law enforcement Archives

AppWizard

May 13, 2026

What’s New in Android Security and Privacy in 2026

The company is implementing default-on theft protections globally for all new Android 17 devices and those recently reset or upgraded. This initiative follows a successful pilot in Brazil and will also extend to devices running Android 10 or higher in Argentina, Chile, Colombia, Mexico, and the UK. Features like Remote Lock and Theft Detection Lock will automatically activate to enhance security against theft. The frequency of PIN or password attempts has been reduced, with longer wait times between failed attempts to deter brute-force attacks. Users can access their device's IMEI from the lock screen on Android 12 or higher, aiding in the recovery of stolen devices. Additionally, Android 17 introduces a temporary location sharing button for specific applications, allowing users to share their location without permanent permissions.

AppWizard

May 9, 2026

Instagram Loses End-To-End Message Encryption Today; What It Means For You

Instagram has discontinued its end-to-end encryption (e2ee) feature for direct messages, which previously allowed users to communicate securely without interception. All direct messages will now be protected by standard encryption, allowing potential access by service or network providers. Meta, Instagram's parent company, cited low usage rates for this change, which was communicated in March. Privacy advocates have raised concerns about user communications being shared with law enforcement and for AI training purposes, although Meta clarified it does not use private messages for AI purposes. Users seeking privacy can switch to WhatsApp or the standalone Messenger app, which still support e2ee. Meta has also advised users who had e2ee enabled to download their chat histories and media before the feature is fully retired.

AppWizard

May 4, 2026

Hacker tracks Australian police using Android app

Australian police officers can potentially be tracked through publicly available Bluetooth applications due to a design flaw in tasers and body-worn cameras manufactured by Axon. A hacker demonstrated this vulnerability by using Android apps to detect nearby Bluetooth devices, revealing the location of police equipment, including model and serial numbers. The flaw arises from the failure to implement MAC address randomization, which could enhance security. The hacker developed software capable of tracking devices from over 400 meters away, raising concerns about the potential for criminal activities targeting police. Despite warnings to various police agencies, responses indicated confidence in existing security measures, although similar risks have been noted in the US, leading to the cessation of Axon body camera use by US Border Patrol agents. The vulnerability is considered a hardware-level issue, requiring significant redesign efforts from Axon to address it.

AppWizard

May 2, 2026

Subnautica 2’s early access has chased a campervanning game about starting fires and hacking PCs into an earlier release

Square Glade Games has rescheduled the release of their game Outbound to May 11th, three days earlier than planned, to avoid competition with Subnautica 2, which launches on May 14th. The demo for Outbound will be taken offline on May 8th.

AppWizard

April 29, 2026

New Android spyware Morpheus linked to Italian surveillance firm

Morpheus is a new spyware identified by the nonprofit organization Osservatorio Nessuno, which spreads through counterfeit Android applications that appear as legitimate updates. Attackers use SMS messages to direct victims to a fraudulent website mimicking an Internet Service Provider (ISP). The spyware installs a dropper app that deploys a concealed payload, which disguises itself as legitimate system components and manipulates users into granting dangerous permissions, including Accessibility access. Once granted, Morpheus initiates a Permission Workflow that creates a fake update overlay, disabling the touchscreen to prevent user interaction. It ensures persistence by restarting after device reboots and can request device administrator privileges. The spyware exploits overlay windows and Accessibility features to gain control of the device and bypass security measures, including disabling antivirus solutions without requiring root access. Analysis suggests Morpheus has Italian origins, with connections to an Italian firm, IPS Intelligence, known for lawful interception technologies. The spyware is capable of invasive actions such as recording audio and video, linking to WhatsApp, and compromising device security. The report highlights a network of dubious companies and shared contacts linked to the spyware's distribution.

AppWizard

April 27, 2026

Google’s new developer rules are pushing a top privacy period tracker off certified Android devices

The privacy-centric period tracking app, Periodical, will not comply with Google's new developer verification policy requiring app developers to submit government-issued identification. As a result, the developers have decided to withdraw from the official Android ecosystem, raising concerns about user privacy and access to reproductive health tools. Periodical is praised for storing data locally without third-party trackers, which is crucial given the risk of law enforcement accessing digital health data. Users are uncertain about the app's future and are being directed to its GitHub repository for updates, as the new policy will complicate the installation of unverified apps. Users will need to enable Developer Options and navigate complex settings to sideload the app, which may deter many from tracking their menstrual cycles.

