encryption Archives

AppWizard

April 27, 2026

Signal isn’t broken — so how are hackers targeting the world’s ‘most secure’ chat app?

On April 26, hackers allegedly linked to Russian groups targeted the Signal messaging app with phishing attacks aimed at senior politicians. These attacks did not compromise Signal's end-to-end encryption; rather, they deceived users into providing access to their accounts through fake messages. Signal is operated by the non-profit Signal Foundation, founded in 2012 by Moxie Marlinspike with funding from Brian Acton, a co-founder of WhatsApp. Signal distinguishes itself by rendering metadata invisible to its operators, unlike WhatsApp, which shares user data with its parent company. Signal's president, Meredith Whittaker, advocates for data privacy.

Tech Optimizer

April 26, 2026

CanisterSprawl: pgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP Canister

On April 21, 2026, compromised versions of pgserve (1.1.11, 1.1.12, and 1.1.13) were published on npm, containing a 1,143-line credential-harvesting script that executes during the postinstall phase of npm install. The malware functions as a supply-chain worm, reinjecting itself into other packages if it finds an npm publish token. Stolen credentials are encrypted using RSA-4096 and AES-256 and exfiltrated to a decentralized Internet Computer Protocol (ICP) canister. The last legitimate release was v1.1.10, published on April 17, 2026. The malware was detected by StepSecurity AI Package Analyst and Harden Runner, which flagged the compromised versions as Critical / Rejected and confirmed live exfiltration during analysis. The injected script performs operations such as harvesting environment variables, collecting filesystem secrets, encrypting payloads, and propagating to other npm packages and Python packages if a PyPI token is detected. The exfiltration domains have been added to a global block list.

AppWizard

April 25, 2026

Android Hackers Target 800 Banking, Crypto and Social Media Apps With ‘Near-Zero Detection Rates’: Zimperium

Android hackers are targeting over 800 applications in banking, cryptocurrency, and social media sectors, utilizing four active malware families: RecruitRat, SaferRat, Astrinox, and Massiv. These malware employ advanced techniques to evade detection and execute credential theft, unauthorized financial transactions, and data exfiltration. Attackers lure victims through phishing websites, fraudulent job offers, fake software updates, text-message scams, and promotional lures. Once installed, the malware can request Accessibility permissions, obscure app icons, obstruct uninstallation, and steal sensitive information through counterfeit lock screens. They can also capture one-time passcodes, stream device screens, and overlay fake login pages on legitimate applications. The malware uses HTTPS and WebSocket communications to blend malicious traffic with normal activity and may incorporate encryption layers to avoid detection.

Winsage

April 24, 2026

I tried this free Windows cleanup tool to see if it’d speed up my PC

Winhance is a utility designed to optimize the Windows experience by allowing users to declutter their systems and enhance performance. It provides an overview of installed programs and features, enabling users to remove unwanted applications, which improves system responsiveness and frees up space. The installation process is straightforward, and users can easily navigate privacy, security, battery, and display settings from a single interface. Winhance offers tailored recommendations for settings adjustments, such as enabling BitLocker encryption and activating power-saving modes. It also allows users to enable features like Storage Sense for disk management and adjust DNS settings for better internet speed, making it a valuable tool for simplifying system optimization.

Tech Optimizer

April 23, 2026

Take Control: Customer-Managed Keys for Lakebase Postgres

Encryption at rest is essential for cloud environments, especially in regulated sectors. Lakebase offers Customer Managed Keys (CMK), allowing organizations to control their encryption keys from preferred Key Management Services (KMS) like AWS KMS, Azure Key Vault, or Google Cloud KMS. Lakebase CMK manages both persistent storage and ephemeral compute, ensuring data security. Lakebase's architecture separates storage and compute layers, enabling elastic scaling and serverless operations. The storage layer maintains persistent data, while the compute layer consists of dynamic Postgres instances. This separation poses encryption challenges, addressed by Lakebase CMK through a hierarchical Envelope Encryption model. The key hierarchy includes: 1. Customer Managed Key (CMK): The Root of Trust in the cloud KMS, never accessed in plaintext by Databricks. 2. Key Encryption Key (KEK): A transient key for wrapping data keys. 3. Data Encryption Keys (DEKs): Unique keys for each data segment, stored in an encrypted state. When data access is needed, Lakebase retrieves DEKs by unwrapping keys from the KMS. If a key is revoked, access to the data is denied, and ephemeral compute instances are terminated. In practice, CMK applies to: 1. Persistence Layer (Storage): All data segments are encrypted with keys controlled by the CMK. 2. Ephemeral Layer (Compute): Each compute instance generates a unique ephemeral key, and upon revocation, the instance is terminated, destroying in-memory keys. CMK implementation follows a delegation model, allowing Security Admins to manage keys without accessing data. The process includes key configuration, workspace binding, and lifecycle management. Key rotation is seamless, requiring no data re-encryption. All cryptographic operations involving the CMK are logged by the cloud provider's audit service. Lakebase CMK is available for Enterprise tier customers, allowing organizations to manage their encryption keys effectively.

