sensitive content Archives

AppWizard

October 28, 2025

What’s new in Android’s October 2025 Google System Updates [U]

The monthly “Google System Release Notes” detail updates for various platforms, including Play services, Play Store, and Play system updates for Android devices, Wear OS, Google/Android TV, Auto, and PC. Features may target end users or developers, and their presence in the changelog does not guarantee immediate availability. Key updates include: - Google Play services v25.42 introduces new developer APIs for multi-device experiences and enhanced device connectivity. - Google Wallet has a revamped user interface for feedback and now supports provisioning a Wavelynx corporate badge. - Android WebView v142 includes security and privacy enhancements and new developer features for web content display. - Google Play services v25.41 adds developer features for ads, allows mobile reCAPTCHA verification, and enables users to add cards through issuer apps. - Google Play Store v48.5 allows personalized app content viewing and in-app purchases in Mongolia. - Android System Intelligence V.39 includes maintenance and bug fixes. - Google Play services v25.40 supports Maps-related processes and allows pairing of LE Audio devices. - Google Play services v25.39 introduces Quick Start for supervised accounts and updates to user journeys and profile picture design.

AppWizard

October 10, 2025

Fake WhatsApp and TikTok apps are trying to fool Android users into downloading spyware — don’t fall for this

A spyware campaign is disguising itself as popular applications like TikTok, YouTube, and WhatsApp to lure users into downloading the ClayRat spyware. This campaign uses Telegram channels for distribution and employs fake download counts and testimonials on malicious websites. Discovered by Zimperium, the spyware requires users to set it as their default SMS application, allowing it to access sensitive information and spread further. The campaign is primarily targeting Russian users, with at least 600 samples and 50 droppers detected in the last 90 days. The malware uses obfuscation techniques to evade detection. Android users with Google Play Protect have some protection, but best practices for online safety are recommended, such as using reputable app sources and avoiding suspicious links.

AppWizard

October 10, 2025

This devious Android malware spoofs WhatsApp, TikTok and more – here’s how to stay safe

A new strain of malware called ClayRat has emerged, targeting Android users, particularly in Russia, by disguising itself as popular applications like WhatsApp, TikTok, Google Photos, and YouTube. It exploits SMS handler capabilities to gain access to sensitive information without user consent and spreads through the victim's contact list. Over 600 variants of ClayRat have been identified. Users are advised to download apps only from trusted sources, check app legitimacy through reviews, use antivirus tools, and manage app permissions to protect personal data.

AppWizard

October 9, 2025

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A sophisticated Android spyware campaign called ClayRat is targeting users in Russia through Telegram channels and deceptive phishing websites that mimic popular applications like WhatsApp and TikTok. Once activated, ClayRat can exfiltrate sensitive data such as SMS messages and call logs, access device information, take photos, and send messages or make calls from the victim's device. It propagates by sending malicious links to all contacts in the victim's phone book. Over the past 90 days, Zimperium has identified over 600 samples and 50 droppers of ClayRat, which uses advanced obfuscation techniques to evade detection. The malware redirects users to fraudulent websites leading to Telegram channels, where they are lured into downloading APK files. Some samples function as droppers, displaying counterfeit Play Store update screens while concealing the actual payload. Once installed, ClayRat communicates with its command-and-control infrastructure and can capture sensitive content, making infected devices automated distribution nodes. Additionally, a study by researchers from the University of Luxembourg and Université Cheikh Anta Diop found that pre-installed applications on budget Android smartphones sold in Africa operate with elevated privileges, with 9% disclosing sensitive data and 16% exposing critical components without safeguards.

AppWizard

October 1, 2025

Amazon’s forgotten MMO is getting a huge update, but there’s a nasty catch

Lost Ark, developed by Amazon Games, is facing player dissatisfaction due to the game's time-sensitive content, RNG mechanics for gear upgrades, and the need for separate accounts for each server. It currently has a 'mixed' rating on Steam, with 67% of English-language reviews being positive. Developer Smilegate has announced a roadmap for new content, including the Kazeros raid, which will begin with a prologue questline this month and culminate in November with an eight-player, two-gate raid requiring high-level gear. Additionally, a series of quality-of-life updates and holiday-themed cosmetics are planned for December. To help new players, Smilegate will introduce progression events and a Mokoko bootcamp. Before the Kazeros raids, the NA East and NA West regions will be merged, leading to potential downtime and enforced name changes for players with duplicate usernames. Smilegate also plans to release additional names from inactive accounts later this year or early next year.

AppWizard

September 7, 2025

This is the Samsung app I miss most when I use my Pixel

The Pixel 8 is appreciated as a capable smartphone, but it lacks some features found in the Galaxy S24 FE, particularly in software capabilities. Samsung My Files is favored over Files by Google in a poll, receiving 56% of the votes compared to 18% for Files by Google. My Files excels in connecting to network storage and offers superior search functionality, allowing users to search within documents. It also features a breadcrumb menu for easier navigation. However, Files by Google has advantages such as the Safe Folder feature for securing content, quick access tools, and a more visually appealing interface. Despite the strengths of both stock file managers, the author prefers third-party file management apps for greater control and versatility, with Samsung My Files being the preferred choice if limited to stock options on the Pixel.

AppWizard

August 25, 2025

Corporate Leaders Targeted by Android Spyware Masquerading as Security Apps

Security experts at Doctor Web have identified a sophisticated Android spyware campaign targeting Russian business leaders, utilizing malware named Android.Backdoor.916. First detected in January 2025, this malware is distributed through APK files disguised as security applications, particularly under the name GuardCB, which mimics the emblem of the Central Bank of the Russian Federation. Other variants include “SECURITY_FSB” and “FSB,” and the app interface is exclusively in Russian. The malware is disseminated via private messages on popular messaging platforms, avoiding official app stores. Upon installation, it simulates device scans and generates fictitious threat reports while activating extensive spyware modules that request permissions for geolocation, camera and microphone usage, SMS and contact access, call logs, and background operation. It can transmit SMS messages, upload contact lists, forward call history and location data, and exfiltrate media. It also enables real-time audio streaming, video capture, and screen activity monitoring, using Accessibility Service to maintain a keylogger for intercepting sensitive content from various applications. Control over the malware is maintained through a modular system that reconnects to the command server every minute, with fallback connectivity options to multiple hosting providers. The malware is designed for targeted cyber-espionage rather than mass infections, focusing on corporate executives and business figures. Doctor Web's antivirus solutions for Android can detect and eliminate known variants of this backdoor, highlighting the vulnerability of high-value individuals to mobile spyware disguised as legitimate applications. Experts recommend enhancing mobile security policies and educating high-risk employees about social engineering tactics.

AppWizard

August 15, 2025

Google Messages can now blur nude images on Android

Google is rolling out Sensitive Content Warnings in its Messages app for Android, a feature that detects and blurs images containing nudity. This feature is available only to users signed into a Google Account. When an image is blurred, users can access a resource page, block the sender, return to the main screen, or choose to view the image. A warning will also appear when users attempt to send or forward a nude image, requiring acknowledgment before sending. For supervised users, such as minors, the feature is enabled by default, while unsupervised teens can disable it. Adults must opt in to use it. The feature processes images locally on the device, ensuring no identifiable data is sent to Google servers, although it may misclassify images or fail to detect nudity.

Winsage

August 4, 2025

Don’t trust Windows 11’s Recall feature? A new report will only harden your resolve to never use the AI-powered search

Windows 11's Recall feature, an AI-driven tool for enhancing user experience through natural language search, has been criticized for its handling of sensitive information. