European Commission Archives

AppWizard

March 4, 2026

Google Revamps Android App Store Rules, Cuts Fees Amid Global Antitrust Pressure

Alphabet's Google has announced a transformation in app distribution on Android devices, allowing external companies to register and launch their own app stores by paying a one-time fee. This change aims to enhance accessibility for competitors and lower costs for developers. Google will reduce its standard commission for developers from 30% to as low as 15% or 10% in some cases, with implementation expected by June in the US, UK, and EU, and similar changes in Australia, South Korea, and Japan by the end of 2026. Developers using Google’s billing services will incur a flat fee of 5%, while they can also opt for third-party payment processors. Epic Games has expressed approval of these changes, which they believe will help resolve ongoing litigation. Google generated approximately .66 billion in sales from its app marketplace in 2020, and regulatory changes could reduce its gross profit by around billion. The European Commission has accused Google of violating the Digital Markets Act, which could lead to fines of up to 10% of its global annual revenue. Google has previously faced €9.5 billion in fines for competition law violations. A US jury ruled in 2023 that certain Android policies violated antitrust law, leading to an injunction requiring Google to allow competing app stores access to its app catalog. Despite regulatory pressures, Google stated that the changes to the developer fee structure were voluntary and not mandated by legal rulings.

AppWizard

February 22, 2026

Google Blocked 1.75M Policy-Violating Apps From Google Play in 2025

Google successfully prevented the publication of over 1.75 million policy-violating applications in 2025 and banned more than 80,000 developer accounts identified as harmful. The company blocked over 255,000 apps from accessing sensitive user information and prevented 160 million spam ratings and reviews. Google integrated generative AI systems into its review process to enhance detection of malicious patterns. The European Commission is investigating Google's consumer safety practices in the Play Store, particularly regarding financial scams. Independent researchers found 20 Android apps on the Play Store designed to steal cryptocurrency.

BetaBeacon

January 8, 2026

How to Secure an Epic Win for Consumer Choice on Android Phones

Epic Games won a lawsuit against Google in late 2023, resulting in a jury siding with Epic on all claims made against Google. As a result, Google was required to allow third-party app stores on the Google Play Store, stop paying handset manufacturers to preference the Play Store, allow developers to link users to third-party payment systems, and share a list of its apps with third-party stores. This victory has led to increased competition and choice for Americans on Android phones.

AppWizard

January 1, 2026

Vietnam’s dominant messaging app faces regulatory scrutiny over data policy update

Vietnam’s National Competition Commission (NCC) has ordered VNG Corporation to revise its updated service terms for the Zalo messaging app due to user privacy concerns. The NCC emphasized that users should not be forced to consent to personal data collection as a condition for using the app and that consent mechanisms need to be voluntary and clear. The updated terms require users to accept all data management provisions or face account deletion within 45 days, which has led to significant user complaints and a decline in app ratings. Zalo's average rating on Apple’s App Store has fallen to around two out of five stars, and it has slipped to 59th place in download rankings, while international apps like WhatsApp and Viber have become more popular. Zalo has around 78 million active users and operates over 17,000 official accounts used by government and businesses. The NCC intends to meet with VNG to discuss the updated policy, as part of a wider regulatory trend against coercive data practices in digital firms globally.

Winsage

December 5, 2025

Microsoft Silently Fixes 8-Year Windows Security Flaw

Microsoft addressed a critical vulnerability in Windows, identified as CVE-2025-9491, which had existed for nearly eight years and allowed cybercriminals to conceal malicious commands within .LNK (shortcut) files. This flaw was exploited by state-sponsored hacking groups from countries including China, Iran, North Korea, and Russia, with evidence of nearly 1,000 malicious shortcut files used in various campaigns. The vulnerability was initially downplayed by Microsoft, which stated it did not require immediate servicing. However, as exploitation increased, Microsoft eventually included a fix in its November 2025 Patch Tuesday updates, which was not publicly announced. The fix allows the entire Target command to be displayed in the Properties dialog, addressing the security risk. Research indicated that around 70% of campaigns exploiting this flaw were focused on espionage and information theft across multiple sectors.

