NewApp Digest
search bot

cybersecurity firm

FBI Investigating After Malware Found Lurking in Steam PC Games
AppWizard
March 13, 2026

FBI Investigating After Malware Found Lurking in Steam PC Games

The FBI is investigating malware hidden in several video games on the Steam platform, targeting users from May 2024 to January 2026. The investigation includes games like BlockBlasters, Chemia, Dashverse, DashFPS, Lampy, Lunara, PirateFi, and Tokenova, with some previously removed from Steam for malicious content. Steam had over 132 million monthly active users and more than 117,000 games in 2025. The FBI is reaching out to affected gamers, ensuring victim confidentiality and potential eligibility for services under federal and state law. This incident is part of a broader trend of malware targeting gamers, with previous cases involving fan games and cheat software affecting millions of accounts.
From Marquette to Microsoft: This alumnus leads global communications for over a billion Microsoft devices
Winsage
February 19, 2026

From Marquette to Microsoft: This alumnus leads global communications for over a billion Microsoft devices

A representative from Marquette University visited University of Detroit Jesuit High School during Chris Morrissey’s junior year, shortly after Marquette’s men’s basketball team won the national championship in 1977. Morrissey decided to attend Marquette, influenced by friends with siblings enrolled there. He has had a diverse career, moving from the automotive sector to chemicals, and is currently the senior director of communications for Windows and devices at Microsoft. Morrissey worked the midnight shift at the downtown Hilton during college, which allowed him to complete homework and read major newspapers. His interest in technology began at Chrysler, where he embraced new PCs while others were hesitant. At Microsoft, he manages a team that handles communications for Windows device updates and features, emphasizing the global impact of their work. Recently, his team addressed a crisis involving a cybersecurity issue affecting Windows devices, focusing on customer support. Morrissey credits his Marquette education with teaching him to prioritize others in crisis situations. He has also become involved in community service in Seattle, volunteering at food banks and serving on the board of North Helpline. As a father and grandfather, he values the growth mindset he sees in his children.
New backdoor found in Android tablets targeting users in Russia, Germany and Japan
AppWizard
February 19, 2026

New backdoor found in Android tablets targeting users in Russia, Germany and Japan

Researchers from Kaspersky have discovered an Android backdoor named Keenadu, embedded in the firmware of devices, allowing it to infect tablets before they reach consumers. This malware, affecting over 13,700 users globally, primarily targets advertising fraud by hijacking browser search engines, monitoring app installations, and generating fraudulent revenue. Tablets from various manufacturers, including Alldocube, have been found compromised, with the malware likely inserted during the firmware build stage through a compromised supply chain. Keenadu has multiple variants, some hidden in applications, and employs evasion tactics based on device language settings and time zones. It cannot be removed using standard Android security tools, and users are advised to install clean firmware or replace their devices entirely.
New Keenadu backdoor found in Android firmware, Google Play apps
AppWizard
February 17, 2026

New Keenadu backdoor found in Android firmware, Google Play apps

A sophisticated Android malware named Keenadu has been discovered embedded in the firmware of various device brands, compromising all installed applications and granting unrestricted control over infected devices. It employs multiple distribution methods, including compromised firmware images delivered over-the-air, access via backdoors, embedding in system applications, modified applications from unofficial channels, and infiltration through apps on Google Play. As of February 2026, Keenadu has been confirmed on approximately 13,000 devices, primarily in Russia, Japan, Germany, Brazil, and the Netherlands. The firmware-integrated variant remains dormant if the device's language or timezone is associated with China and ceases to function without the Google Play Store and Play Services. While currently focused on ad fraud, Keenadu has extensive capabilities for data theft and risky actions on compromised devices. A variant embedded in system applications has limited functionality but elevated privileges to install apps without user notification. The malware has been detected in the firmware of Android tablets from various manufacturers, including the Alldocube iPlay 50 mini Pro. Kaspersky has detailed how Keenadu compromises the libandroid_runtime.so component, making it difficult to remove with standard Android OS tools. Users are advised to seek clean firmware versions or consider replacing compromised devices with products from trusted vendors.
Microsoft: New Windows LNK spoofing issues aren't vulnerabilities
Winsage
February 13, 2026

Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities

Security researcher Wietze Beukema revealed vulnerabilities in Windows LK shortcut files at the Wild West Hackin' Fest, which could allow attackers to deploy harmful payloads. He identified four undocumented techniques that manipulate these shortcut files, obscuring malicious targets from users. The vulnerabilities exploit inconsistencies in how Windows Explorer handles conflicting target paths, allowing for deceptive file properties. One technique involves using forbidden Windows path characters to create misleading paths, while another manipulates LinkTargetIDList values. The most sophisticated method alters the EnvironmentVariableDataBlock structure to present a false target in the properties window while executing malicious commands in the background. Microsoft declined to classify the EnvironmentVariableDataBlock issue as a security vulnerability, stating that exploitation requires user interaction and does not breach security boundaries. They emphasized that Windows recognizes shortcut files as potentially dangerous and provides warnings when opening them. However, Beukema noted that users often ignore these warnings. The vulnerabilities share similarities with CVE-2025-9491, which has been exploited by various state-sponsored and cybercrime groups. Microsoft initially did not address CVE-2025-9491 but later modified LNK files to mitigate the vulnerability after it was widely exploited.
Android users warned about new bug that steals private data - which apps to delete
AppWizard
February 10, 2026

Android users warned about new bug that steals private data – which apps to delete

The Arsink malware is an Android Remote Access Trojan (RAT) that exfiltrates sensitive information while granting remote control to its operators. It has impacted over 45,000 devices in 143 countries, including the UK. Arsink lures users to download deceptive "pro" versions of popular applications, often promoted on social media instead of the Google Play Store. Once installed, it can access text messages, emails, call logs, contacts, microphone recordings, photos, location data, and more. The malware also allows hackers to control device features such as using the torch, playing audio, making calls, and changing settings. It hides its icon, runs a persistent foreground service, and generates notifications to avoid detection. Users are advised to remove any "pro" versions of well-known apps like Google, YouTube, WhatsApp, Instagram, Facebook, and TikTok that are not from the official Google Play Store.
Hugging Face AI platform used to deliver Android malware via fake apps: don't fall for this
AppWizard
January 30, 2026

Hugging Face AI platform used to deliver Android malware via fake apps: don’t fall for this

Hackers are exploiting the Hugging Face AI platform to distribute Android malware through a counterfeit application. The malware, identified by cybersecurity firm Bitdefender, first appeared in an application named TrustBastion. Hugging Face lacks robust filtering mechanisms to regulate user-uploaded content, raising security concerns. Users are advised to download apps only from reputable sources, read reviews, check download numbers and ratings, avoid sideloading APK files, verify publishers and URLs, and regularly scan their devices with Play Protect and antivirus applications.
Windows 10's extended support ends in eight month, but users are still rejecting Windows 11, at least in Germany
Winsage
January 27, 2026

Windows 10’s extended support ends in eight month, but users are still rejecting Windows 11, at least in Germany

Windows 11's market presence in Germany is stagnant, with 48% of private households (approximately 21 million devices) still using Windows 10, which will lose official support on October 14, 2025. Users can opt for Extended Security Updates until October 13, 2026. As of August 2025, Windows 10 had around 24 million installations, while Windows 11 was on about 17 million devices, indicating only 3.6 to 3.7 million transitions to Windows 11. By December 2025, Windows 11 accounted for 66.60% of the gaming market on Steam, with approximately 71% of Windows machines used for gaming running Windows 11. Windows 10 users can extend their support, but as the October 2026 deadline approaches, they will no longer receive security updates. Microsoft may implement notifications to encourage users to upgrade to Windows 11 and consider recycling old PCs for new ones.
Search