information Archives

BetaBeacon

May 5, 2026

ScarCruft hackers push BirdCall Android malware via game platform

APT37, also known as ScarCruft and Ricochet Chollima, has developed an Android version of the backdoor BirdCall, which serves as spyware in addition to a backdoor. The malware was delivered through a Chinese website that hosts games for Android, iOS, and Windows, targeting only Android and Windows systems. The Android variant of BirdCall has capabilities such as extracting IP geolocation information, collecting contact lists, call logs, SMS data, device information, taking screenshots, recording audio, and exfiltrating files. Users are advised to download software only from official marketplaces and trusted publisher sites to protect against malware infections.

Tech Optimizer

May 5, 2026

The best mobile antivirus software of 2026: Expert tested and reviewed

Bitdefender Mobile Security is currently regarded as the best mobile antivirus software, achieving a 100% detection rate for malware on Android devices according to AV-TEST's August 2025 report. The 2026 version introduces App Anomaly Detection and includes features like Scam Alert and anti-theft tools. Sophos Intercept X for Mobile offers a free version with a perfect score in AV-TEST's comparisons and features such as multi-factor authentication and a Privacy Advisor. Surfshark Antivirus, part of the Surfshark One package, scored six out of six in AV-TEST's evaluations and includes various security tools, but is only available for Android, macOS, and Windows. Avast Mobile Security is a popular free option with robust features and achieved perfect scores in protection and usability in AV-TEST's September-October 2025 report. AVG Antivirus, operating on the same engine as Avast, also detected 100% of malware in AV-TEST's March-April 2025 evaluations and includes anti-theft tools.

AppWizard

May 5, 2026

North Koreans Spy on Defectors Via Android Game Apps

A North Korean hacking group has targeted a digital gaming platform popular among the Korean ethnic enclave in China, using a sophisticated strategy to infiltrate Android applications. Researchers from Eset discovered that an app on the platform contained a backdoor known as BirdCall, linked to North Korea. The official website for the gaming platform hosted the same suspicious APK file. A second Android file associated with another game on the same site was also found to contain the BirdCall backdoor. This supply-chain attack was attributed to the threat actor ScarCruft (APT37), active in Asia and extending into Europe and the Middle East since late 2024. The hackers likely compromised the web server to recompile original APKs with the backdoor, which can collect sensitive information such as contacts, SMS messages, call logs, documents, media files, and private keys, and can take screenshots and record audio. The malware disguises its command and control traffic among regular internet traffic, primarily using Zoho WorkDrive for operations.

Winsage

May 5, 2026

Microsoft’s new Windows 11 Run dialog is faster than the Windows 95-era version it’s replacing

Microsoft is developing a modernized version of the Run dialog for Windows 11, featuring a streamlined design created using C# and WinUI 3. The new Run dialog has a median "time-to-show" of 94 milliseconds, which is an improvement over the old dialog's 103 milliseconds. This new version is designed to be more functional and user-friendly, allowing users to quickly access their home directory and supporting dark mode. The modern Run dialog is currently being rolled out as an opt-in feature for Insiders in the Experimental Channel.

Winsage

May 4, 2026

Microsoft Debloats Windows 11 Widgets In Preview Builds, UI Significantly Improved

Windows 11 is undergoing enhancements under the initiative "Windows K2" in response to user criticism. The latest Preview Build 26300.8346 features a revamped widgets panel, introducing a new subsection titled “Widgets is quiet by default” to minimize distractions. Key changes include disabling open-on-hover for the widgets panel, turning off taskbar badging, limiting the widgets experience to the first launch, and minimizing taskbar alerts. These adjustments aim to create a more coherent presentation of information and address critiques of Windows 11’s user interface. Microsoft is facing competition from macOS and Linux, and concerns over reliability and performance have affected Windows 11’s reputation.

