Google Chrome Archives

Winsage

January 14, 2026

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

On Tuesday, Microsoft released its first security update for 2026, addressing 114 vulnerabilities, including eight classified as Critical and 106 as Important. The vulnerabilities include 58 related to privilege escalation, 22 concerning information disclosure, 21 linked to remote code execution, and five categorized as spoofing flaws. A notable vulnerability, CVE-2026-20805, involves information disclosure within the Desktop Window Manager (DWM) and has a CVSS score of 5.5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement fixes by February 3, 2026. Additionally, Microsoft announced the expiration of three Windows Secure Boot certificates issued in 2011, effective June 2026, urging customers to transition to newer certificates to avoid disruptions. The update also removed vulnerable Agere Soft Modem drivers due to a local privilege escalation flaw (CVE-2023-31096) and addressed another critical privilege escalation flaw in Windows Virtualization-Based Security (CVE-2026-20876) with a CVSS score of 6.7. Other vendors, including Adobe, Amazon Web Services, and Cisco, have also released security patches for various vulnerabilities.

Winsage

January 6, 2026

Microsoft’s latest ad proves even its own marketing team won’t use Edge

Microsoft's recent advertisement for PC gaming featured Google Chrome pinned to the taskbar of a Windows computer, despite the company's promotion of its own browser, Microsoft Edge. The ad displayed Chrome prominently early in the video, which is notable given that nearly 95% of Steam gamers use Windows, with 70.83% having upgraded to Windows 11. Although Windows dominates the gaming sector, there is a growing interest in alternatives like Linux, which now supports about 90% of Windows games, though major titles remain unavailable due to anti-cheat systems. The inclusion of Chrome in the ad is seen as an anomaly, as promotional content typically avoids showcasing competitors. It is also noted that not all Microsoft employees exclusively use Microsoft Edge, suggesting a disconnect between the company's advertising and user behavior.

Winsage

January 1, 2026

If ChatGPT Atlas browser lands on Windows 11, Microsoft Edge already looks ready to “intercept” it with Edge/Bing upsell

Microsoft has a history of discouraging users from downloading Chrome through its Edge browser and Bing search engine. This practice may extend to OpenAI’s upcoming ChatGPT Atlas, which is designed as an agentic browser. Currently, searches for Google Chrome on Bing prompt users to continue using Edge, highlighting its features. If users attempt to download Chrome directly, they receive reminders of Edge's advantages. Microsoft is reportedly preparing to intercept the launch of ChatGPT Atlas on Windows, as indicated by experimental flags found in Edge Canary. These flags suggest that Edge will attempt to redirect users from ChatGPT Atlas, similar to its approach with Chrome. ChatGPT Atlas can autonomously navigate the web based on user prompts, posing a potential challenge to Edge's popularity. Microsoft is likely concerned about losing users to ChatGPT Atlas, which offers more advanced agentic functionalities than Edge's Copilot feature.

AppWizard

December 22, 2025

Frogblight Malware Targets Android Users With Fake Court and Aid Apps

A new Android-based Trojan named Frogblight is targeting mobile users in Turkiye to steal funds from bank accounts. Identified by Kaspersky's Securelist in August 2025, it spreads through smishing, where scammers send deceptive SMS messages about legal court cases or financial aid. These messages often include links to download malicious applications disguised as legitimate support tools. The malware, which can conceal itself and deactivate on simulated devices or within the U.S., requests extensive permissions to access SMS messages and device storage. Once installed, it opens a legitimate government website to appear credible and injects JavaScript to record keystrokes during banking logins. Recent versions have added keylogging, contact list theft, and private call log collection. The malware has evolved to disguise itself as the Google Chrome browser and other tools, and its source code is available on GitHub, indicating it may be marketed as malware-as-a-service. Kaspersky advises users to avoid downloading APK files from untrusted sources and to scrutinize app permission requests.

AppWizard

December 21, 2025

5 Essential Android Web Browsers That Can Replace Google Chrome

Chrome on Android has features that could enhance browsing, such as NotebookLM's ability to turn websites into AI podcasts, but it is resource-intensive and has limited customization options. It also has extensive data collection practices that may raise privacy concerns. Alternatives to Chrome include: - Firefox: An open-source browser emphasizing privacy and security, featuring Enhanced Tracking Protection, extension support, a robust incognito mode, and a built-in password manager. It allows customization and synchronization across devices. - Microsoft Edge: Integrates well with Microsoft services, includes Copilot AI for summarizing content, and supports extensions. It has features like Drop for secure sharing and alerts for compromised credentials. - Brave: Focuses on privacy and security with built-in ad and tracker blocking, an integrated VPN, and a password manager. It operates on the Chromium engine and includes a crypto wallet and a private AI assistant. - DuckDuckGo: A lightweight browser prioritizing user privacy with a clean interface, DuckDuckGo Search, and features like the Fire button for clearing data. It offers email alias creation and local firewall protection. - Vivaldi: Highly customizable, allowing users to personalize the interface extensively. It includes tracker and ad blocking, incognito mode, sync support, and a built-in notes tool, but has a longer update cycle. The selection of these browsers was based on their unique features, privacy credentials, and user feedback, ensuring they are actively developed and trustworthy.

