disguise Archives

Winsage

December 3, 2025

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has addressed a long-standing security vulnerability, identified as CVE-2025-9491, which has been exploited since 2017. This vulnerability involves a misinterpretation issue within Windows Shortcut (LNK) files, potentially allowing remote code execution. The flaw was highlighted in the November 2025 Patch Tuesday updates, with a CVSS score of 7.8/7.0. It allows crafted .LNK files to obscure harmful content, making it invisible to users, thus enabling attackers to execute code under the current user's context. The vulnerability was exploited by various state-sponsored groups, including those from China, Iran, North Korea, and Russia, for data theft and espionage. Microsoft initially deemed the flaw not warranting immediate attention, citing user interaction requirements and existing system warnings. Subsequent investigations revealed its exploitation by cyber espionage groups, including XDSpy and China-affiliated actors targeting European entities. The recent patch aims to ensure that the entire Target command is displayed in the Properties dialog, while 0patch provides warnings for LNK files exceeding 260 characters.

AppWizard

November 27, 2025

Shueisha Games announces ‘casual non-verbal social deduction action game’ VIVA NOBOTS for PC

Shueisha Games has announced the casual non-verbal social deduction action game VIVA NOBOTS, set to launch on PC via Steam in spring 2026, supporting English and Japanese languages. An open beta playtest will take place from December 12 to 18. In VIVA NOBOTS, players act as humans disguised as excavation robots to infiltrate ancient ruins and collect treasures while avoiding detection. Key features include stealing treasures, exposing rival players using the Doubt Gun, and escaping after securing loot. A new humanoid security bot called the "Android" has been introduced, along with a mega-jackpot feature called "GODPOT." Future updates will include cooperative and VS modes and avatar type changes. Trailers and gameplay highlights are available in both English and Japanese.

AppWizard

November 26, 2025

Android users warned to delete these fake apps after Google alarm

Android users are facing a threat from counterfeit VPN applications that disguise themselves as privacy-enhancing tools but contain malware capable of compromising personal information and security. These fake VPNs mimic reputable brands and use misleading advertisements to appear legitimate. Once installed, they can steal passwords, messages, and financial data, and may even lock devices with ransomware. Google advises users to download VPNs only from trusted sources, look for verification badges, review app permissions, be cautious of free offers, research developers, and avoid scare tactics in marketing. Legitimate VPNs should not request access to personal contacts or photos and should only require network-related permissions.

Winsage

November 25, 2025

Attackers are Using Fake Windows Updates in ClickFix Scams

Threat actors have adapted the ClickFix attack model, using a fraudulent Windows Update screen to disguise malicious code. This screen mimics the legitimate Windows Update interface and prompts users to execute harmful commands. The execution of these commands leads to the installation of LummaC2 and Rhadamanthys info-stealing malware. A report from ESET noted a 500% increase in ClickFix attacks, which now account for nearly 8% of all blocked attacks in early 2025. Huntress researchers tracked ClickFix lures that used steganography to deliver LummaC2 and Rhadamanthys malware, concealing malicious software within image files. The attacks involve a full-screen display that instructs users not to turn off their computers, ultimately prompting them to paste a malicious command. The execution process includes using mshta.exe and PowerShell to load and inject malicious assemblies. European law enforcement recently dismantled infrastructure used by threat actors, but Rhadamanthys is no longer distributed through the fraudulent Windows Update campaign. The use of steganography helps these payloads evade detection while relying on victims to manually execute commands.

AppWizard

November 18, 2025

Disguise Celebrates Three Consecutive Years as the #1 Costume Manufacturer YTD in the U.S., with Minecraft securing their Top License Spot, According to Circana

Disguise, Inc., a division of JAKKS Pacific, Inc., has been named the top costume manufacturer in the United States for the year-to-date 2025, marking its third consecutive year in this position. The company's growth is attributed to a commitment to quality licensed products and an expanded brand portfolio, with Minecraft being the leading costume license for YTD 2025. The recent release of A Minecraft Movie in April 2025 has increased demand for Minecraft-themed costumes, including the popular Chicken Jockey Pop-Up Costume, which sold out quickly and was listed on eBay at nearly three times its retail price. A viral trend linked to a scene from the movie further boosted the costume's popularity. Disguise's President, Tara Cortner, highlighted the company's achievements and the significance of its partnership with Minecraft. An official announcement for a sequel to A Minecraft Movie is planned for release in 2027.

