exploiting Archives

AppWizard

January 31, 2026

In a beautifully ironic twist, a YouTuber attempting a pacifist run of Bully discovered a secret weapon hidden for almost 20 years: ‘I can see why they tried to lock it inside a building’

A long-hidden weapon, the sledgehammer, has been discovered in Rockstar's game Bully by YouTuber JustGarrison while attempting a pacifist run. This weapon, previously restricted to a boss fight, became accessible during the mission 'The Tenements' through a glitch that allowed players to manipulate the game map. JustGarrison expressed excitement about the find, noting its violent nature and the controversy surrounding the game's release. Additionally, Dan Houser from Rockstar revealed that plans for a sequel, Bully 2, were shelved due to management issues, and a fan-created multiplayer experience, Bully Online, was shut down likely due to legal challenges.

AppWizard

January 30, 2026

Hugging Face AI platform used to deliver Android malware via fake apps: don’t fall for this

Hackers are exploiting the Hugging Face AI platform to distribute Android malware through a counterfeit application. The malware, identified by cybersecurity firm Bitdefender, first appeared in an application named TrustBastion. Hugging Face lacks robust filtering mechanisms to regulate user-uploaded content, raising security concerns. Users are advised to download apps only from reputable sources, read reviews, check download numbers and ratings, avoid sideloading APK files, verify publishers and URLs, and regularly scan their devices with Play Protect and antivirus applications.

AppWizard

January 30, 2026

Google’s New Android Lockdown—Do Not Install These Apps

Google is tightening its policies on sideloading practices, allowing app installations only from verified developers to enhance user security and reduce risks associated with malicious software. The company has removed numerous harmful applications and accounts to combat the exploitation of its ecosystem. Cybercriminals are replicating popular applications like Google, YouTube, and WhatsApp to deceive users into downloading malicious software, which often masquerades as “mod” or “pro” versions. These counterfeit apps can install the Arsink Remote Access Trojan (RAT), which allows hackers to control devices, record audio, harvest personal information, and perform unauthorized actions. The Arsink operation has affected tens of thousands of victims across approximately 143 countries. Users are advised to avoid installing apps from messengers, online forums, or direct links and to use official app stores instead. Google confirms that the RAT is not infecting Play Store apps and encourages users to keep Play Protect enabled.

AppWizard

January 30, 2026

Centre cracks down on Android scam; blocks fraud app, Telegram channels, warns users

The Indian government has taken action against the Wingo app, a cyber fraud network that sent fraudulent SMS messages from users' devices without consent. The app's digital infrastructure has been blocked, and four associated Telegram channels with 153,000 users have been shut down. Over 53 related videos have been removed from YouTube. The Wingo app lured users with promises of quick financial gains, encouraging them to deposit funds for minor tasks or investments, but then either shut down or blocked accounts after receiving money. Payments were made through UPI or personal wallets, complicating traceability. Users were asked for access to personal data and provided with fake customer care numbers. Android users are advised to avoid apps promising guaranteed profits, verify app legitimacy, and refrain from granting unnecessary permissions. The government recommends uninstalling suspicious apps and reporting them, as well as contacting the cybercrime helpline at 1930 for assistance.

Winsage

January 28, 2026

Google Warns of Active WinRAR Exploits Targeting Unpatched Windows Systems

Google has raised concerns about ongoing cyberattacks exploiting a critical vulnerability in WinRAR, identified as CVE-2025-8088. This vulnerability allows malicious actors to deploy malware and espionage tools on unpatched systems. Users are advised to update WinRAR to the latest version, regularly check for software updates, employ comprehensive security solutions, and stay informed about cybersecurity threats.

Tech Optimizer

January 26, 2026

Do You Still Need Antivirus Software? Here’s What Experts Say

Browser extensions are important for online security, but their effectiveness depends on avoiding pirated software and untrustworthy applications. Regular updates to antivirus software, such as Microsoft Defender, are crucial to prevent vulnerabilities, and it is recommended to configure Windows Security settings for auto-updates. While Microsoft Defender can protect against malware, it may not be sufficient against advanced threats like ransomware and phishing, particularly for individuals handling sensitive data. Alternatives to Microsoft Defender include Bitdefender Total Security and Norton 360, which offer additional features. Upgrading from Windows 11 Home to Pro provides enhanced security features. For enterprise use, AhnLab V3 Endpoint Security and Avast Ultimate Business Security are recommended for their protection and performance.

Tech Optimizer

January 22, 2026

Best Antivirus Software in 2026: Top Picks for Windows, Mac, and Android

Antivirus software remains necessary in 2026 due to evolving cyber threats targeting PCs and smartphones. Free antivirus solutions provide basic protection but lack advanced features like ransomware defense and identity monitoring, making paid versions advisable for users handling sensitive information. Modern antivirus programs are designed to minimize performance impact, even on older devices. Macs and iPhones are not immune to malware, as cyber attackers exploit system permissions and phishing links, necessitating antivirus tools for added protection. Premium antivirus subscriptions offer multi-device coverage, making them practical for families or individuals with several devices.

Tech Optimizer

January 22, 2026

Hackers Weaponized 2,500+ Security Tools to Terminate Endpoint Protection Before Deploying Ransomware

A large-scale campaign is exploiting the truesight.sys Windows security driver from Adlice Software’s RogueKiller antivirus to disable endpoint detection and response (EDR) and antivirus solutions, facilitating the deployment of ransomware and remote access malware. This attack utilizes over 2,500 validly signed variants of the driver, allowing attackers to manipulate legacy driver signing rules to load pre-2015 signed drivers on Windows 11 machines. The vulnerable TrueSight driver exposes an IOCTL command that enables attackers to terminate security processes, providing them with kernel-level access to bypass user-mode protections. The infection chain typically starts with phishing emails or compromised sites, leading to the installation of a downloader that retrieves additional malicious components. The malware establishes persistence and deploys an EDR killer module targeting nearly 200 security products. Once defenses are disabled, the final payload, often a remote access trojan or ransomware, executes with minimal visibility, completing the attack in as little as 30 minutes.

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Winsage

January 15, 2026

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

Microsoft and the U.S. government have issued a warning about a vulnerability in Windows, designated CVE-2026-20805, which is currently being exploited. This flaw allows an authorized attacker to leak a memory address from a remote ALPC port, potentially leading to arbitrary code execution. It has a medium severity rating of 5.5 on the CVSS scale. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog and requires federal agencies to implement a patch by February 3. Additionally, two other vulnerabilities were acknowledged: CVE-2026-21265, a secure boot certificate expiration bypass with a CVSS rating of 6.4, and CVE-2023-31096, an elevation of privilege flaw affecting third-party Agere Modem drivers, rated at 7.8. Two more vulnerabilities, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7.4), are use-after-free flaws in Office that could allow unauthorized code execution.