NewApp Digest
search bot

Cyber Attack

Why Should Small Businesses Invest In Antivirus Protection?
Tech Optimizer
February 10, 2026

Why Should Small Businesses Invest In Antivirus Protection?

53% of UK businesses experience cybercrime attempts at least once a month, and 70% of business owners anticipate a cyber attack in the near future, yet only 35% feel adequately prepared. 43% of cyberattacks are directed at small businesses, with over half potentially closing due to the damage. Antivirus software is a cost-effective solution that can prevent data breaches, reduce the likelihood of ransomware, and protect devices of remote workers.
silver Android smartphone
Tech Optimizer
February 10, 2026

Why Should Small Businesses Invest In Antivirus Protection?

53% of UK businesses experience cybercrime attempts at least once a month. 70% of business owners anticipate a cyber attack in the near future, but only about 35% feel prepared. 43% of cyberattacks are directed at small businesses, and over half of these may face closure due to the damage. Antivirus software can prevent data breaches, is cost-effective, reduces the likelihood of ransomware, and protects devices of remote workers.
Android users told to delete apps immediately after cyber attack infestation
AppWizard
November 26, 2025

Android users told to delete apps immediately after cyber attack infestation

Hundreds of Android applications have been compromised by SlopAds ad fraud malware, leading to their removal from the Google Play Store. A total of 224 apps were identified, collectively downloaded over 38 million times. The malware employs techniques like steganography to hide its activities and redirect users to malicious sites. Google has removed all identified malicious apps and will alert users to uninstall them. Android users are advised to activate Google Play Protect for enhanced security. The ad fraud undermines the integrity of legitimate advertisers and developers.
Android users urged to delete hundreds of apps immediately in cyber attack warning
AppWizard
November 3, 2025

Android users urged to delete hundreds of apps immediately in cyber attack warning

A new wave of cyber attacks targeting Android users has been identified, involving 224 compromised applications that have collectively amassed over 38 million downloads from the Google Play Store. This threat, named SlopAds by the Satori Threat Intelligence and Research Team, involves sophisticated advertising fraud techniques, including steganography, to generate illicit revenue through harmful ads embedded in apps. Google has removed all compromised applications from the Play Store and will notify users to uninstall them. Users are advised to enable Google’s Play Protect feature to safeguard against malicious applications. Ad fraud not only affects individual users but also undermines trust in the advertising ecosystem.
Android warning as hundreds of apps should be deleted after cyber attack
AppWizard
November 3, 2025

Android warning as hundreds of apps should be deleted after cyber attack

A cyber attack known as SlopAds has compromised 224 Android applications, which have been downloaded over 38 million times from the Google Play Store. The attack involves malicious advertisements that deceive users into providing personal and financial information. The Satori Threat Intelligence and Research Team reported that the threat actors use techniques like steganography and hidden WebViews to direct users to fraudulent cashout sites. Google has removed all identified problematic apps from the Play Store and will alert users who downloaded them to uninstall them. Android users are advised to activate the Google Play Protect feature to prevent future threats. Ad fraud not only affects individual users but also undermines the integrity of reputable advertisers and developers.
Hundreds of Android apps infested with cyber attack with users told to delete immediately
AppWizard
September 23, 2025

Hundreds of Android apps infested with cyber attack with users told to delete immediately

Android users are facing a security threat from a campaign aimed at extracting personal and financial information through a form of ad fraud called SlopAds, which has affected 224 Android applications with over 38 million downloads from the Google Play Store. Attackers embed corrupted advertisements in these apps, degrading device performance and generating revenue through fraudulent ad impressions and clicks. The malicious apps use steganography to conceal their activities, creating hidden WebViews that redirect users to hacker-controlled sites. Google has removed the identified malicious applications from the Play Store and will alert users to uninstall them. Security experts recommend enabling Google’s Play Protect feature to safeguard against harmful applications. Ad fraud undermines the integrity of the advertising ecosystem, harming reputable advertisers and developers. Users are advised to act promptly on notifications regarding infected applications to maintain device security.
M&S shoppers urged to set up security measure on 'all accounts'
Tech Optimizer
May 28, 2025

