cookies Archives

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

AppWizard

March 28, 2026

Belgium rolls out secure messaging app for officials to replace: Report

The website www.aa.com.tr uses mandatory cookies that are essential for its functionality and cannot be disabled. These include necessary cookies that differentiate between human users and bots, functional cookies that remember user language preferences, performance/analytical cookies that generate statistical data on visitor interactions through Google Analytics, and advertising/marketing cookies that collect consumer behavior insights for refining marketing strategies via Alexa Analytics.

Tech Optimizer

March 27, 2026

Bogus Avast website fakes virus scan, installs Venom Stealer instead

A deceptive website impersonating Avast antivirus tricks users into downloading Venom Stealer malware, which steals passwords, session cookies, and cryptocurrency wallet information. The site conducts a fake virus scan, falsely reporting threats to encourage users to download a malicious file named Avastsystemcleaner.exe. This file mimics legitimate software and operates stealthily, targeting web browsers to harvest credentials and session cookies. It also captures screenshots and sends stolen data to the command-and-control domain app-metrics-cdn[.]com via unencrypted HTTP. The malware employs evasion techniques to avoid detection and is part of a long-standing cybercrime tactic that exploits user trust in security software. Indicators of compromise include the file hash SHA-256: ecbeaa13921dbad8028d29534c3878503f45a82a09cf27857fa4335bd1c9286d, the domain app-metrics-cdn[.]com, and the network indicator 104.21.14.89.

AppWizard

March 23, 2026

This week in PC games: a new Hooded Horse city-builder, some PS2-style horror, a school-day RPG and an absolutely tremendous catfish

The atmosphere in gaming is currently lacking excitement due to a lull with no major releases. Notable upcoming games include: - Journey of the Garden Rose: An adventure game featuring a princess battling insects in a low-poly palace. - Frog Holm: A bar-running game that combines cocktail mixing with Tetris mechanics. - No Vacation for an Executioner: An action-horror game with a PS2 style and intricately designed monsters. - Come Again, Chachii?: A game where players help quirky aliens find jobs by deciphering their speech. - Roombattle: A top-down multiplayer game featuring competing vacuums. - Mado Monogatari: Fia and the Wondrous Academy: A dungeon-crawling RPG with cheerful characters and perilous elements. - Beast Breaker: A tactical pinball game where players launch a mouse at kaiju. - Nova Roma: An early access city-builder focusing on water management. - Damon and Baby: An action-adventure game featuring a baby and a demon king. - Screamer: A cyberpunk racing game known for its colorful mechanics. - Project Songbird: A game about overcoming writer's block while battling tree monsters. - EverSiege: Untold Ages: An action-strategy game from the creators of Aliens: Dark Descent. Additional activities include capturing images of mushrooms in Rova, constructing a mycelial web in ChloroLink, battling vintage supervillains in Marvel Maximum Collection, searching for a sister in Too Well Hidden, harvesting fuel in Venus in Transit, and transforming clouds into sea creatures in The Wide Open Sky is Running out of Catfish. The Treehouse is working on guides for Crimson Desert, evaluating Slay The Spire 2, assessing hardware, and participating in a preview event.

AppWizard

March 21, 2026

A smoother navigation experience in GitHub Mobile for Android

The latest production build of GitHub Mobile for Android has been released, enhancing user experience and introducing new features for mobile developers. Developers are encouraged to participate in discussions within the GitHub Community to share insights and provide feedback on the new functionalities.

Winsage

March 17, 2026

Microsoft Edge’s latest update is all about what you lose — but one removal is actually a good thing

The latest update of Microsoft Edge, version 146.0.3856.59, officially retires the Collections feature, preventing users from adding new items but allowing them to export saved content to Favorites. Edge version 150 will be the last compatible release for macOS 12 (Monterey), requiring users to upgrade to macOS 13 (Ventura) or later. The update also transitions Workspaces to an improved V2 architecture, migrating data from OneDrive/SharePoint to Edge Sync, while removing collaboration and sharing functionalities. Users will no longer be able to create a custom primary password starting with Edge 146, and this feature will be phased out by June 4, 2026, transitioning to device authentication. Additionally, passwords will not be included in the items cleared when deleting browsing data, addressing user concerns about unintentional deletions. Password management remains accessible through edge://settings/autofill/passwords.

