models Archives

Tech Optimizer

February 11, 2026

Hackers Used Hugging Face to Distribute Android Banking Trojans

Cybersecurity researchers have identified a malware campaign that exploited Hugging Face's AI infrastructure to distribute Android banking trojans. The attackers used a deceptive app called TrustBastion, which tricked users into installing what appeared to be legitimate security software. Upon installation, the app redirected users to an encrypted endpoint that linked to Hugging Face repositories, allowing the malware to evade traditional security measures. The campaign generated new malware variants every 15 minutes, resulting in over 6,000 commits in about 29 days. It infected thousands of victims globally, particularly in regions with high smartphone banking usage but lower mobile security awareness. The operation is believed to be linked to an established cybercriminal group. Security experts warn that this incident highlights vulnerabilities in trusted platforms and calls for improved security measures, including behavioral analysis systems and verification of application authenticity. The incident has also sparked discussions about the need for enhanced security protocols for AI platforms.

Winsage

February 10, 2026

10 open-source apps I recommend every Windows user download

Open-source software provides flexibility and control for users, particularly on Windows. Notable applications include: 1. LibreOffice: A comprehensive office suite with a customizable interface, supports MS Office formats, and is free to download. 2. Flow Launcher: A file search and application launcher that enhances efficiency, customizable, and free to use. 3. Duplicati: A zero-trust backup solution with encryption and scheduling features, free for personal use. 4. Nextcloud: An open-source cloud service for file storage and collaboration, free to install on Windows. 5. Franz: Consolidates multiple messaging platforms into one interface, free to install and use. 6. YAZB: Allows users to create custom top bars for system information and quick access controls, enhancing the user experience. 7. File Converter: Simplifies file conversion and compression within the Windows file manager, available for free. 8. Bitwarden: A password management tool with a free version and additional paid features for collaboration. 9. AutoHotKey: Automates tasks on Windows through scripting, free to install and use. 10. Ollama: An open-source AI interaction tool that prioritizes privacy, free to use on Windows.

AppWizard

February 10, 2026

I tried Nothing’s AI app builder — and ended up with a screaming tea timer

Nothing’s Essential App Builder allows users to create personalized applications without extensive coding experience. The platform enables users to articulate app ideas and facilitates their creation through a series of edits. One user successfully created a tea timer app that tracks steeping times and provides boiling temperatures for different teas, despite facing minor design issues during development. The Essential App community showcases diverse creativity, with applications ranging from practical tools to whimsical creations. Currently, Essential Apps are exclusive to the Nothing Phone 3, with plans for future expansion to other models and enhanced functionality.

AppWizard

February 1, 2026

Bolt Action PC First Look: How Slitherine is Reimagining the World’s Biggest WWII Tabletop Game

Slitherine and Frag Games are developing a digital adaptation of Warlord Games’ WWII tabletop miniatures game, Bolt Action, with a planned release in 2026. The game will faithfully recreate the “Six Orders” activation system, a suppression-based pinning system, and tactical armor facing. Key features include a comprehensive Army Painter for customization and a dynamic single-player campaign set in the Normandy theater. The game will maintain the original ruleset, including the tactical pillars of unit activation, the emphasis on suppression over health, vehicle positioning for damage, distinctions between direct and indirect fire, experience levels for squads, and extensive customization options for forces.

Tech Optimizer

February 1, 2026

When Digital Guardians Turn Rogue: Inside the eScaneS an Antivirus Supply Chain Attack That Exposed Millions

eScan, an antivirus solution, has become a conduit for a supply chain attack that may have affected millions of users through a compromised software update mechanism. The attack exploited eScan’s automatic update system, distributing malware via official channels that appeared legitimate, thus bypassing traditional security measures. Reports indicate that supply chain attacks have increased by over 300% in the past three years, with software update mechanisms being prime targets. The exact number of affected users is still under investigation, but the breach occurred over a limited period before detection. Enterprises using eScan now face vulnerabilities in their security infrastructure, prompting IT departments to conduct forensic analyses to determine if their networks were compromised. The breach raises concerns about digital security as users typically rely on antivirus solutions for protection. Researchers found that the malware used advanced techniques, including multi-stage deployment and polymorphic behavior to evade detection, indicating significant resources behind the attack. In response, eScan has initiated an incident response protocol, revoked compromised digital certificates, and added verification layers to its update system. However, restoring user trust will require transparency about the breach and preventive measures. The incident has led to widespread security audits across the antivirus sector and may accelerate the adoption of zero-trust security models. Regulatory inquiries are underway regarding eScan's data protection practices, and legal experts anticipate class-action lawsuits from affected users and enterprises. The breach highlights a trend where attackers target security infrastructure itself, making software distribution security a critical focus for cybersecurity professionals. Proposed solutions include blockchain-based verification systems and industry-wide standards for supply chain security. The eScan breach underscores that no organization is immune to sophisticated supply chain attacks, as compromising a security vendor can provide access to its entire customer base. Increased information sharing about supply chain threats is advocated to enhance collaboration within the security industry. Moving forward, eScan must balance technical remediation with transparent communication to rebuild trust, while users are advised to implement defense-in-depth strategies rather than relying solely on one security tool.

AppWizard

January 31, 2026

Old-school MMO Project: Gorgon launches into 1.0 with an update that adds ‘by far the largest and most complex map we’ve ever made’

Project: Gorgon has emerged from Steam early access, featuring straightforward 3D graphics and a minimally guided leveling experience that encourages exploration. The recent 1.0 update introduced the capital city of Statehelm, which is the largest map created by the developers and includes 200 new quests and character progression up to level 100. The update also brought new character models, revisions to combat wisdom mechanics, crafting epiphanies for master craftsmen, and refinements to player-run vendor stalls. A notable change in the game is that "skeletons are no longer contortionists." A demo is available for players to experience the game up to level 15, and a 25% launch discount is offered until February 4, reducing the price to £15.74.

AppWizard

January 30, 2026

Hugging Face AI platform used to deliver Android malware via fake apps: don’t fall for this

Hackers are exploiting the Hugging Face AI platform to distribute Android malware through a counterfeit application. The malware, identified by cybersecurity firm Bitdefender, first appeared in an application named TrustBastion. Hugging Face lacks robust filtering mechanisms to regulate user-uploaded content, raising security concerns. Users are advised to download apps only from reputable sources, read reviews, check download numbers and ratings, avoid sideloading APK files, verify publishers and URLs, and regularly scan their devices with Play Protect and antivirus applications.

AppWizard

January 30, 2026

Podcast Rewind: An AYANEO Avalanche, Minecraft Houses, and Brendon Crashes Unwind

Listeners can enjoy the latest episodes from the MacStories podcast family, featuring discussions on Game Pass on ARM, AYANEO announcements, and the TrimUI Brick Pro. Federico showcases the Ayn Odin 3 on NPC XL, while Chris and Matt present their Creator Studios and Minecraft creations. The Cozy Zone crew discusses a tier list of iPads. John returns to MacStories with a surprise visit from Brendon Bigley. NPC XL offers exclusive content through Patreon, and Cozy Zone subscribers can access bonus episodes. MacStories has expanded its podcast lineup since 2017 to cover various topics related to modern media. Advertising opportunities are available for the shows.

Winsage

January 30, 2026

Windows 11 KB5074105 update fixes boot, sign-in, and activation issues

Microsoft has released the KB5074105 preview cumulative update for Windows 11, which includes 32 enhancements to improve user experience. This optional update allows administrators to test upcoming fixes and features before the next Patch Tuesday. It addresses issues such as Explorer.exe hanging during login with specific startup apps, system unresponsiveness during startup with Windows Boot Manager debugging enabled, iSCSI boot failures, and problems with Windows license migrations during upgrades. The update elevates Windows 11 25H2 and 24H2 devices to builds 26200.7705 and 26100.7705, respectively. Key highlights include enhanced Cross-Device Resume functionality, support for peripheral fingerprint sensors in Windows Hello Enhanced Sign-in Security, fixes for unresponsiveness when running Windows Terminal with elevated permissions, resolution of GPU-related system errors, and improvements to Windows Sandbox. Microsoft will also introduce distinct identifiers for Windows 11 and Windows Server 2025 updates starting with the January 2026 security update, and has simplified update titles for better accessibility.

AppWizard

January 30, 2026

DoubleVerify warns of ‘zombie’ Android app fraud surge

DoubleVerify has raised concerns about a mobile scam involving the hijacking of dormant Android developer accounts, referred to as "zombie" accounts, which are exploited to publish fraudulent gaming applications on Google Play. This new tactic allows fraudsters to bypass automated checks due to the accounts' history of legitimate activity. The fraudulent apps generate invalid traffic, drain advertiser budgets, and excessively consume device battery power. DoubleVerify has identified unusual traffic patterns, such as surges at early morning hours, which do not align with typical gaming behavior, indicating the presence of bot clusters generating ad requests. Specific examples include dormant accounts that suddenly shifted to publishing gaming apps after years of inactivity. The reliance on developer history as a trust signal poses risks for advertisers, as it can lead to distorted campaign measurements and brand risks. DoubleVerify advocates for real-time behavioral analysis to enhance detection and protection against these threats.