practices Archives

AppWizard

June 17, 2026

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

Zimperium’s zLabs researchers have analyzed a newly identified Android banking trojan named Rokarolla, which targets 217 distinct banking and cryptocurrency applications. It is distributed through malicious websites that impersonate popular platforms like TikTok and Google Chrome, with one identified distribution point being hxxps://infocontablidades[.]it[.]com/. The malware uses a dropper disguised as Google Play Protect to install a second-stage payload and gain Accessibility Services access, allowing it to simulate user interactions and manipulate on-screen elements. Rokarolla downloads counterfeit HTML login pages for targeted applications and overlays them to capture user credentials, including sensitive card information. It can also deploy a fraudulent PIN entry screen, read and send SMS messages, intercept one-time codes from banks, and block incoming calls. The malware rewrites the clipboard, operates a keylogger and screen content logger, and scrapes WhatsApp contact data. It captures screenshots without alerting users and has a resilient command-and-control infrastructure with multiple fallback domains. No product flaws are exploited, and defenses against it include installing apps only from Google Play and being cautious with Accessibility Services. Zimperium’s Mobile Threat Defense and zDefend products can detect Rokarolla, and a list of indicators of compromise is available on their GitHub repository.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

AppWizard

June 16, 2026

New expanded Android parental controls to support families around the world

Android is expanding its Parental Controls feature to all devices upgrading to Android 17, allowing parents to manage their children's screen time effectively. The controls include screen time management, downtime scheduling, app store filters, and app usage control, all accessible through Android Settings and secured by a PIN. The setup of Google Family Link is also facilitated through the Family Link app, which provides additional features like School Time and location alerts. Additionally, there is an increase in the U.S. digital wellbeing fund to over a million dollars to support initiatives promoting healthy technology interactions and resources to combat social isolation.

Tech Optimizer

June 16, 2026

Subscription twist: Norton 360 Deluxe adds more than just antivirus

Norton 360 Deluxe is a mid-tier security subscription from Gen Digital that offers antivirus protection, a VPN, a password manager, dark web monitoring, and parental controls for up to five devices. It includes real-time threat protection, a firewall, ransomware shielding, and cloud backup of up to 50 GB for Windows users. The parental controls, known as Norton Family, allow monitoring of children's online activities. The Secure VPN encrypts internet traffic on public Wi-Fi and masks IP addresses. The package also features PC SafeCam for webcam security and a smart firewall. Norton 360 Deluxe is marketed with a promotional first-year rate, with higher renewal prices, and is available through digital subscriptions, app stores, and major retailers. The product is designed for households and individuals seeking comprehensive security solutions.

AppWizard

June 15, 2026

Steam Week in Review: More than 300 games released on Steam last week, and 120 of them had AI disclosures

Android Who Dreams of Stars is a visual novel developed by JinCycle, featuring an autonomous android named Eve Nova in a futuristic Tokyo where AI has eliminated war and hunger. The game relies heavily on AI-generated content for artwork, sound, narrative, and localization. My Summer Love Memories also uses generative AI for its videos, images, music, and dialogue. Kryonull has gained attention for its AI-generated voices, while some users on Steam question the legitimacy of its zero price tag. Typical NPC, developed by SmogGames, launched at a zero price with all AI-generated images, followed by After the Hero, which used AI-generated images but human-crafted text. KalendulaGames has released titles priced at zero, with extensive AI disclosures. Underwater claims to use AI-generated images only as art references. Steam emphasizes transparency in AI disclosures, with developers clarifying their use of AI in various ways. Many of the 120 games using generative AI focus on music and assets rather than translation. The Steam Deck has recently seen a resurgence in stock, with a price point higher than the average game. A humorous Steam review noted the unique experience of rummaging through trash for rewards in the game Where the F**k is my Bitcoin.