Tech Optimizer

April 23, 2026

The antivirus feature I skip on every SSD-powered PC

File shredders may not effectively erase data on solid-state drives (SSDs) due to the way SSDs distribute data, which can lead to deleted files remaining retrievable. Additionally, using file shredders can reduce the lifespan of SSDs because of their limited write cycles. Instead of file shredders, drive encryption is recommended for protecting sensitive data on SSDs, as it ensures that deleted data remains unreadable. Windows 11 offers integrated drive encryption for users with a Microsoft account, and tools like VeraCrypt or Cryptomator can create encrypted folders for managing sensitive documents. It's important to safeguard access to encrypted data by backing up decryption passwords or recovery keys.

Winsage

April 23, 2026

Engineering secure passkey sync in Microsoft Password Manager

Passkeys are a new form of authentication that replace traditional passwords, providing a phishing-resistant and streamlined sign-in process. Microsoft Password Manager allows users to save and synchronize passkeys across devices linked to their Microsoft accounts, enhancing accessibility. The architecture for passkey syncing includes confidential computing for sensitive operations, hardware-rooted key protection for encryption keys, tamper-evident recovery storage, and encrypted synchronization across devices. Sensitive passkey operations are executed in Azure's confidential computing environments, ensuring cryptographic materials are processed securely. The encryption keys are protected using Azure Managed HSM, with access governed by attestation-based mechanisms. Registration and recovery processes require user authentication and enforce security measures within confidential computing boundaries, including a lockout state after consecutive incorrect PIN attempts. The system aims to provide a secure and user-friendly experience as part of a transition to a passwordless future.

Winsage

April 23, 2026

Windows 11 Pro dropped to just $9.97 for a limited time

Windows 11 Pro is available for .97, featuring an organized interface with Snap Layouts for managing multiple windows, robust security with BitLocker encryption and secure login options, enhanced productivity tools including AI-powered Copilot, and support for modern graphics via DirectX 12 Ultimate for gaming and media. It offers a lifetime license with a one-time payment, eliminating subscription fees.

Tech Optimizer

April 22, 2026

New STX RAT Uses Hidden Remote Desktop and Infostealer Features to Evade Detection

A newly identified remote access trojan, STX RAT, emerged in 2026, integrating hidden remote desktop access with credential theft features. The name "STX" comes from the Start of Text magic byte x02, which it appends to communications with its command-and-control (C2) server. Initial sightings were reported in late February 2026, when it was delivered via a browser-downloaded VBScript file to a financial organization. By early March, Malwarebytes noted a campaign distributing STX RAT through compromised FileZilla installers. Researchers from eSentire’s Threat Response Unit analyzed the malware, which includes extensive anti-analysis measures and employs techniques like AMSI-ghosting. Once operational, STX RAT connects to a C2 server at 95.216.51.236, transmitting system information securely. It targets saved credentials from applications like FileZilla and includes a Hidden Virtual Network Computing (HVNC) module, allowing attackers to control a victim's machine without detection. Security teams are advised to block the C2 IP and implement detection rules to mitigate the threat.

AppWizard

April 22, 2026

Tired Of Google Messages? These 4 Texting Apps Might Be Better For You

Samsung plans to retire its proprietary messaging app by July 2026, leading many Android users to rely on Google Messages. Major carriers like AT&T have stopped supporting their own messaging apps, potentially creating a monopoly. Alternative SMS-enabled apps include: - Pulse SMS: Syncs across devices, offers password-protected cloud backups, and has end-to-end encryption for stored conversations. It has a 3.6-star rating on Google Play. - Chomp SMS: Highly customizable with features like scheduled messages and block lists. It remains free with ads, but some users find the customization options complex. - Handcent Next SMS: Incorporates AI for features like text extraction and grammar checks. It has over one million downloads and a 4.4-star rating, but requests a high number of permissions. - Textra SMS: Offers faster performance and extensive customization, aiming to replace default messaging apps. It follows a "free forever" model but lacks cross-device functionality and encryption. The selection of these alternatives was based on Google Play ratings above 3.5 stars, a minimum of 50,000 user reviews, and recent updates.