cybersecurity experts Archives

AppWizard

March 22, 2026

Russian hackers hack messengers, Signal and WhatsApp under attack

Hackers with ties to Russian intelligence have intensified efforts against users of messaging platforms like Signal, infiltrating thousands of accounts, as reported by the FBI and CISA. The main targets include current and former U.S. government officials, military personnel, political figures, and journalists. The hackers used advanced techniques to bypass security, tricking users into revealing security codes through sophisticated phishing campaigns. Signal confirmed that their encryption and infrastructure remain secure despite these attacks. This rise in cyber threats is part of a broader trend involving increased activities from pro-Iranian and Russian hackers targeting the U.S. and its allies.

Tech Optimizer

March 19, 2026

Top Antivirus Software Options for MacBook Users

Cybersecurity experts warn that MacBooks are becoming increasingly vulnerable to cyber threats, making the installation of robust antivirus software essential for protecting personal and financial data. Leading antivirus solutions for MacBooks include: - Bitdefender: Highly rated for security performance, includes a VPN, and offers protection across multiple devices. - Norton: Known for its dedicated malware research lab, offers features like phishing detection and a firewall, and ranks second-best for Mac antivirus. - Malwarebytes: User-friendly with strong malware removal capabilities, ranks second to Bitdefender, and offers a 14-day free trial. - Intego Mac Internet Security X9: Easy to use with comprehensive features including a firewall and parental controls. - ClamXAV: An open-source option that allows customization and provides multiple levels of protection at a low cost. Apple's built-in security features are less effective against sophisticated threats like ransomware, leaving users without antivirus protection at higher risk for attacks and financial losses. Cybersecurity threats targeting macOS are increasing, emphasizing the need for dedicated antivirus solutions.

Tech Optimizer

March 16, 2026

What Is a Crypto Miner Virus?

A crypto miner virus, or cryptojacking malware, secretly uses a device’s CPU or GPU to mine cryptocurrency for an attacker, leading to increased electricity costs and potential hardware damage for the victim. It typically infects devices through phishing emails, pirated software, compromised websites, and malicious browser extensions. Monero is the preferred cryptocurrency for mining due to its efficiency on standard CPUs and privacy features. Signs of infection include overheating, high CPU usage, and increased electricity bills. Detection involves monitoring system performance and running antivirus scans. Prevention includes using antivirus software, keeping systems updated, and avoiding pirated software. Notable incidents include attacks on a European water utility and the Los Angeles Times website.

AppWizard

March 6, 2026

Research company claims spyware posing as Israel’s Red Alert Android app targeting users

Acronis Threat Research Unit (TRU) has uncovered a cyber espionage campaign targeting Israeli civilians through a fake version of the Red Alert app. The attack begins with a deceptive text message claiming to be from Israel's Home Front Command, urging users to download an updated app due to a malfunction. The fraudulent app closely resembles the legitimate Red Alert app but contains malware that collects sensitive personal information, including messages, contacts, location data, and device account details. This data is stored locally and then transmitted to a remote server controlled by the attackers. The hackers use certificate spoofing and other techniques to bypass Android's security measures, making the malicious app appear legitimate. Cybersecurity experts recommend that Israeli users take precautions to protect their personal information.

Winsage

March 2, 2026

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Cybersecurity experts at Microsoft Threat Intelligence have identified a trend where attackers distribute counterfeit gaming tools that install a remote access trojan (RAT) on users' systems. These trojanized executables, such as Xeno.exe or RobloxPlayerBeta.exe, are shared through browsers and chat platforms. The initial executable acts as a downloader, installing a portable Java runtime environment and launching a harmful Java archive, jd-gui.jar. Attackers use built-in Windows tools to execute commands via PowerShell and exploit trusted system binaries, minimizing detection risk. The embedded PowerShell script connects to remote locations, downloads an executable as update.exe, and executes it. The malware erases evidence of the downloader and modifies Microsoft Defender settings to allow RAT components to function undetected. It establishes persistence through scheduled tasks and a startup script named world.vbs, enabling prolonged access to the compromised device. Microsoft Defender can detect the malware and its behaviors, and organizations are advised to monitor outbound traffic and block identified domains and IP addresses. Users are encouraged to scrutinize Microsoft Defender exclusions and scheduled tasks for irregularities and remain cautious about downloading tools from unofficial sources.

