permissions Archives

Winsage

April 18, 2026

‘They mopped the floor with me and pulled every childish game they could’: Disgruntled researcher releases second major Windows zero-day — claims Microsoft ‘would ruin my life, and they did’

A new zero-day vulnerability in Microsoft Defender has been disclosed by a researcher known as "Chaotic Eclipse," who has created a proof-of-concept exploit called "RedSun." This vulnerability allows local privilege escalation to SYSTEM level on Windows 10, Windows 11, and Windows Server when Microsoft Defender is active. The vulnerability has attracted attention from antivirus vendors, with some detecting it on VirusTotal due to an embedded EIRCAR in the executable. Chaotic Eclipse previously disclosed another vulnerability named BlueHammer, which also allowed local attackers to gain SYSTEM or elevated permissions. The researcher expressed dissatisfaction with Microsoft's vulnerability disclosure process, recounting negative interactions with the company. A Microsoft spokesperson stated the company's commitment to investigating security issues and supporting coordinated vulnerability disclosure.

Winsage

April 18, 2026

‘They mopped the floor with me and pulled every childish game they could’: Disgruntled researcher releases second major Windows zero-day — claims Microsoft ‘would ruin my life, and they did’

A researcher known as “Chaotic Eclipse” has revealed a new zero-day vulnerability in Microsoft Defender, called “RedSun,” which allows local privilege escalation to SYSTEM privileges on Windows 10, Windows 11, and Windows Server when Microsoft Defender is enabled. The exploit has been confirmed to function correctly, and some antivirus vendors have begun detecting it. This follows another vulnerability disclosure by the same researcher, named BlueHammer, which also allows local attackers to elevate permissions. Chaotic Eclipse expressed dissatisfaction with Microsoft’s handling of vulnerability disclosures, claiming they were threatened and experienced frustration with the company’s response. A Microsoft spokesperson stated the company is committed to investigating reported security issues and supports coordinated vulnerability disclosure.

AppWizard

April 17, 2026

New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps

Cybersecurity researchers from Zimperium zLabs have identified four families of Android malware—RecruitRat, SaferRat, Astrinox, and Massiv—targeting banking and cryptocurrency applications. These malware families can extract sensitive information from over 800 applications. They primarily use phishing and smishing to lure users into downloading malicious software. Phishing involves creating fake websites resembling legitimate login pages, while smishing uses urgent text messages with links to download harmful payloads. RecruitRat targets job seekers with fake employment websites, and SaferRat promises free access to premium video services. Astrinox mimics a business tool and has been linked to a fraudulent Apple App Store page, while Massiv's distribution methods remain unclear. Once installed, these malware applications initiate Overlay attacks, displaying counterfeit screens to capture user credentials. They also use a "blindfold" technique to obscure their activities by overlaying static images on the user's screen. The malware can intercept security codes, capture one-time passwords, and employ keylogging techniques. RecruitRat has a library of over 700 counterfeit login pages that activate with targeted apps. Researchers recommend avoiding links in urgent messages and downloading apps only from official sources.

AppWizard

April 17, 2026

This Android Setting Makes It Easy to Manage All Your App Permissions

In Android devices, users can manage app permissions through a privacy dashboard located in Settings > Security & Privacy > Privacy > Permission manager. This includes permissions for the camera, microphone, location, and more. Users can specify access levels for these features, including allowing access all the time, only while using the app, or not at all. Special permissions, which allow apps to modify system settings or access sensitive data, require particular attention and can be reviewed in Settings > Apps > Special app access. Caution is advised for apps from outside the Google Play Store, as they may pose greater risks. Regular audits of app permissions are recommended to ensure that apps do not have more access than necessary.

AppWizard

April 17, 2026

European civil servants are being forced off WhatsApp

Apps like Signal and WhatsApp are recognized for their end-to-end encryption but are increasingly seen as inadequate for organizational communication due to their consumer-grade design. Benjamin Schilz, CEO of Wire, points out the risks of using such apps for professional purposes. Recent cybersecurity threats, including a Russian espionage campaign targeting these applications, highlight the importance of advanced features like access controls and metadata management, especially for large organizations. Belgium's De Waele advocates for controlled communication environments that include only government employees to mitigate risks. Transparency advocates have raised concerns about the privacy features of consumer apps obscuring important decision-making processes, as exemplified by a situation involving Commission President Ursula von der Leyen and a vaccine deal. The re-election of former U.S. President Donald Trump has prompted a shift in priorities towards secure communication channels within European governments.