Tech Optimizer

April 26, 2026

CanisterSprawl: pgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP Canister

On April 21, 2026, compromised versions of pgserve (1.1.11, 1.1.12, and 1.1.13) were published on npm, containing a 1,143-line credential-harvesting script that executes during the postinstall phase of npm install. The malware functions as a supply-chain worm, reinjecting itself into other packages if it finds an npm publish token. Stolen credentials are encrypted using RSA-4096 and AES-256 and exfiltrated to a decentralized Internet Computer Protocol (ICP) canister. The last legitimate release was v1.1.10, published on April 17, 2026. The malware was detected by StepSecurity AI Package Analyst and Harden Runner, which flagged the compromised versions as Critical / Rejected and confirmed live exfiltration during analysis. The injected script performs operations such as harvesting environment variables, collecting filesystem secrets, encrypting payloads, and propagating to other npm packages and Python packages if a PyPI token is detected. The exfiltration domains have been added to a global block list.

AppWizard

April 25, 2026

NoVoice malware hit 2.3 million Android devices through apps Google never should have approved

McAfee researchers discovered a complex Android rootkit campaign, dubbed Operation NoVoice, that infiltrated 50 applications on Google Play, exploiting vulnerabilities in the kernel that had been patched but not uninstalled. The malware was resilient enough to survive factory resets and was concealed within seemingly benign apps, which collectively garnered 2.3 million downloads. The malicious payload was hidden in the com.facebook.utils package and used steganography to embed an encrypted payload within a PNG image. The malware conducted multiple checks to avoid detection and established contact with a command-and-control server, polling for exploit packages every 60 seconds. It utilized 22 distinct exploits, including vulnerabilities that had received patches between 2016 and 2021. The malware disabled SELinux enforcement and installed a persistent rootkit that could survive factory resets. Google confirmed the removal of the infected apps but noted that users who had already downloaded them remained at risk, especially if their devices were running unpatched Android versions. McAfee advised affected users to treat their devices as compromised and consider professional inspection or hardware-level storage wiping for remediation.

AppWizard

April 24, 2026

Another spyware maker caught distributing fake Android snooping apps

The Italian digital rights organization Osservatorio Nessuno has revealed a new malware called Morpheus, used by government agencies for surveillance. Morpheus is disguised as a phone updating application and can extract various data from targets' devices. The spyware is linked to IPS, an Italian firm specializing in lawful interception technologies, which claims to operate in over 20 countries. Morpheus is categorized as "low cost" due to its straightforward infection method, which involves tricking targets into installing the software. Authorities collaborated with the target's mobile service provider to obstruct data and send an SMS prompting the installation of the malware. Once installed, Morpheus exploits Android's accessibility features to access extensive information and masquerades as the WhatsApp application to solicit biometric data. The spyware's code contains Italian phrases and references to "Gomorra," indicating its connection to the Italian spyware industry. The attack is likely linked to political activism in Italy. IPS is among several Italian spyware manufacturers that have emerged following the decline of Hacking Team.

AppWizard

April 23, 2026

Australian Government Demands to Know What Roblox, Minecraft, Fortnite, and Steam are Doing to Prevent Grooming, Radicalisation

The Australian Government's eSafety office has requested major gaming platforms, including Roblox, Microsoft, Epic, and Valve, to provide details on their measures to prevent child grooming and extremist content. The eSafety office has issued legally enforceable transparency notices due to concerns that platforms like Roblox, Minecraft, Fortnite, and Steam may be exploited by predators and extremist groups. Approximately 90% of children aged 8 to 17 in Australia engage with online games, highlighting the need for protective measures. Reports indicate that these platforms have been associated with grooming incidents and extremist themes, including games inspired by the Islamic State and depictions of mass shootings. Non-compliance with the transparency notice could result in penalties of AUD5,000 per day. In response, Roblox has committed to safety initiatives, including AI technology to review content and plans for age-based accounts to enhance user safety.