NewApp Digest
search bot

hackers

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores
AppWizard
June 15, 2026

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

A trojan named Android.MagicAd.1 has been identified as a significant threat to Android users, capable of delivering persistent background advertisements by circumventing built-in defenses. Detected in 2025, it has spread through over 50 infected games and utility applications, infiltrating both dubious download sites and official app stores like the Samsung Galaxy Store and Xiaomi’s GetApps. The malware employs a strategy of rotating applications to evade detection, remaining active on user devices after download. It uses hidden, encrypted components within native code libraries and conducts environment checks to avoid monitoring before launching its payload. Android.MagicAd.1 bypasses Android's restrictions by targeting trusted system applications, utilizing methods that vary by device manufacturer. For example, it uses a delayed system command on Xiaomi and Amazon devices, exploits Android Binder on Vivo devices, and employs a universal fallback method for other brands to gain priority for displaying ads. All identified malicious applications have been removed from official stores, but the campaign highlights the vulnerability of security software.
Hackers Use Fake Windows Update Installers to Deliver OnyxC2 Credential Stealer
Winsage
June 12, 2026

Hackers Use Fake Windows Update Installers to Deliver OnyxC2 Credential Stealer

OnyxC2 is a sophisticated credential stealer available for a subscription fee of 0 per month, distributed through disguised lures such as fake Windows updates and legitimate software installers. It functions as a commercial product with features like an automated payload builder, tiered licensing, and a centralized web dashboard. The malware boasts a 99% detection-evasion rate, successfully evading major antivirus solutions during tests. It is developed in C++, utilizing direct system calls and mutating with each build to avoid detection. OnyxC2 collects data from around 210 applications, targeting 45 web browsers, password managers, cryptocurrency wallets, and FTP clients. The malware is delivered using DLL sideloading, where a password-protected archive contains a legitimate application and a malicious DLL. The attacker's DLL is disguised by inflating its size and is loaded by a trusted binary. The malicious code remains encrypted on disk and decrypts in memory to evade analysis. OnyxC2 communicates with a Cloudflare-fronted command-and-control server to manage infected hosts and execute commands like hardware registration and cookie uploads. The threat extends to business environments, targeting FTP and email clients, with stolen session cookies allowing ongoing access to corporate infrastructure. Implementing anti-data exfiltration controls is recommended as a mitigation strategy.
This New Computer Virus Is Disguising Itself As A Popular Video Game
AppWizard
June 9, 2026

This New Computer Virus Is Disguising Itself As A Popular Video Game

Old-school gaming consoles are seeing a resurgence, but hackers are exploiting this trend with a malware campaign called "WeedHack," which emerged in January. This malware operates on a "Malware-as-a-Service" model, allowing users to purchase it to infect victims. WeedHack functions as a remote access infostealer, compromising computers to manipulate screens, access webcams, and steal sensitive data. It propagates by enticing users with unofficial "Minecraft" mods and clients, often using videos and download links as bait. Additionally, it employs "SEO poisoning" to promote fake websites as legitimate sources for these mods on platforms like Discord and Reddit. WeedHack disguises itself as a JAR file, similar to the official "Minecraft" client, and once executed, it installs its payload from Ethereum server domains. It can insert itself into antivirus exclusion lists, evading detection, and McAfee's tests show that Windows Defender is ineffective against it. The malware collects extensive information, including Wi-Fi networks and browser cookies, and grants hackers complete control over infected computers. The WeedHack virus serves as both malware and a training ground for aspiring hackers, structured into two tiers: a free version with core capabilities and a paid subscription for advanced features. A community has formed around WeedHack, offering tutorials, a Discord server, and a website for feature requests and custom payload creation. This community aspect lowers the barrier for newcomers, particularly targeting a younger audience that may not understand online safety.
Hackers Use Fake Purchase Orders to Deploy JS.MonoGlyphRAT Targeting US Enterprises
Tech Optimizer
June 6, 2026

Hackers Use Fake Purchase Orders to Deploy JS.MonoGlyphRAT Targeting US Enterprises