AppWizard

December 2, 2025

WhatsApp Launches EU Interoperability for Encrypted Cross-App Messaging

Meta Platforms Inc.’s WhatsApp is rolling out interoperability features across Europe, allowing users to send messages to individuals on third-party applications starting in November 2024. This initiative is in response to the European Union’s Digital Markets Act (DMA), which requires dominant tech companies to enhance competition by opening their platforms. Users will be able to communicate while maintaining end-to-end encryption, a process that has taken over three years to develop. Users must opt-in to receive messages from third-party applications, and the initial rollout is limited to specific partners. The interoperability allows for sharing text, images, voice messages, videos, and files. Meta's engineering team adapted WhatsApp's infrastructure to accommodate external services while upholding encryption standards. Concerns have been raised about potential security vulnerabilities and the implications of proposed regulations like "Chat Control" that could conflict with encryption efforts. This development could influence competitive dynamics in the messaging sector, providing smaller applications like BirdyChat and Haiket visibility by integrating with WhatsApp’s large user base. Compliance with the DMA helps Meta avoid fines while risking dilution of WhatsApp's market dominance. Privacy implications are a significant concern, with discussions around how interoperability could facilitate surveillance or compromise user security. Meta's journey involved regulatory oversight to ensure compliance with DMA objectives, and the success of this initiative could set a precedent for global standards in digital communication.

TrendTechie

November 3, 2025

RuTube и VK Видео изменили правила игры на пиратском рынке контента

The volume of pirated video content in Russia decreased by over 14% in the first half of 2025, with a reported decline to approximately 0.6 million instances. The amount of blocked pirated content surged by 42% in 2024, reaching 12.5 million instances, and the number of blocked pirate domains rose to 110,000. Russia is the third-largest consumer of pirated content globally, following the United States and India. The peak of Russian online piracy occurred between 2015 and 2018. Torrents are becoming obsolete, particularly among younger generations, who prefer legal access to content. Users face risks from hackers when visiting sites offering free content, with warnings about potential viruses and data theft.

Winsage

October 31, 2025

Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution

A cyber espionage campaign targeting European diplomatic institutions has been attributed to the Chinese-affiliated threat actor UNC6384, which exploits the ZDI-CAN-25373 vulnerability in Windows shortcut files. The campaign, noted for its use of social engineering tactics that mimic legitimate diplomatic events, has specifically targeted entities in Hungary, Belgium, and surrounding European nations between September and October 2025. The attack utilizes spearphishing emails with malicious LNK files related to European Commission and NATO meetings, leading to the deployment of PlugX, a remote access trojan. The attack chain involves a weaponized LNK file that executes PowerShell commands to unpack a tar archive containing a malicious DLL and an encrypted payload. UNC6384 employs advanced techniques to evade detection, including dynamic loading of Windows API functions and anti-analysis measures. The malware allows extensive espionage activities and creates hidden directories for persistent access. Recommendations for organizations include disabling automatic LNK file resolution, blocking known command and control domains, and enhancing user training to defend against such threats.

Winsage

October 31, 2025

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor, UNC6384, has been conducting cyber attacks targeting diplomatic and governmental entities in Europe, including Hungary, Belgium, Italy, the Netherlands, and Serbia. These attacks exploit an unpatched Windows shortcut vulnerability (CVE-2025-9491) through spear-phishing emails that appear relevant to diplomatic events. The emails deliver malicious LNK files that deploy PlugX malware via DLL side-loading. PlugX is a remote access trojan that allows extensive control over compromised systems and has been linked to another hacking group, Mustang Panda. Microsoft Defender can detect these attacks, and Smart App Control provides additional protection. The LNK file executes a PowerShell command to extract a TAR archive containing a legitimate utility, a malicious DLL, and an encrypted PlugX payload. The size of the malicious artifacts has decreased significantly, indicating ongoing evolution. UNC6384 has also begun using HTML Application files to load external JavaScript for retrieving malicious payloads, aligning with Chinese intelligence objectives regarding European defense policies.

Winsage

October 31, 2025

Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution

A cyber espionage campaign has been launched by the Chinese-affiliated threat actor UNC6384, targeting European diplomatic institutions using a vulnerability in the Windows shortcut (LNK) user interface, identified as ZDI-CAN-25373. This vulnerability was disclosed in March 2025. Between September and October 2025, entities in Hungary, Belgium, and neighboring European nations were specifically targeted. The attack utilizes spearphishing emails with conference-themed LNK files that exploit the Windows vulnerability to execute PowerShell commands, leading to the deployment of the PlugX remote access trojan (RAT). The attack sequence involves a weaponized LNK file that unpacks a tar archive containing a legitimate Canon printer assistant executable, a malicious DLL, and an encrypted payload. The Canon binary, despite being digitally signed, loads the malicious DLL which injects the PlugX payload into memory. The malware employs anti-analysis techniques and creates a hidden directory for persistent access. Recommendations for organizations include disabling automatic LNK file resolution, blocking known command and control domains, and monitoring for DLL side-loading attacks.