AppWizard

November 8, 2025

The Psychology of Blocks: Why Building in Minecraft Feels So Therapeutic

Minecraft serves as a therapeutic escape for many players, offering stress relief through its block-based universe. The game combines structure and freedom, allowing players to engage creatively without the pressure of quick reflexes or constant victories. It facilitates a flow state, where players become fully absorbed in building, providing immediate feedback and a sense of progress. The simplicity of the game encourages personal expression, and the repetitive tasks within it offer comfort and a sense of control. Additionally, the social aspects of Minecraft foster community and collaboration, enhancing the therapeutic experience. Therapists and educators are increasingly incorporating Minecraft into stress management and educational settings, highlighting its potential for promoting mindfulness and connection.

Tech Optimizer

November 7, 2025

Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools

A new Android banking Trojan named Herodotus has emerged, operating under the Malware-as-a-Service (MaaS) model and causing significant disruptions in the mobile banking sector. It primarily spreads through SMS phishing campaigns that disguise malicious links as legitimate messages, leading users to counterfeit web pages to download an APK file outside the official Play Store. Upon installation, Herodotus requests critical permissions, including Accessibility, allowing it to overlay fake screens on real banking apps and capture user data. The malware employs deceptive behaviors to evade detection by traditional antivirus solutions, which often fail to recognize it due to their reliance on signature-based and behavior-driven databases. Research indicates that antivirus providers have overlooked the Herodotus threat, highlighting the need for multilayered defense mechanisms. Pradeo’s Mobile Threat Defense (MTD) solution offers continuous monitoring of device behavior, proactive blocking of phishing links, and alerts for risky off-store installations, effectively neutralizing threats before they escalate.

AppWizard

November 5, 2025

Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs

Cybersecurity threats targeting mobile devices and critical infrastructure have significantly increased, with Zscaler's research revealing that 239 malicious Android applications on the Google Play Store have been downloaded 42 million times. The energy sector has experienced a 387% rise in cyberattacks compared to the previous year. Malicious applications often disguise themselves as legitimate tools, exploiting user trust, especially in hybrid and remote work environments. There has been a 67% year-over-year increase in Android malware transactions, with spyware and banking malware posing significant risks. The manufacturing and transportation sectors accounted for 20.2% of all observed IoT malware attacks, with a shift in focus from manufacturing to include transportation. Approximately 40% of blocked transactions were linked to the Mirai malware family, while Mozi has become the second most prevalent. Geographically, India is the top target for mobile attacks (26%), followed by the United States (15%) and Canada (14%). The U.S. also leads in IoT malware incidents at 54%. New threats include Android Void malware, affecting 1.6 million Android TV boxes, and Xnotice, a Remote Access Trojan targeting job seekers in the oil and gas industry. Adware now represents 69% of mobile threats, surpassing the Joker malware family.

AppWizard

November 4, 2025

Hackers Hit Android Users, Drain Bank Accounts Remotely Through 760 Apps: Report

Cybersecurity experts have identified over 760 malicious applications that exploit Near Field Communication (NFC) technology to target Android devices, compromising sensitive user data and financial information. These apps often disguise themselves as legitimate banking and government services, convincing users to set them as default NFC payment methods. Once installed, they can intercept critical information such as login credentials and card details, which is then transmitted to hackers via Telegram channels. The campaign, which began in April 2024, affects users in countries including Russia, Poland, the Czech Republic, Slovakia, and Brazil, impersonating banks like Santander and VTB. Stolen data is sent to over 70 command-and-control servers managed by automated Telegram bots.

TrendTechie

November 3, 2025

RuTube и VK Видео изменили правила игры на пиратском рынке контента

The volume of pirated video content in Russia decreased by over 14% in the first half of 2025, with a reported decline to approximately 0.6 million instances. The amount of blocked pirated content surged by 42% in 2024, reaching 12.5 million instances, and the number of blocked pirate domains rose to 110,000. Russia is the third-largest consumer of pirated content globally, following the United States and India. The peak of Russian online piracy occurred between 2015 and 2018. Torrents are becoming obsolete, particularly among younger generations, who prefer legal access to content. Users face risks from hackers when visiting sites offering free content, with warnings about potential viruses and data theft.