NewApp Digest
search bot

payment

Don’t be filled with regret—get this Office & Windows 11 Pro bundle while it’s $22
Winsage
April 30, 2026

Don’t be filled with regret—get this Office & Windows 11 Pro bundle while it’s $22

The Microsoft Office Pro 2019 and Windows 11 Pro bundle is available for a one-time payment of .97, down from its MSRP of 9.99, until May 3. The bundle includes a lifetime license for Microsoft Office applications (Word, Excel, PowerPoint, and Outlook) and Windows 11 Pro, which features performance improvements and advanced tools like BitLocker encryption and an AI assistant called Copilot. Office 2019 is noted for its stability and reliability.
Minecraft Players Targeted by LofyStealer Using Node.js Loader and In-Memory Browser Injection
AppWizard
April 30, 2026

Minecraft Players Targeted by LofyStealer Using Node.js Loader and In-Memory Browser Injection

A new infostealer malware called LofyStealer is targeting the gaming community, particularly Minecraft players, by disguising itself as a cheat tool named “Slinky.” It employs a two-stage attack to extract sensitive information from eight major web browsers, including Chrome and Firefox, while evading detection by security software. The malware siphons off cookies, saved passwords, payment card information, and session tokens. Researchers at Zenox.ai identified LofyStealer, linking it to the Brazilian cybercrime group LofyGang, which has been active since October 2022. The malware uses social engineering tactics to appear legitimate and operates as a Malware-as-a-Service platform, offering both Free and Premium tiers to buyers. Its technical sophistication is evident in its method of in-memory browser injection, which allows it to bypass security defenses. The stolen data is compressed and sent to a command-and-control server. Users are advised to avoid downloading unofficial game mods and enable multi-factor authentication to reduce the risk of credential theft. Security teams should monitor for specific behavioral indicators related to the malware's operations.
The Garry's Mod 'successor' is, tragically, more Roblox than anything else
AppWizard
April 30, 2026

The Garry’s Mod ‘successor’ is, tragically, more Roblox than anything else

S&box, a first-person shooter and successor to Garry's Mod, offers a map editor and sandbox mode for constructing vehicles, but does not fully meet the expectations set by its predecessor. The innovative toolset that empowered modders in Garry's Mod is less prominent in S&box, which introduces a business model that may disappoint fans of the original's community-driven content. Currently, S&box faces technical challenges, including a low success rate for multiplayer server connections at around 30%. The front page features remakes of classic Garry's Mod games like Prop Hunt, highlighting ongoing nostalgia for the original.
The Best Internet Security Solutions Out There Right Now
Tech Optimizer
April 27, 2026

The Best Internet Security Solutions Out There Right Now

Mysterium VPN offers a decentralized infrastructure with over 7,500 residential IPs across 100 countries, ensuring user privacy without requiring contributions of personal IPs. It features DNS and IP leak protection, a kill switch, ChaCha20 encryption, and a no-logs policy, complying with GDPR. Mysterium supports up to 15 devices simultaneously and is priced at .59 per month with a 7-day money-back guarantee. Bitdefender Total Security provides comprehensive antivirus protection, including malware detection, ransomware protection, firewall management, and device optimization tools, along with webcam protection and anti-phishing features. Kaspersky Premium delivers real-time antivirus protection, identity theft monitoring, secure payment tools, and parental controls, maintaining high threat detection capabilities. Proton VPN, based in Switzerland, emphasizes privacy and transparency, offering a solid free tier and premium features like Secure Core routing, although its speeds may vary. Malwarebytes Premium focuses on detecting newer or less common threats, evolving from a malware removal tool to a comprehensive security platform. Avast One integrates antivirus protection, VPN services, and performance optimization tools, providing identity monitoring and breach alerts, while working to enhance transparency after past scrutiny. 1Password specializes in secure password storage, generation, and autofill capabilities, along with features to alert users to compromised credentials and secure document storage.
Google Wallet rolling out big homepage, search redesign
AppWizard
April 23, 2026

