keystroke Archives

Winsage

March 16, 2026

Microsoft has lost the plot: 5 Windows “features” nobody asked for

Windows 11 has faced criticism for design choices that prioritize corporate interests over user experience, including aggressive monetization strategies and privacy concerns. The Recall app was designed to take frequent screenshots of the desktop but functioned like a keylogger, leading to privacy issues. Initially set to be enabled by default on new Copilot+ PCs, backlash prompted Microsoft to make it an opt-in feature during setup, allowing users to uninstall it. Microsoft also introduced biometric encryption and moved screenshot processing to secure enclaves for data protection. The Start Menu has shifted to include third-party advertisements in the "Recommended" section, turning it into a platform for promotions rather than a personal navigation tool. Microsoft replaced the right Control or Menu key with a dedicated Copilot key, disrupting standard keyboard layouts and complicating workflows for users. Setting up a new PC now requires an active internet connection and a Microsoft account, making it difficult to operate without relinquishing digital identity. This change illustrates a shift towards subscription revenue and data collection. Windows 11 often ignores users' default browser choices, defaulting to Microsoft Edge and Bing for web searches initiated from the taskbar, reflecting a trend of prioritizing Microsoft's ecosystem over user autonomy. These developments indicate a strategy by Microsoft to erode user control, suggesting users are becoming products rather than customers as the company focuses on data collection and subscription services.

Tech Optimizer

February 19, 2026

We all need digital protection and the ESET Home Security Plan is the bees knees

ESET's HOME Security Ultimate is available for .99, down from its original price of .99, offering a 50% discount. The package includes features such as unlimited VPN, dark web scanning for identity protection, credit report monitoring, identity threat alerts, Social Security Number tracking, lost wallet assistance, and million insurance coverage. It provides real-time protection against malware, advanced AI-powered threat detection, a robust firewall, and network shield. The plan emphasizes proactive identity protection and secure online activities, including safe banking and browsing modes.

Winsage

January 18, 2026

Microsoft says Windows 11 AI PCs put the “plus” in productivity because they’re 5x faster than old Windows 10 PCs, beat M4 MacBook

Microsoft has not clarified the reasoning behind the “Plus” designation for its Copilot+ PCs, which are described as AI-enhanced devices with notable upgrades in hardware and performance. These PCs can reach speeds up to 5x faster than a 5-year-old Windows device and outperform a MacBook Air with the M4 chip. Microsoft claims that Copilot+ PCs enhance “everything Windows 11 does best” and are “up to five times quicker than a 5-year-old Windows 10 device.” The company conducted benchmarks between June and September 2025, claiming that Copilot+ PCs outperform an “average” 5-year-old Windows PC by up to 5x in Cinebench 2024 multi-core performance, although the results have not been made public. Copilot+ machines exhibit up to 3.7x faster AI performance compared to previous-generation Windows 11 AI PCs, with a maximum of 40 TOPs of NPU compared to earlier models' 15 TOPs. Battery life is also improved, offering up to 19 hours of web browsing, 27 hours of local video playback, and 22 hours of streaming. Microsoft asserts that its top-performing Copilot+ PCs surpass the M4 in Cinebench 2024 multi-core tests. The Copilot key is emphasized for its utility in multitasking and quick responses, benefiting students and professionals alike.

AppWizard

January 8, 2026

Google is quietly making the Pixel Launcher faster with a new shortcut

Google is rolling out an upgrade to the Pixel Launcher that allows users to launch applications by typing part of the app's name and pressing the Enter key on their keyboard. This change eliminates the need to tap on the app icon from search results, making the app-launching process more efficient. Previously, pressing the bottom-right button on the keyboard would trigger a Google Search instead of launching the app, but the update changes this button to an arrow or Enter key when an app match is detected. This enhancement improves one-handed usability and reflects Google's commitment to refining user experience. The rollout is server-side and not tied to a specific app update, with some users already experiencing the new functionality while others have not yet seen it.

AppWizard

December 22, 2025

Frogblight Malware Targets Android Users With Fake Court and Aid Apps

A new Android-based Trojan named Frogblight is targeting mobile users in Turkiye to steal funds from bank accounts. Identified by Kaspersky's Securelist in August 2025, it spreads through smishing, where scammers send deceptive SMS messages about legal court cases or financial aid. These messages often include links to download malicious applications disguised as legitimate support tools. The malware, which can conceal itself and deactivate on simulated devices or within the U.S., requests extensive permissions to access SMS messages and device storage. Once installed, it opens a legitimate government website to appear credible and injects JavaScript to record keystrokes during banking logins. Recent versions have added keylogging, contact list theft, and private call log collection. The malware has evolved to disguise itself as the Google Chrome browser and other tools, and its source code is available on GitHub, indicating it may be marketed as malware-as-a-service. Kaspersky advises users to avoid downloading APK files from untrusted sources and to scrutinize app permission requests.