Winsage

May 4, 2026

Microsoft confirms April Windows updates cause backup failures

Microsoft has acknowledged that the April 2026 security updates have disrupted the functionality of various third-party backup applications using the psmounterex.sys driver, raising concerns among users. The issue primarily affects software leveraging the Volume Shadow Copy Service (VSS) snapshots, leading to failures due to VSS service timeouts. Notable impacted products include Macrium Reflect, Acronis Cyber Protect Cloud, UrBackup Server, and NinjaOne Backup, used on Windows 11, Windows Server, and Windows 10 devices. Disruptions can manifest as failures to mount backup image files, errors or timeouts when browsing or restoring from backup images, and error messages related to VSS timeouts. Microsoft updated its support documentation to clarify that the April updates included a security hardening change that added psmounterex.sys to the vulnerable driver blocklist to protect against a high-severity buffer overflow vulnerability (CVE-2023-43896). Affected users are advised to upgrade to newer application versions with updated drivers and not to uninstall or pause the security update. Users can check if the Microsoft Vulnerable Driver Blocklist is blocking a driver by looking for Event ID 3077 in the Code Integrity Operational log. Additionally, Microsoft has alerted users that some Windows Server 2025 devices may boot into BitLocker recovery mode after installing the KB5082063 update and has issued out-of-band updates to address installation failures and restart loops affecting Windows Server systems after the April 2026 updates.

Tech Optimizer

May 4, 2026

Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, leading to their removal from Windows systems globally. This issue arose after a Defender signature update on April 30th, with affected certificates including 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 and DDFB16CD4931C973A2037D3FC83A4D7D775D05E4. The certificates were removed from the AuthRoot store under the Registry key HKLMSOFTWAREMicrosoftSystemCertificatesAuthRootCertificates. Microsoft has addressed the issue in Security Intelligence update version 1.449.430.0, which also restored the removed certificates. The false positives were linked to detections related to a recent DigiCert breach, where threat actors obtained valid code-signing certificates used for signing malware. DigiCert revoked 60 code-signing certificates, including those linked to the "Zhong Stealer" malware campaign. The malware utilized certificates issued to companies like Lenovo and Kingston, but the certificates flagged by Microsoft Defender are root certificates and do not correspond to the revoked code-signing certificates.

AppWizard

May 4, 2026

Marathon (1994) and Marathon (2026) are at opposite ends of FPS history, but playing them at the same time I’m finding they have a lot in common, despite their vast differences

In a bio-research lab in Dire Marsh, graffiti reading “THAKGODITSYOU. THANKODDITSYOU. THAANKGODITSYOU. THANKOOOITSYOU.” has become notable, appearing in Marathon's promotional art. The modern version of Marathon emphasizes information gathering, similar to its 1994 predecessor, which featured an Alien-inspired motion tracker and a fusion pistol with a distinctive firing mechanism. The game explores themes of disconnection between body and consciousness, with options available in the Aleph One port on Steam to alleviate motion sickness. The lore includes concepts of runners and their shells, highlighting the struggle against disconnection and the pursuit of freedom, as articulated by the character Durandal.

AppWizard

May 4, 2026

UTD Pre-Med Students Are Treating Virtual Patients in a Minecraft World

The University of Texas at Dallas has introduced a class for pre-med students called “Experiential Medical Reasoning,” which uses the video game Minecraft to create a virtual hospital environment for patient care. Students engage with a playbook within the game to make decisions about tests, patient examinations, and diagnoses. The virtual hospital is a digital replica of Parkland Memorial Hospital in Dallas, developed by IvyBee, a startup founded by Dr. Walter Voit. The initiative is part of a trend of using Minecraft for educational purposes, with positive feedback from students who appreciate the gamified learning approach.

AppWizard

May 4, 2026

Love Albany sets ‘Minecraft,’ ‘Hoppers’ for free summer movie series

Love Albany has announced the schedule for its annual summer series, “Movies Under the Stars,” which includes four film screenings in different parks in Albany. The event is a collaboration with the city’s Office of Cultural Affairs, Albany Community Land Trust Gun Violence Prevention, Lincoln Park Alliance, the RED Bookshelf, and the Pine Hills Neighborhood Association. Pre-show festivities will include lawn games, nonprofit information booths, complimentary popcorn, and a bounce house. The event is supported by the city’s Department of Recreation, Albany Public Library, and Honest Weight Co-op.