AppWizard

March 13, 2026

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

The FBI has launched an investigation into malware threats associated with PC games on Steam, particularly targeting users from May 2024 to January 2026. The games identified include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all linked to malware incidents. For example, PirateFi was designed to steal browser cookies, Chemia updated itself with malicious software, and BlockBlasters was identified as a Trojan that siphoned cryptocurrency. The FBI's alert also mentions Lampy, which may harbor malware. Valve, the parent company of Steam, has not responded to inquiries but has warned users about the affected games. The investigation suggests a potential link to a single group or individual, with reports indicating that victims were lured through Telegram messages offering free game keys or job opportunities.

Winsage

February 20, 2026

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are using social media advertising, specifically paid Facebook ads, to promote a malware campaign disguised as legitimate Microsoft promotions. They create near-exact replicas of the official Windows 11 download page to lure users into downloading malicious software. The deceptive domains used include ms-25h2-download[.]pro and ms-25h2-update[.]pro. The malware campaign employs geofencing to selectively target victims, redirecting security researchers to benign sites while delivering malware to unsuspecting users. The malicious file, named ms-update32.exe, is hosted on GitHub and mimics the size of a legitimate Windows installer. Once executed, it checks for monitoring tools and, if none are detected, installs an application named "Lunar" that collects sensitive data, including cryptocurrency wallet information. The malware maintains persistence by writing data to the Windows registry and employs various obfuscation techniques to evade detection. The attackers run parallel ad campaigns with different Facebook Pixel IDs to ensure continued operation even if one is suspended. Indicators of compromise include specific file hashes, domains, file system artifacts, and registry keys associated with the malware.

Winsage

February 17, 2026

How to Uninstall and Reinstall Chrome on Windows 11 Using Winget CMD

Google Chrome can experience performance issues on Windows due to corrupted profiles, extension conflicts, broken updates, and crashes. A complete uninstall and reinstall often resolves these issues, and the Windows Package Manager (Winget) provides a command-line method for this process. To uninstall Chrome using Winget, open Terminal as an administrator and run the command PLACEHOLDER7836d906c03bd8f1. After uninstallation, verify it with PLACEHOLDER30cf24d62406b8ee, then reinstall using PLACEHOLDER76e40aae6965d719. For a clean reinstall, delete the leftover user data folder at PLACEHOLDER142352b706501488. Commands: - Check installed version: winget list Google.Chrome - Uninstall Chrome: winget uninstall Google.Chrome - Verify removal: winget list Google.Chrome - Reinstall Chrome: winget install Google.Chrome - Silent install: winget install Google.Chrome --silent - Delete leftover data: rmdir /s /q "%LocalAppData%GoogleChrome" Before executing commands, ensure Winget is available and updated, and that you have administrator privileges. Backup data by enabling Chrome Sync. Close Chrome completely before uninstalling to avoid process interference. A clean reinstall involves deleting the Chrome user data folder, which removes bookmarks, passwords, and other stored data. Winget is faster and more suitable for scripting and remote management compared to traditional uninstall methods through the Settings app or Control Panel. Common troubleshooting for Winget includes handling errors related to package recognition, installation blocks, and access issues. If uninstalling fails, terminate any running Chrome processes and retry the command. If unsuccessful, use the Settings app for removal and then Winget for reinstallation.

Tech Optimizer

February 11, 2026

NordVPN Stopped Most Phishing Emails in Third-Party Testing, Study Says

NordVPN's Threat Protection Pro blocked 92% of phishing websites in an independent lab test conducted by AV-Comparatives, which evaluated 15 products against 250 verified phishing URLs. The test took place between January 7 and January 19, using Google Chrome for assessments. NordVPN's product ranked fourth, while the top three performers were Avast Free Antivirus and Norton Antivirus Plus (both at 95%) and Webroot SecureAnywhere Internet Security Plus (93%). The software provides protection against phishing attempts and malware infections, even when not connected to a VPN. Phishing attacks have surged by 4,151% since the introduction of ChatGPT in 2022, with companies facing significant financial losses per breach. AI is being used to enhance phishing tactics, including deepfake videos and voice impersonations. Despite its effectiveness, NordVPN's Threat Protection Pro cannot remove existing malware on devices.