AppWizard

April 16, 2026

Google Play is changing how Android apps access your contacts and location

Google has updated its Google Play policies to enhance user privacy and protect businesses from fraud. Starting in October, developers will have access to Play policy insights in Android Studio to help comply with new features. On October 27, the Play Console will implement pre-review checks for contact and location permissions. The Android Contact Picker will be the standard for accessing contacts, requiring apps to use it or privacy-focused alternatives. Developers must update their apps to use the picker and submit a Play Developer Declaration for ongoing contact access. A new location button will be introduced for precise location requests, and apps must use it for one-time access. Developers should review their location data requests and include the onlyForLocationButton flag if targeting Android 17 and above. The Play Console will also introduce an official account transfer feature for ownership changes, effective May 27, with a mandatory 7-day security cool-down period for transfers. Unofficial transfers are prohibited.

Tech Optimizer

April 16, 2026

MiningDropper Android Malware Exploits Lumolight App

Researchers at Cyble Research and Intelligence Labs (CRIL) have discovered an Android malware framework called MiningDropper, which is being used in various campaigns to distribute malicious payloads such as cryptocurrency miners, infostealers, Remote Access Trojans (RATs), and banking malware. Over 1,500 MiningDropper samples were detected in one month, with many showing minimal antivirus detection. MiningDropper operates as a multi-stage delivery framework that employs techniques like XOR-based obfuscation and AES encryption to evade detection. A recent variant uses a trojanized version of the Lumolight application as the initial infection vector, often spread through phishing links and fraudulent websites. The malware executes a series of stages, starting with decrypting an embedded asset and loading additional payloads, including a counterfeit Google Play update interface to deceive users. Two main campaign clusters have been identified: an infostealer campaign targeting Indian users by impersonating trusted entities, and a global campaign distributing the BTMOB RAT, which enables credential theft and device takeover. The final payload capabilities include extracting sensitive data, enabling full device compromise, facilitating financial fraud, and unauthorized cryptocurrency mining. MiningDropper's modularity allows it to adapt and scale across various campaigns while maintaining low detection rates.

Winsage

April 16, 2026

CISA flags Windows Task Host vulnerability as exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in the Windows Task Host, identified as CVE-2025-60710, which poses a risk of privilege escalation, potentially allowing attackers to gain SYSTEM privileges. This flaw affects devices running Windows 11 and Windows Server 2025 and arises from a weakness in link following. Microsoft released a patch for this issue in November 2025. CISA has added CVE-2025-60710 to its list of actively exploited vulnerabilities and mandated that Federal Civilian Executive Branch agencies secure their systems within two weeks. CISA encourages all organizations, including those in the private sector, to implement necessary patches and improve network security. CISA also advised organizations to follow vendor instructions for mitigations or discontinue use of the affected product if mitigations are unavailable.

Tech Optimizer

April 15, 2026

Bitdefender Total Security

Bitdefender Total Security includes features such as a network security inspector, advanced ransomware defense, a hardened browser, and an active Do Not Track system. It offers a two-tier pricing model: an individual subscription for .99 per year for five licenses and a family subscription for .99 for 25 licenses, which includes parental controls. The software features an interface similar to Bitdefender Antivirus Plus, with user-configurable buttons for quick access to features. It boasts high scores from independent antivirus testing labs and excels in malware protection and antiphishing tests. Bitdefender includes a SecurePass password manager, firewall protection, spam filtering, webcam protection, and cryptomining protection. The parental control features allow parents to manage their children's online activities, but they may not be as effective as dedicated solutions. Bitdefender Total Security provides protection for macOS and Android, with high ratings for its performance on these platforms. The Android app includes malware scanning, web protection, and anti-theft features. The Bitdefender Central app allows users to manage their security settings from mobile devices.

AppWizard

April 15, 2026

Top Android Apps You Won’t Find On Google Play Store

The Google Play Store does not include every app desired by users due to strict privacy, security, and content moderation policies, leading to the growth of third-party platforms and APK-based tools. Notable apps outside the Play Store include: - BombitUp: A prank app that allows users to send multiple SMS messages, popular among younger users, but excluded from the Play Store due to potential misuse. - 9Apps: An alternative app store developed by Alibaba Group, offering a variety of apps, games, and older versions of applications, particularly popular in regions lacking Play Store access. - Snaptube: A video downloader for platforms like YouTube and Facebook, absent from the Play Store due to policy violations but sought after for offline video access. - VidMate: A comprehensive video downloading app that also provides access to live TV, movies, and music, maintaining popularity despite not being available in official app stores. - Honista: A modified version of Instagram that enhances privacy and customization options, appealing to users wanting more control over their social media experience. - Lucky Patcher: A tool for advanced users that allows modifications to app permissions and ad removal, requiring technical knowledge and sometimes root access, leading to its exclusion from the Play Store. - APKPure: An alternative app store that focuses on providing safe and verified APK files, emphasizing security and access to region-locked apps or older versions. These applications cater to specific user needs that are often overlooked by mainstream platforms.