M&S shoppers urged to set up security measure on ‘all accounts’

M&S shoppers are being urged to enhance their online security following a cyber attack that disrupted customer services. The retailer has acknowledged ongoing challenges, stating they cannot process online orders while stores remain open. Sensitive customer information, including phone numbers, email addresses, and order histories, was compromised in the breach. Security expert Luis Corrons from Norton recommends activating two-step verification for online accounts, being cautious about stored personal and payment information, deleting unused accounts, using strong passwords, and keeping devices and software updated to improve security. He emphasizes that cyber threats are increasingly targeting human behavior and that these security measures are essential for digital safety.
M&S 'truly sorry' as it pauses online and app orders following cyber attack
AppWizard
April 25, 2025

M&S ‘truly sorry’ as it pauses online and app orders following cyber attack

M&S is addressing a cyber incident affecting its operations, which has led to customer reports of payment difficulties and order delays. The retailer has implemented minor changes to store operations and has suspended contactless payments and click and collect services. Additionally, M&S has halted all orders through its website and mobile applications, while customers can still browse products online. A spokesperson stated that a team, supported by cyber experts, is working to restore online and app shopping. Customers are being kept informed, and the stores remain open.
PostgreSQL vulnerability exploited in US Treasury attack
Tech Optimizer
February 20, 2025

PostgreSQL vulnerability exploited in US Treasury attack

In December 2024, suspected state-sponsored Chinese hackers executed a sophisticated cyber attack on U.S. Treasury employees' workstations, utilizing a dual vulnerability strategy involving CVE-2024-12356 and CVE-2025-1094. CVE-2024-12356 is an unauthenticated command injection flaw in BeyondTrust Remote Support SaaS, while CVE-2025-1094 is a PostgreSQL zero-day vulnerability that allows SQL injection attacks through the psql tool. The PostgreSQL team released a fix for CVE-2025-1094 on February 13, 2025, and BeyondTrust issued patches in December 2024 to mitigate the vulnerabilities. PostgreSQL users are advised to upgrade to fixed versions: 17.3, 16.7, 15.11, 14.16, or 13.19, and BeyondTrust users should implement the December 2024 fix. Rapid7 has provided advisories and indicators of compromise related to these vulnerabilities.
LNK Files And SSH Commands: A New Cyber Attack Trend In 2024
Tech Optimizer
December 19, 2024

LNK Files And SSH Commands: A New Cyber Attack Trend In 2024

Cyber attackers are increasingly using malicious LNK files, which disguise themselves as harmless shortcuts, as an infection vector in 2024. Security experts, particularly Cyble Research and Intelligence Labs (CRIL), have noted a significant rise in this tactic. Attackers leverage LNK files to gain access to systems, triggering malicious actions that can deploy advanced malware. This method reflects a shift in attack vectors aimed at bypassing traditional security measures. One primary technique in these attacks is the exploitation of Living-off-the-Land Binaries (LOLBins), which are trusted system binaries manipulated to execute harmful commands without external malware. Attackers have refined their methods to evade detection by endpoint detection and response (EDR) solutions. Recent campaigns have incorporated SSH commands within malicious LNK files, allowing attackers to establish persistent connections and download malicious files from remote servers. This use of SSH is concerning as it is not typically associated with Windows systems, making it harder for conventional security measures to detect. Threat actors have also used SSH commands to execute malicious PowerShell or CMD commands indirectly through LNK files. For example, a malicious LNK file was found to trigger a PowerShell script that downloaded a malicious payload. Advanced Persistent Threat (APT) groups, known for their long-term cyber espionage, are increasingly utilizing these techniques, with groups like Transparent Tribe deploying stealer malware using similar methods. The combination of LNK files and SSH commands presents a significant threat to organizations, necessitating enhanced monitoring and detection systems to identify abnormal activities. Security teams must evolve EDR solutions to recognize malicious SSH and SCP activity, especially in environments where SSH is not commonly used. Additionally, organizations should restrict the use of legitimate SSH utilities and disable unnecessary features to minimize the attack surface.
Search