instagram outage trends on X

On the evening of June 12, 2026, users in the Philippines and globally reported widespread outages on Meta's platforms, including Facebook, Instagram, and Messenger. At approximately 8:54 a.m. US time, Downdetector recorded over 113,000 outage reports, with 56% related to the mobile app, 25% to login difficulties, and 13% to the website. Meta's communications director, Andy Stone, acknowledged the issue on X, stating the company was working to restore services. Users expressed confusion and humor about the situation, with many fearing their accounts had been hacked. The outage affected millions worldwide, and the spike in traffic to Downdetector's site caused it to temporarily crash. Users felt relief upon realizing the outages were a global issue rather than isolated incidents.

AppWizard

June 15, 2026

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

A trojan named Android.MagicAd.1 has been identified as a significant threat to Android users, capable of delivering persistent background advertisements by circumventing built-in defenses. Detected in 2025, it has spread through over 50 infected games and utility applications, infiltrating both dubious download sites and official app stores like the Samsung Galaxy Store and Xiaomi’s GetApps. The malware employs a strategy of rotating applications to evade detection, remaining active on user devices after download. It uses hidden, encrypted components within native code libraries and conducts environment checks to avoid monitoring before launching its payload. Android.MagicAd.1 bypasses Android's restrictions by targeting trusted system applications, utilizing methods that vary by device manufacturer. For example, it uses a delayed system command on Xiaomi and Amazon devices, exploits Android Binder on Vivo devices, and employs a universal fallback method for other brands to gain priority for displaying ads. All identified malicious applications have been removed from official stores, but the campaign highlights the vulnerability of security software.