AppWizard

February 21, 2026

Unsecured AI apps are leaking personal data of Android users

Many unregulated or inadequately secured AI applications on platforms like the Google Play store pose significant privacy risks to users. A specific Android application, "Video AI Art Generator & Maker," linked to a data leak, compromised 1.5 million user images, over 385,000 videos, and millions of AI-generated media files due to a misconfiguration in a Google Cloud Storage bucket. Another app, IDMerit, exposed sensitive know-your-customer data from users in 25 countries, including full names, addresses, birthdates, IDs, and contact information, totaling a terabyte of data. Both developers addressed the vulnerabilities after being alerted by researchers. However, cybersecurity experts warn that lax security among AI applications is a widespread issue, with 72 percent of analyzed Google Play apps exhibiting security flaws, including the practice of "hardcoding secrets" in their source code.

Tech Optimizer

February 18, 2026

Fake Antivirus Program Threatens Android Phones and Steals Data – Jordan News | Latest News from Jordan, MENA

Cybersecurity experts have identified a malicious campaign targeting Android users through a counterfeit antivirus application called TrustBastion. This app serves as a vehicle for distributing malware that steals personal and banking information and provides attackers with remote access to infected devices. TrustBastion has been found on Hugging Face, complicating detection for users. The app masquerades as a legitimate security tool, prompting users to install a “necessary update” that contains malicious code. Once activated, the malware captures screenshots, displays fake login pages for financial services, and records sensitive information, which is sent to the hackers' servers. Attackers frequently re-upload modified versions of the app, maintaining its harmful functionality. Users are advised to download apps only from official stores, review ratings, and avoid untrusted APK files. Installing reputable antivirus solutions and activating Google Play Protect is recommended for enhanced security.

TrendTechie

February 12, 2026

Хакеры начали активно распространять стилеры на торрентах через популярные игры

Cybersecurity specialists have identified a long-running malware campaign that disguises itself as installers for pirated games, utilizing a malicious component called the RenEngine Loader. This loader operates stealthily, embedding itself within the system while allowing the game to run without disruption, thus evading detection. The campaign has been active since at least April 2025 and primarily targets popular titles from Electronic Arts and Ubisoft, such as Far Cry, FIFA, Need for Speed, and Assassin’s Creed. The malicious code appears as a harmless launcher based on Ren’Py, leading users to believe the installation is normal. Once installed, the loader can facilitate further exploits without immediate data exfiltration. Telemetry has recorded over 400,000 inquiries related to this distribution chain, with an average detection rate of around 5,000 incidents per day, and Russia ranks fourth in these observations.

Winsage

January 5, 2026

Microsoft Ends Windows 11 SE Support in 2026 Amid Low Adoption

Microsoft will conclude support for Windows 11 SE in 2026, ceasing security updates and feature enhancements after October 2026. Launched in late 2021 for K-8 classrooms, Windows 11 SE struggled with adoption due to hardware limitations and competition from alternatives like Google’s Chrome OS. The final feature release for SE will be Windows 11 version 24H2. Schools will face challenges in transitioning to new systems, as devices running SE may become vulnerable to cyber threats without ongoing support. Microsoft is shifting its focus to integrating educational tools into its main operating system rather than maintaining a separate edition. The end of support for Windows 11 SE may accelerate hardware refresh cycles in schools, posing financial burdens on underfunded districts.

AppWizard

December 30, 2025

Google’s Android Automotive Adds PIN-Lock for App Privacy

Google has introduced the Sensitive App Protection feature in Android Automotive, allowing users to lock individual applications with a PIN to prevent unauthorized access to sensitive information in shared vehicles. This feature aims to enhance privacy amidst the rise of ride-sharing and car-sharing services, addressing concerns about unauthorized app usage by valets and other users. Sensitive App Protection is applicable to family cars and rental vehicles, ensuring that protected apps remain inaccessible without the PIN, even in restricted modes. The feature is designed to improve user privacy in connected cars, coinciding with increasing regulatory scrutiny regarding data handling. User adoption will depend on awareness and ease of use, with early feedback being generally positive. Critics note that while PIN-locking is beneficial, it does not fully address vulnerabilities related to data transmission over unsecured networks. Google plans to transition to the Gemini AI platform, which may enhance security features further. Regulatory bodies are monitoring these developments closely, and ethical considerations regarding access to privacy features for different user demographics are being discussed.