Google Photos is working on a new feature called "Memories Games" that will create games based on the people, places, and things in your photos and memories.
Gen Digital is a publicly traded company focused on cybersecurity and digital privacy solutions, primarily targeting consumers and small businesses. The company generates revenue through recurring subscriptions for its security and identity protection services, which include antivirus software, VPN services, and identity monitoring. Gen Digital's business model relies on bundling multiple security features into comprehensive offerings, providing predictable revenue and stability in cash flows. The company emphasizes continuous updates to its services to protect against evolving cybersecurity threats. Its growth prospects are linked to trends in cybersecurity spending and the increasing adoption of subscription-based solutions. Gen Digital differentiates itself from competitors by focusing on individual devices and home networks rather than large enterprises. The company also benefits from distribution partnerships that help expand its customer base. Long-term demand for its products is driven by digitalization, cyber risks, and growing consumer awareness of privacy issues. Gen Digital's stock performance is influenced by both company-specific factors and broader market trends in technology and cybersecurity.
Researchers analyzed 281 popular free VPN applications on the Google Play Store and found significant privacy and security shortcomings. The study, conducted by teams from the University of Michigan, the University of New Mexico, and IIT Delhi using a framework called MVPNalyzer, revealed that flagged apps had over 2.4 billion downloads. Key findings included:
- Five apps transmitted configuration files unencrypted, allowing attackers to intercept and modify them.
- 29 apps allowed user traffic to leak outside the encrypted tunnel, with 24 leaking DNS traffic and six leaking full browsing traffic.
- 169 apps made no effort to disguise their traffic, making it identifiable to network operators or government censors.
- 76 apps transmitted the device's Advertising ID to advertisers, and over 80% contacted known advertising and tracking servers.
- Only one of 108 OpenVPN configurations adhered to recommended security practices; 89% used a single authentication method, and nearly 20% employed outdated encryption techniques.
- Many apps passed through Play Store checks without adequate scrutiny, with safety labels often serving as marketing tools rather than security indicators.
These findings align with previous research highlighting similar issues in popular Android VPN apps. Users are advised to be cautious when selecting VPNs, prioritizing those with recent independent security audits.
A 19-year-old named Peter Stokes was detained at Helsinki airport in April 2026 while traveling to Japan, carrying two 2TB hard drives. He was subject to an Interpol Red Notice and faced a federal complaint from U.S. prosecutors by July for his alleged involvement in the Scattered Spider hacking group, which breached a U.S. luxury jewelry retailer in May 2025, leading to a ransom demand. The Global Device Identifier (GDID), developed by Microsoft, is a persistent identifier that uniquely identifies a Windows installation on a device. It links online activities back to a single identity, which law enforcement can use to trace a device's owner. The GDID is generated when a user signs into Windows with a Microsoft Account and remains through updates but does not survive a clean reinstall. Stokes' use of the same Windows device allowed investigators to trace his activities through the GDID, which linked him to the hacking incident. Privacy advocates have raised concerns about the lack of consent for GDID assignment and the potential for surveillance.
Epic Games is offering two complimentary titles for PC users: Nova Lands and Tattoo Tycoon, available until July 16 at 4 PM BST. Nova Lands is a 2D open-world game focused on factory building and exploration, currently rated 89% on Steam, with an average playtime of 19 hours. Tattoo Tycoon is a simulation game where players manage a tattoo parlor, priced at .99 and holding a mixed rating of 61% on Steam. Both games can be claimed at no cost and are yours to keep indefinitely.
Microsoft has confirmed that WSL Containers, which allows users to create and manage Linux containers directly from Windows, is now available on Windows 10. Users must have Windows 10 version 2004 (Build 19041) or later to utilize WSL Containers. The installation process involves checking the Windows build, installing WSL, updating to the container build, confirming the version, and running a test command. WSL Containers support GPU passthrough, enabling CUDA capabilities directly from Windows 10. A text-based UI dashboard for managing WSL Containers, named lazywslc, has also been introduced.