Winsage

December 18, 2025

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A newly identified cyber threat cluster called LongNosedGoblin has been linked to cyber espionage attacks targeting governmental entities in Southeast Asia and Japan, with activities traced back to at least September 2023. The group uses Group Policy to spread malware and employs cloud services like Microsoft OneDrive and Google Drive for command and control. Key tools include NosyHistorian, NosyDoor, NosyStealer, NosyDownloader, and NosyLogger, which perform functions such as collecting browser history, executing commands, and logging keystrokes. ESET first detected LongNosedGoblin's activities in February 2024, identifying malware on a governmental system. The attacks showed a targeted approach, with specific tools affecting select victims. Additionally, a variant of NosyDoor was found targeting an organization in an EU country, indicating a possible connection to other China-aligned threat groups.

BetaBeacon

December 17, 2025

HappyMod: The Best Site for Android Modded Apps and Games

HappyMod is a nonofficial Android application that allows users to download unique modded applications, also known as APK games, which offer benefits such as unlocking premium features, obtaining in-game currencies, and removing ads. HappyMod offers a wide selection of modified applications in various categories, making it a flexible platform for users with different interests. The process of using HappyMod involves installation, user navigation, searching for modded apps, downloading the APK, configuring the device for installation, and using the modified functionalities. HappyMod is popular among Android users for providing access to premium features for free, offering free mods for purchase-required games, and giving users greater control over their apps. In terms of safety, users should download HappyMod from trusted sources, install antivirus software, read user reviews, and avoid downloading mods from unknown third-party sites to prevent risks such as account bans, malware, and copyright violations.

Winsage

December 15, 2025

Repurposing an ‘Obsolete’ Windows 10 Laptop into a Thin Client, Part 2 — Virtualization Review

The article discusses the potential of extending the lifespan of aging Windows 10 hardware by repurposing it with 10ZiG's RepurpOS, particularly on a Dell Latitude E7440. It evaluates how well RepurpOS handles Virtual Desktop Infrastructure (VDI) workloads, including tests with Microsoft Office applications, high-resolution video streaming, and unified communications via Zoom. The performance during these tests was comparable to that of a Windows 11 system. RepurpOS supports dual-monitor setups and utilizes Multimedia Redirection (MMR) to optimize unified communications processing. It also allows access to SaaS applications through a local web browser, with Google Chrome functioning smoothly for tasks like streaming and using MS Office 365. Additionally, 10ZiG introduced the 10ZiG Secure Browser to enhance web security for businesses. The dual monitor support was confirmed, allowing for independent and mirrored display modes.

AppWizard

November 26, 2025

Hackers Bypass Signal, Telegram And WhatsApp Encryption To Read Messages

CISA has issued a warning about spyware targeting users of instant messaging applications, particularly highlighting the Sturnus trojan, which poses significant risks to Android smartphone users. Sturnus, identified as a banking trojan, can bypass encrypted messaging by capturing messages after they are decrypted on the smartphone screen, rather than cracking the encryption itself. Security expert Aditya Sood noted that Sturnus uses a combination of plaintext, RSA, and AES-encrypted communication, complicating detection efforts. The trojan can read everything displayed on the smartphone screen in real time, including sensitive messages and contacts. CISA also identified tactics used by cyber threat actors, such as phishing, zero-click exploits, and impersonation to gain unauthorized access to messaging apps. Users are advised to keep Google’s Play Protect activated, avoid unauthorized app stores, and be cautious with accessibility permissions to protect against these threats.

Tech Optimizer

November 17, 2025

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

The threat actor Dragon Breath, also known as APT-Q-27 and Golden Eye, has been observed using a multi-stage loader called RONINGLOADER to deploy a modified variant of the remote access trojan Gh0st RAT, primarily targeting Chinese-speaking users. The campaign employs trojanized NSIS installers disguised as legitimate applications, such as Google Chrome and Microsoft Teams. The infection chain utilizes various evasion techniques, including a legitimately signed driver, custom Windows Defender Application Control policies, and manipulation of the Microsoft Defender binary. RONINGLOADER's attack chain involves delivering a DLL and an encrypted file labeled "tp.png," which contains shellcode. It attempts to neutralize security products by terminating processes associated with popular antivirus solutions in the region. Specific actions are taken against Qihoo 360 Total Security, including blocking network communication, injecting shellcode into the Volume Shadow Copy service, and restoring firewall settings. For other security processes, RONINGLOADER directly writes a driver to disk to perform process termination. The malware aims to inject a rogue DLL into "regsvr32.exe" to conceal its activities and launch a next-stage payload into high-privilege system processes. The final payload is a modified version of Gh0st RAT, capable of communicating with a remote server, configuring Windows Registry keys, clearing Windows Event logs, and capturing keystrokes and clipboard contents. Additionally, two interconnected malware campaigns identified by Palo Alto Networks Unit 42 employed brand impersonation to deliver Gh0st RAT to Chinese-speaking users. The first campaign, Campaign Trio, occurred between February and March 2025, while the second, Campaign Chorus, detected in May 2025, impersonated over 40 applications. Both campaigns utilized complex infection chains and trojanized installers hosted on domains that circumvented network filters. The second campaign also involved an embedded Visual Basic Script for launching the final payload through DLL side-loading.