permissions Archives

Winsage

April 19, 2026

Fix: “Cannot Complete the Archive Extraction” in Windows

Users may encounter the error message “Cannot complete the archive extraction wizard” when using the built-in Windows extractor for ZIP or RAR files, indicating limitations of this tool. Common issues include damaged archives, incompatible compression methods, long file paths, restricted extraction locations, insufficient disk space, or interruptions from security software. To address these challenges, users can: 1. Use third-party extractors like 7-Zip, WinRAR, or PeaZip for better compatibility and success rates. 2. Check if the archive is corrupted and re-download it if necessary, ensuring the download completes fully. 3. Shorten the file path by moving the archive to a simpler directory to avoid exceeding path limits. 4. Temporarily disable antivirus or real-time protection, as it may interrupt the extraction process. If problems persist, testing the archive on a different PC can help determine if the issue is with the archive or the current system. If the archive fails on another computer, it is likely corrupted or incomplete, requiring a fresh download or replacement.

Winsage

April 18, 2026

‘They mopped the floor with me and pulled every childish game they could’: Disgruntled researcher releases second major Windows zero-day — claims Microsoft ‘would ruin my life, and they did’

A new zero-day vulnerability in Microsoft Defender has been disclosed by a researcher known as "Chaotic Eclipse," who has created a proof-of-concept exploit called "RedSun." This vulnerability allows local privilege escalation to SYSTEM level on Windows 10, Windows 11, and Windows Server when Microsoft Defender is active. The vulnerability has attracted attention from antivirus vendors, with some detecting it on VirusTotal due to an embedded EIRCAR in the executable. Chaotic Eclipse previously disclosed another vulnerability named BlueHammer, which also allowed local attackers to gain SYSTEM or elevated permissions. The researcher expressed dissatisfaction with Microsoft's vulnerability disclosure process, recounting negative interactions with the company. A Microsoft spokesperson stated the company's commitment to investigating security issues and supporting coordinated vulnerability disclosure.

Winsage

April 18, 2026

‘They mopped the floor with me and pulled every childish game they could’: Disgruntled researcher releases second major Windows zero-day — claims Microsoft ‘would ruin my life, and they did’

A researcher known as “Chaotic Eclipse” has revealed a new zero-day vulnerability in Microsoft Defender, called “RedSun,” which allows local privilege escalation to SYSTEM privileges on Windows 10, Windows 11, and Windows Server when Microsoft Defender is enabled. The exploit has been confirmed to function correctly, and some antivirus vendors have begun detecting it. This follows another vulnerability disclosure by the same researcher, named BlueHammer, which also allows local attackers to elevate permissions. Chaotic Eclipse expressed dissatisfaction with Microsoft’s handling of vulnerability disclosures, claiming they were threatened and experienced frustration with the company’s response. A Microsoft spokesperson stated the company is committed to investigating reported security issues and supports coordinated vulnerability disclosure.

AppWizard

April 17, 2026

New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps

Cybersecurity researchers from Zimperium zLabs have identified four families of Android malware—RecruitRat, SaferRat, Astrinox, and Massiv—targeting banking and cryptocurrency applications. These malware families can extract sensitive information from over 800 applications. They primarily use phishing and smishing to lure users into downloading malicious software. Phishing involves creating fake websites resembling legitimate login pages, while smishing uses urgent text messages with links to download harmful payloads. RecruitRat targets job seekers with fake employment websites, and SaferRat promises free access to premium video services. Astrinox mimics a business tool and has been linked to a fraudulent Apple App Store page, while Massiv's distribution methods remain unclear. Once installed, these malware applications initiate Overlay attacks, displaying counterfeit screens to capture user credentials. They also use a "blindfold" technique to obscure their activities by overlaying static images on the user's screen. The malware can intercept security codes, capture one-time passwords, and employ keylogging techniques. RecruitRat has a library of over 700 counterfeit login pages that activate with targeted apps. Researchers recommend avoiding links in urgent messages and downloading apps only from official sources.

AppWizard

April 17, 2026

This Android Setting Makes It Easy to Manage All Your App Permissions

In Android devices, users can manage app permissions through a privacy dashboard located in Settings > Security & Privacy > Privacy > Permission manager. This includes permissions for the camera, microphone, location, and more. Users can specify access levels for these features, including allowing access all the time, only while using the app, or not at all. Special permissions, which allow apps to modify system settings or access sensitive data, require particular attention and can be reviewed in Settings > Apps > Special app access. Caution is advised for apps from outside the Google Play Store, as they may pose greater risks. Regular audits of app permissions are recommended to ensure that apps do not have more access than necessary.

