outdated components Archives

Tech Optimizer

February 16, 2026

Phishing Lures Spread XWorm Remote Access Trojan

A cyber-espionage campaign is utilizing the XWorm Remote Access Trojan (RAT) to infiltrate systems via phishing emails and a Microsoft Office vulnerability (CVE-2018-0802). XWorm, first detected in 2022, allows attackers remote control over infected computers for surveillance and data theft. The campaign uses business-oriented phishing emails with malicious Excel attachments that exploit the vulnerability to execute a fileless attack. The malware connects to a command-and-control server, encrypting communications and transmitting system details. XWorm features a plugin architecture with over 50 modules for various malicious activities, including credential theft and DDoS attacks. Security experts highlight the ongoing risk of legacy software vulnerabilities and recommend patching outdated components.

AppWizard

November 26, 2025

Zimperium research reveals security risks inside Android apps

Zimperium's zLabs team has revealed that many popular Android applications still use an outdated mapping component, libmapbox-gl.so, which was deprecated in 2023. This legacy library is embedded in thousands of active applications, including leading travel, airline, and weather apps, and contains known security vulnerabilities that could be exploited by malicious actors. Zimperium is working with Google through the App Defense Alliance to improve app security and advises developers to switch to Mapbox Maps SDK v10+ or MapLibre. Their analysis found that thousands of Android apps contain the vulnerable library, with 40% of these apps ranking among the top 20 in their Play Store categories, posing significant risks for employee devices and enterprise security.