Winsage

December 17, 2025

Why a Dual Monitor Setup Makes Sense

A dual monitor setup enhances productivity by allowing users to multitask efficiently without the need for constant tab-switching. It enables activities such as participating in virtual meetings while taking notes or editing photos with previews. Microsoft’s Copilot+ PCs significantly improve performance, being faster than older devices. Users can optimize their workflow by using the laptop screen for communication tasks and the second monitor for focused work. Setting up a second monitor on Windows is simple, involving connections via HDMI, USB-C, or DisplayPort, and adjusting display settings. Suggestions for monitors include budget-friendly options, portable monitors, and accessories like stands and docking stations. Windows 11 features like Snap layouts help organize windows effectively on dual screens.

Tech Optimizer

December 9, 2025

Warning! Engineered Linux Malware Can Bypass Next-Gen Anti-Virus Solutions – Open Source For You

The author created a custom reverse TCP payload using Python, packaged it into an .elf executable, and tested its stealthiness against antivirus software. The payload included functionalities such as webcam snapshots, keylogging, screen capture, and file transfers. Established tools for obfuscation often triggered antivirus alerts, prompting the author to develop a custom solution to avoid signature-based detection, maintain behavioral control, and gain insights into detection engines. The payload was designed to connect back to the attacker's machine and execute commands, while the listener processed incoming data. After compiling the binary, it was submitted to VirusTotal, where only four out of 64 antivirus engines flagged it, indicating that custom code can bypass many next-gen antivirus products.

Winsage

December 1, 2025

Microsoft says AI agents are “risky”, but it’s moving ahead with the plan on Windows 11

Microsoft is integrating AI agents into Windows 11, despite acknowledging risks such as hallucinations, unpredictable behavior, and vulnerabilities to cyber threats like Cross Prompt Injection (XPIA). The company plans to transform every Windows 11 PC into an AI-powered machine by introducing features like Copilot Voice, Copilot Vision, and Copilot Actions. The Windows 11 taskbar will feature a new "Ask Copilot" interface for users to interact with AI agents. These agents will operate under separate accounts with limited permissions, controlled folder access, and tamper-evident logs, but still have access to personal folders like Documents and Downloads. The Agent Workspace is a key feature that allows AI agents to perform tasks in a controlled environment, separate from the user's session. Agents can interact with applications and execute multi-step tasks while being monitored. Microsoft employs the Model Context Protocol (MCP) to regulate agent interactions with applications, ensuring security and proper permissions. Despite concerns over privacy and security, Microsoft believes that integrating AI is essential for keeping Windows competitive. The company has faced backlash over previous features like Recall, which raised privacy issues, and must work to rebuild trust with users. The experimental AI features are currently optional, and Microsoft aims to demonstrate their value to encourage acceptance.

Tech Optimizer

November 14, 2025

Beware of Fake Bitcoin Tool That Hides DarkComet RAT Malware With it

A recent malware campaign has seen attackers disguising the DarkComet remote access trojan as Bitcoin-related applications to target cryptocurrency users. DarkComet RAT allows attackers to gain extensive control over compromised systems, despite its original creator discontinuing it years ago. The malware features capabilities such as keystroke logging, file theft, webcam surveillance, and remote desktop control, posing significant risks to users. The malicious file was distributed as a compressed RAR archive named “94k BTC wallet.exe,” which helps evade email filters. Security analysts at Point Wild discovered that the malware ensures persistence by copying itself to %AppData%RoamingMSDCSCexplorer.exe and creating a registry key for automatic execution at system startup. It attempts to connect to a command-and-control server at kvejo991.ddns.net over TCP port 1604. The malware injects its payload into legitimate Windows processes to perform keylogging and screen capture while remaining undetected. Captured keystrokes are stored in log files and exfiltrated through the command-and-control channel. Users are advised to avoid downloading cryptocurrency tools from untrusted sources and to keep security software updated.

Tech Optimizer

November 7, 2025

Herodotus Android Banking Malware Takes Full Control Of Device Evading Antivirus

A banking trojan named Herodotus targets Android users globally, operating as Malware-as-a-Service and disguising itself as a legitimate app to lure users into downloading an APK from unofficial sources. Once installed, it gains critical system permissions to perform banking operations on behalf of the user. The malware is primarily distributed through SMS phishing campaigns that lead victims to fraudulent download pages. Herodotus employs overlay attacks to steal credentials and hijack sessions, posing a significant threat to financial security. It uses advanced evasion tactics, including random delays and realistic typing patterns, to avoid detection by traditional antivirus solutions. The trojan captures screen content and keystrokes, allowing real-time monitoring of user activity. Detection is complicated as Herodotus circumvents defenses by installing from unknown sources and executing harmful actions only after obtaining user permissions. Effective defense requires recognizing multiple indicators of compromise, such as suspicious SMS links and behavioral anomalies, which traditional antivirus protection often overlooks.