AppWizard

April 17, 2026

European civil servants are being forced off WhatsApp

Apps like Signal and WhatsApp are recognized for their end-to-end encryption but are increasingly seen as inadequate for organizational communication due to their consumer-grade design. Benjamin Schilz, CEO of Wire, points out the risks of using such apps for professional purposes. Recent cybersecurity threats, including a Russian espionage campaign targeting these applications, highlight the importance of advanced features like access controls and metadata management, especially for large organizations. Belgium's De Waele advocates for controlled communication environments that include only government employees to mitigate risks. Transparency advocates have raised concerns about the privacy features of consumer apps obscuring important decision-making processes, as exemplified by a situation involving Commission President Ursula von der Leyen and a vaccine deal. The re-election of former U.S. President Donald Trump has prompted a shift in priorities towards secure communication channels within European governments.

AppWizard

April 16, 2026

Google Play is changing how Android apps access your contacts and location

Google has updated its Google Play policies to enhance user privacy and protect businesses from fraud. Starting in October, developers will have access to Play policy insights in Android Studio to help comply with new features. On October 27, the Play Console will implement pre-review checks for contact and location permissions. The Android Contact Picker will be the standard for accessing contacts, requiring apps to use it or privacy-focused alternatives. Developers must update their apps to use the picker and submit a Play Developer Declaration for ongoing contact access. A new location button will be introduced for precise location requests, and apps must use it for one-time access. Developers should review their location data requests and include the onlyForLocationButton flag if targeting Android 17 and above. The Play Console will also introduce an official account transfer feature for ownership changes, effective May 27, with a mandatory 7-day security cool-down period for transfers. Unofficial transfers are prohibited.

Tech Optimizer

April 16, 2026

MiningDropper Android Malware Exploits Lumolight App

Researchers at Cyble Research and Intelligence Labs (CRIL) have discovered an Android malware framework called MiningDropper, which is being used in various campaigns to distribute malicious payloads such as cryptocurrency miners, infostealers, Remote Access Trojans (RATs), and banking malware. Over 1,500 MiningDropper samples were detected in one month, with many showing minimal antivirus detection. MiningDropper operates as a multi-stage delivery framework that employs techniques like XOR-based obfuscation and AES encryption to evade detection. A recent variant uses a trojanized version of the Lumolight application as the initial infection vector, often spread through phishing links and fraudulent websites. The malware executes a series of stages, starting with decrypting an embedded asset and loading additional payloads, including a counterfeit Google Play update interface to deceive users. Two main campaign clusters have been identified: an infostealer campaign targeting Indian users by impersonating trusted entities, and a global campaign distributing the BTMOB RAT, which enables credential theft and device takeover. The final payload capabilities include extracting sensitive data, enabling full device compromise, facilitating financial fraud, and unauthorized cryptocurrency mining. MiningDropper's modularity allows it to adapt and scale across various campaigns while maintaining low detection rates.

Winsage

April 16, 2026

CISA flags Windows Task Host vulnerability as exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in the Windows Task Host, identified as CVE-2025-60710, which poses a risk of privilege escalation, potentially allowing attackers to gain SYSTEM privileges. This flaw affects devices running Windows 11 and Windows Server 2025 and arises from a weakness in link following. Microsoft released a patch for this issue in November 2025. CISA has added CVE-2025-60710 to its list of actively exploited vulnerabilities and mandated that Federal Civilian Executive Branch agencies secure their systems within two weeks. CISA encourages all organizations, including those in the private sector, to implement necessary patches and improve network security. CISA also advised organizations to follow vendor instructions for mitigations or discontinue use of the affected product if mitigations are unavailable.

Tech Optimizer

April 15, 2026

Bitdefender Total Security

Bitdefender Total Security includes features such as a network security inspector, advanced ransomware defense, a hardened browser, and an active Do Not Track system. It offers a two-tier pricing model: an individual subscription for .99 per year for five licenses and a family subscription for .99 for 25 licenses, which includes parental controls. The software features an interface similar to Bitdefender Antivirus Plus, with user-configurable buttons for quick access to features. It boasts high scores from independent antivirus testing labs and excels in malware protection and antiphishing tests. Bitdefender includes a SecurePass password manager, firewall protection, spam filtering, webcam protection, and cryptomining protection. The parental control features allow parents to manage their children's online activities, but they may not be as effective as dedicated solutions. Bitdefender Total Security provides protection for macOS and Android, with high ratings for its performance on these platforms. The Android app includes malware scanning, web protection, and anti-theft features. The Bitdefender Central app allows users to manage their security settings from mobile devices.