North Korean hackers targeted ethnic Koreans in China with a malware disguised as a popular Android mobile game called BirdCall, allowing them to steal personal data from victims.
A fraud network called FEMITBOT has emerged, using Telegram's Mini App feature to conduct investment scams and distribute malware. Identified by the research firm CTM360, the network operates through API responses and presents itself as organized. The scams involve Telegram Mini Apps that display phishing pages, fake dashboards showing fictitious earnings, and urgency tactics to pressure users into making quick decisions. FEMITBOT mimics well-known brands like Apple and Coca-Cola to enhance credibility and disseminates Android malware disguised as legitimate applications. The operation is highly organized, utilizing marketing tools to optimize their scams. Users are warned to be cautious of bots requesting deposits before granting access to funds.
APT37, also known as ScarCruft and Ricochet Chollima, has developed an Android version of the backdoor BirdCall, which serves as spyware in addition to a backdoor. The malware was delivered through a Chinese website that hosts games for Android, iOS, and Windows, targeting only Android and Windows systems. The Android variant of BirdCall has capabilities such as extracting IP geolocation information, collecting contact lists, call logs, SMS data, device information, taking screenshots, recording audio, and exfiltrating files. Users are advised to download software only from official marketplaces and trusted publisher sites to protect against malware infections.
A North Korean hacking group has targeted a digital gaming platform popular among the Korean ethnic enclave in China, using a sophisticated strategy to infiltrate Android applications. Researchers from Eset discovered that an app on the platform contained a backdoor known as BirdCall, linked to North Korea. The official website for the gaming platform hosted the same suspicious APK file. A second Android file associated with another game on the same site was also found to contain the BirdCall backdoor. This supply-chain attack was attributed to the threat actor ScarCruft (APT37), active in Asia and extending into Europe and the Middle East since late 2024. The hackers likely compromised the web server to recompile original APKs with the backdoor, which can collect sensitive information such as contacts, SMS messages, call logs, documents, media files, and private keys, and can take screenshots and record audio. The malware disguises its command and control traffic among regular internet traffic, primarily using Zoho WorkDrive for operations.
Microsoft has confirmed a critical bug in its latest cumulative update, affecting millions of Windows 10 and Windows 11 users. The issue leads to a "Restart and Shut Down" loop, preventing users from completing the update and locking them out of their devices. This disruption is particularly severe for corporate IT departments, with reports of entire office networks being paralyzed. The problematic update, identified as KB5037853, was meant to address security vulnerabilities but has caused systems to display an endless "Update and Restart" message. Some users experience a "Blue Screen of Death" (BSOD) and may be forced into "Recovery Mode." Microsoft is working on a "Known Issue Rollback" (KIR) to automatically undo the problematic code for consumer machines, while enterprise users may require manual intervention. The downtime is projected to result in significant financial losses, with large enterprises potentially losing up to ,600 per minute of unplanned downtime. Affected versions include Windows 11 22H2, 23H2, and Windows 10 22H2. Symptoms include failure to shut down, BSOD on boot, and missing Start menu icons. The estimated downtime ranges from 4 to 12 hours, depending on IT response speed. Critics have raised concerns about Microsoft's development process, suggesting it places users in the role of beta testers.
Experts advise against postponing Windows updates, as Microsoft has introduced features allowing users to control when updates occur. Users can pause updates for up to 35 days indefinitely, but delaying updates can lead to security vulnerabilities. Microsoft releases several types of updates: security updates, feature updates, quality updates, driver updates, optional updates, out-of-band updates, and zero-day updates. Zero-day updates are critical and should be installed immediately to avoid exploitation. Recent reports indicate that critical OS patching for Windows 10 and 11 is lagging by an average of 256 days, increasing the risk of cyber incidents.
The Riven Tides update for Arc Raiders introduced a new map and the Turbine threat but did not resolve ongoing cheating issues, leading to player dissatisfaction, including Tyler 'Ninja' Blevins' departure from the game. Since its launch in October 2025, player engagement has declined, with the average player count dropping from 241,000 in January 2026 to 76,000 in April 2026. Cheating has become widespread, affecting many players and compromising gameplay integrity. Embark Studios has acknowledged the problem and is working on solutions, but community frustration is growing, with many players leaving the game.
Windows 10 support ended in October 2024, leaving systems vulnerable to security threats. A lifetime license for Windows 11 Pro is currently available for .97, regularly priced at 9, with the offer expiring on May 3 at 11:59 PM. Windows 11 Pro includes features such as Microsoft Copilot, TPM 2.0, BitLocker encryption, Smart App Control, biometric recognition, Snap Layouts, improved memory management, DirectX 12 Ultimate, Windows Sandbox, and Hyper-V.
A group of hackers has declared Denuvo, a digital rights management (DRM) software, as "fully useless" after successfully bypassing its protections, which have been in place since 2014. They achieved this through two main strategies: direct cracking, which removes Denuvo from games, and hypervisor bypass, which deceives Denuvo into functioning normally. These methods have been applied to games like Crimson Desert and Resident Evil Requiem. Recently, a prominent hacker announced the release of hypervisor bypasses for EA Sports games, confirming that all games using Denuvo can now be played for free.
Windows 11 Pro keys are currently available for .97, offering an economical upgrade option that enhances software compatibility and security. The operating system includes features like Snap Layouts, multiple desktops, BitLocker encryption, Smart App Control, biometric logins, and an integrated AI assistant called Copilot. These enhancements aim to improve workflow management and security for businesses handling sensitive information. Upgrading to Windows 11 Pro can rejuvenate existing hardware performance, and the offer is significantly reduced from the MSRP of 9. Prices are subject to change.