Safeguarding modern devices requires a multifaceted security strategy that includes antivirus software, VPNs, strong authentication methods, and regular system updates. Layered security combines multiple protective measures such as encryption, malware detection, and authentication controls to address diverse threats. Key elements of solid cyber hygiene include strong passwords, timely software updates, phishing awareness, and multi-factor authentication. Network protection is crucial, especially when using public Wi-Fi; users should verify the presence of encryption indicators like "HTTPS" before sharing personal information. Employing WPA3 encryption on home routers and changing default admin credentials are essential safeguards. Regular updates to operating systems and applications help close known vulnerabilities, while safe browsing habits are necessary to avoid potential threats. Antivirus software and anti-phishing tools offer real-time monitoring, and device encryption protects data in case of loss or theft. Regular backups are vital to prevent data loss from ransomware attacks or hardware failures. Phishing-resistant multi-factor authentication and passkeys provide strong defenses against credential-based attacks.
Microsoft Threat Intelligence has identified the GigaWiper malware, which has been detected in compromised environments since October 2025. This malware has destructive capabilities and comes in two forms: standalone wiper binaries and larger binaries with backdoor functionalities, both developed in Golang. The standalone wiper operates at the physical disk level, overwriting disk content and removing partition references. The backdoor variant includes the same wiper functionality and adds persistence through a registry key and scheduled tasks, along with command and control communication via RabbitMQ and Redis.
GigaWiper can execute various commands, including wiping drives, triggering a Blue Screen of Death (BSOD), file encryption that mimics ransomware behavior, and managing system elements. The malware integrates components from multiple malware families, including wipers and ransomware mechanisms, and has been linked to a previous malware known as FlockWiper.
To defend against GigaWiper, organizations are advised to implement security measures such as tamper protection, blocking access to known C2 infrastructure, and utilizing endpoint detection and response solutions. Microsoft Defender provides detections for GigaWiper and related malware, and threat intelligence reports are available for customers to stay informed about threats. Indicators of compromise include specific SHA-256 hashes and IP addresses associated with GigaWiper.
Microsoft has unveiled a destructive Windows backdoor named GigaWiper, which allows operators remote control over compromised systems to execute irreversible damage. GigaWiper originated from cyberattacks in October 2025 and is a composite of code from at least three malware families. It maintains its presence through a scheduled task disguised as “OneDrive Update,” executing at startup and every minute. GigaWiper can obliterate partition information, overwrite physical drives, and restart systems. It also mimics ransomware by encrypting files with the .candy extension, using randomly generated keys that are not stored, making recovery impossible. The malware has connections to the Crucio ransomware and resembles FlockWiper, with rewritten code in Go. GigaWiper features 20 command codes for various functions, including executing PowerShell instructions, managing processes, capturing screenshots, and remote access similar to VNC. It can remain on a system for surveillance until its destructive functions are activated. Microsoft Defender includes detection capabilities for GigaWiper, and users are advised to enable tamper protection and monitor for suspicious activities.
Microsoft is enhancing its security measures for Windows by integrating artificial intelligence (AI) to improve the discovery and analysis of vulnerabilities across its codebase. This includes the use of a multi-model agentic scanning harness (MDASH) that employs various AI models to identify and validate potential vulnerabilities efficiently. A dedicated cloud infrastructure supports this scanning process, which aims to minimize false positives and reduce the time from discovery to customer protection.
The company collaborates across divisions to promote AI-powered tools and practices, refining its internal systems to integrate vulnerability discovery into development processes. This includes updating Secure Development Lifecycle (SDL) practices to address AI-enabled attack techniques. Customers can expect an increase in security updates as AI enhances vulnerability discovery capabilities.
Windows updates undergo rigorous validation through programs like the Security Update Validation Program (SUVP) to ensure quality and compatibility. Microsoft also offers tools like Known Issue Rollback (KIR) for quick reversion of changes if issues arise during updates. Customers are encouraged to stay current with security updates and utilize resources like the Security Update Guide for prioritizing protections.
To facilitate smoother update processes, Microsoft provides optional non-security preview releases for compatibility testing and employs modern management capabilities like Windows Autopatch to automate security updates. Azure Arc enables rebootless updates for Windows Servers, while Microsoft Defender and Intune help manage vulnerabilities and compliance across endpoints.
Overall, Microsoft is committed to continuous improvement in its security practices to adapt to the evolving threat landscape and ensure customer protection through timely updates.