Tech Optimizer

June 14, 2026

Neon vs Supabase 2026: $1B Deal, Scale-to-Zero

Neon and Supabase are two managed PostgreSQL platforms with distinct approaches. Neon adopts a serverless architecture that separates storage and compute, allowing databases to scale to zero when idle and enabling rapid database branching. Supabase, in contrast, provides a comprehensive backend-as-a-service that includes authentication, file storage, real-time subscriptions, and edge functions, all built around PostgreSQL. In 2025, Databricks acquired Neon for approximately billion, motivated by the observation that around 80% of databases created on Neon were generated by AI agents. Post-acquisition, users experienced reduced storage costs and improved pricing structures, although concerns arose regarding Neon's independence. Neon features instant database branching and a scale-to-zero capability, while Supabase offers a fully integrated backend with built-in authentication and storage. Neon operates on a usage-based pricing model, whereas Supabase has a flat-tier pricing structure. Both platforms support the pgvector extension for AI applications, but Supabase is fully open-source and allows for self-hosting, unlike Neon. The developer community recognizes Supabase for its ease of use and rapid application development capabilities, while Neon is praised for its innovative serverless features and cost efficiency. Migration between the two platforms is simplified due to their shared PostgreSQL foundation.

AppWizard

June 13, 2026

How PlayStation And PC Games Shape Reward Systems

PlayStation and PC gaming ecosystems both aim to make progress feel worthwhile through various rewards, including trophies, cosmetics, and seasonal items. PlayStation rewards are typically clear and straightforward, linking effort to outcomes, while PC rewards offer more choice and personalization, often involving community-created content. Cosmetics play a significant role on both platforms, allowing for personal expression without affecting gameplay balance. The trophy system on PlayStation fosters social interaction and is integral to the console experience, while PC rewards can create a vibrant market culture based on item rarity and demand. Battle passes are bridging the gap between the two systems by introducing seasonal content and objectives. Random rewards, which rely on chance, require careful navigation to ensure players maintain control over their spending. Effective reward systems are characterized by generosity, clarity, and fairness, guiding players toward goals without creating a sense of entrapment. The divide between PlayStation and PC rewards is narrowing, with both platforms increasingly adopting elements from each other to enhance the gaming experience.

AppWizard

June 13, 2026

Dying Light 2 is a platform now, as the Breach update opens up Techland’s zombie survival game ‘even more to UGC content’

Techland has been enhancing Dying Light 2 since its launch in 2022, reworking the parkour system, introducing Volatiles, and improving combat mechanics. The game now features New Game+ and replayable bounties. The latest update, "The Breach," aims to enhance modding and user-generated content (UGC) capabilities, allowing players to create and share their own content. After completing the Prologue, players meet characters Tolga and Fatin, who provide tools for UGC experiences. Official mods include a third-person mode and a low-gravity mode, with community-created content like "The Atomborne" and "Dead Circuit." Dying Light 2 has a daily concurrent player count in the low thousands, which is respectable for a four-year-old single-player game but lower than other successful titles. The potential for a vibrant UGC community exists, especially as it may appeal to younger players compared to other platforms facing scrutiny.

AppWizard

June 12, 2026

Dutch non-profit set to take Valve to court for keeping game prices high

The Netherlands' Consumer Competition Claims Foundation (CCCF) has launched a campaign against Valve, the parent company of Steam, alleging unfair commercial practices related to Valve's 30% commission on game sales, which they claim inflates prices across all PC storefronts. The CCCF argues that this commission structure pressures publishers and developers to raise prices, affecting competitive pricing on other platforms like the Epic Games Store and Microsoft Store. They also allege that Valve prohibits publishers from offering lower prices on competing platforms and has engaged in "geo-blocking" to restrict the activation of Steam keys purchased in Eastern Europe for use in Western Europe. Valve president Gabe Newell denies these allegations, asserting that there is no policy preventing lower pricing on other platforms. The CCCF claims that Dutch gamers may have overpaid by more than 220 million euros due to these practices. Legal challenges against Valve are mounting, including a class-action lawsuit concerning loot boxes and an antitrust suit from Wolfire Games.

Winsage

June 11, 2026

Major Microsoft Edge versions will now ship every two weeks: Microsoft confirms plans to ship new Edge features and changes twice a month

Microsoft has announced a new release schedule for its Edge web browser, transitioning to a two-week release cycle from the previous monthly schedule. This change aims to provide users with a more consistent flow of updates, delivering approximately half the amount of new content with each release. The updates will be smaller and more manageable, enhancing user experience and security.