Researchers have identified a new malware called JS.MonoGlyphRAT, which disguises itself as business documents to infiltrate corporate networks. It is primarily spread through phishing emails targeting various sectors in the U.S. and has been reported in countries like Germany, Sweden, and Australia. The malware is classified as "Unknown malware" on threat intelligence platforms, making traditional antivirus solutions ineffective. It establishes a persistent presence in the network by executing a JavaScript file and communicating with command-and-control (C2) servers over HTTP. Key indicators of compromise include unusual HTTP traffic, registry changes, and the execution of specific JavaScript files. The malware can download additional payloads and execute commands without leaving traces on disk. Indicators of compromise include specific IP addresses, URLs, file hashes, and registry keys associated with the malware's operation.
Teens are using $5 WeedHack malware to target Minecraft players
AppWizard
June 4, 2026

Teens are using $5 WeedHack malware to target Minecraft players

A recent cybersecurity analysis from McAfee Labs has revealed a malware campaign involving WeedHack, which has garnered over 116,000 hits and is accumulating 2,000 to 3,000 malicious hits daily. WeedHack is marketed as malware-as-a-service (MaaS) and is accessible on the internet, allowing individuals with minimal technical skills to use it for harmful activities. A dedicated Telegram channel for WeedHack has over 850 members, many of whom are teenagers and young adults using the malware for cyberbullying. The malware spreads primarily through YouTube videos promoting Minecraft mods, which often conceal the WeedHack malware. Additionally, bad actors use SEO poisoning tactics to elevate fake websites posing as legitimate Minecraft clients. McAfee lists several legitimate clients targeted by WeedHack, including Meteor Client, Radium Client, and Wurst Client. For an additional fee, attackers can access premium features like webcam access, keylogging, and file management. McAfee advises players to be cautious when downloading mods and to seek help from trusted adults if approached by individuals claiming to have compromised their systems.
Meta rolls out Meta Business Agent globally on WhatsApp, Instagram, and Messenger
AppWizard
June 4, 2026

Meta rolls out Meta Business Agent globally on WhatsApp, Instagram, and Messenger

Meta is expanding its Meta Business Agent, a feature that enhances customer engagement using artificial intelligence. This global rollout follows a successful testing phase called "Business AI," which began in October 2024 in markets like India, Mexico, and Brazil, involving over one million active shops. The Meta Business Agent functions across WhatsApp, Instagram, and Messenger, helping businesses with customer inquiries, lead management, appointment scheduling, and product suggestions. Initially available to select businesses on the WhatsApp Business app, Instagram Pro, Messenger, and Meta Business Suite, the service will evolve to handle daily operations such as market research and competitive analysis. Businesses can join a waitlist for early access. The Business Agent adapts to a brand's voice and facilitates customer interactions. Meta is also launching the Meta Business Agent Platform for creating and managing virtual assistants, integrating with services like Shopify and Zendesk. However, there have been security concerns, including hackers accessing Instagram accounts through the Meta AI support assistant.
868-Back makes hacking as cool as '90s Hollywood thought it was
AppWizard
June 4, 2026

868-Back makes hacking as cool as ’90s Hollywood thought it was

868-Back is a roguelike puzzle game created by Michael Brough, set on randomly generated 6x6 grids where players navigate through eight floors filled with enemies. Players use limited resources to acquire weapons and currency while accumulating points, with each collected item spawning additional adversaries. The game features single-screen gameplay that encourages strategic thinking and adaptability, transforming the grid into a dynamic environment for creative play. It builds upon Brough's earlier title, 868-Hack, while expanding its scope and offering constant surprises.
This compact antivirus protection package is now less than £25 — Norton 360 has everything you need to secure your devices against malware, ransomware, and hacking
Tech Optimizer
May 29, 2026

This compact antivirus protection package is now less than £25 — Norton 360 has everything you need to secure your devices against malware, ransomware, and hacking

Norton 360 Standard is currently available for £25, down from its regular price of £70 for the first year. It protects up to three devices from threats like malware and ransomware and includes features such as cloud backup, a VPN, and a password manager. It has a Scam Protection feature that identifies scams in messages and deepfake videos, and an AI Genie for user support. Norton 360 is consistently ranked among the top three antivirus solutions and has received high marks from AV-Comparatives and AV-TEST. It secures internet traffic on public Wi-Fi networks and offers 10GB of cloud backup to protect important files. The deal auto-renews at the standard price after the first year.
Search