Google Wallet rolling out big homepage, search redesign

Google Wallet is undergoing a redesign of its Android app to enhance user experience, particularly in managing passes. The app's homepage layout has been changed, with passes now displayed in pairs and featuring themed backgrounds. Users can reorder passes by dragging them and have more control over which passes appear on the homepage. The floating action button has been replaced with a centered split-button, directing users to "Add to Wallet" and a new page for searching transactions and loyalty cards. This section is divided into Transactions and Passes for easy access. The redesigned Google Wallet is being rolled out across devices, and users should update to the latest versions of Google Wallet and Google Play services (stable 26.15.33) to access the new features.
Trojanized Android App Fuels New Wave of NFC Fraud
AppWizard
April 21, 2026

Trojanized Android App Fuels New Wave of NFC Fraud

A new variant of the NGate malware family has emerged, using a trojanized Android application to capture payment card data and personal identification numbers (PINs). This modified version of HandyPay, a legitimate NFC relay app, has been distributed since November 2025, primarily targeting users in Brazil. The malware intercepts NFC payment card data and allows fraudulent transactions. Two distinct malware samples have been observed, delivered through phishing infrastructure that impersonates a Brazilian lottery site and a Google Play listing for a card protection tool. The trojanized app captures NFC data, requests the victim's card PIN, and transmits this information to attacker-controlled infrastructure. It requires minimal permissions, leveraging its role as the default payment application to evade detection. Evidence suggests that generative AI tools may have been used in its development, indicated by emoji markers in debug logs. ESET has reported its findings to Google, and Google Play Protect can detect known versions of the malware. The developer of HandyPay is investigating the misuse of its application.
Best Free Antivirus 2026: Keep Your Devices Safe With These Free Tools
Tech Optimizer
April 21, 2026

Best Free Antivirus 2026: Keep Your Devices Safe With These Free Tools

Many free antivirus services monetize user attention or data, and caution is advised when selecting these options. Recommended free antivirus tools should be free of ads or spyware. Trustworthy antivirus providers present clear privacy policies detailing data collection and sharing practices. Effective free antivirus tools offer real-time protection, on-demand malware scans, and user-friendly features. While free antivirus software is generally sufficient, paid options provide additional cybersecurity tools. The best free antivirus tools consume less than 5% of system resources, with active scans ideally not exceeding 40% CPU usage. Avast faced backlash for selling customer data to over 100 third parties and was fined million by the FTC in 2024. Kaspersky was banned in the U.S. in 2024 due to concerns about potential intelligence exploitation, and it cannot be recommended at this time.
NGate Android malware uses HandyPay NFC app to steal card data
AppWizard
April 21, 2026

NGate Android malware uses HandyPay NFC app to steal card data

A new variant of the NGate malware targets Android users by disguising itself within a trojanized version of the HandyPay app, which is a legitimate mobile payment processing application. This malware, documented since mid-2024, siphons payment card information through the mobile device's near-field communication (NFC) chip and sends the stolen data directly to attackers, who create virtual cards for unauthorized purchases or cash withdrawals from NFC-enabled ATMs. The new variant has been injected with malicious code into the HandyPay app, which has been available on Google Play since 2021. The code includes emojis, indicating the possible use of a generative AI tool in its development. The shift from previous iterations, which used an open-source tool named NFCGate, to HandyPay is likely motivated by financial considerations and the need for evasion, as HandyPay is more affordable and requires fewer permissions. This NGate variant has been active since November 2025, primarily targeting Android devices in Brazil. It employs two main distribution methods: a counterfeit app named “Proteção Cartão” hosted on a fraudulent Google Play page and a fake lottery website that redirects users to WhatsApp to download the malicious APK. Upon installation, the app prompts users to set it as their default NFC payment application, requests their card PIN, and instructs them to tap their card on the phone for reading, transmitting all collected information to an attacker's email address. To protect against such threats, Android users are advised to avoid downloading APKs from outside Google Play, disable NFC when not in use, and use Play Protect to scan for threats.
Search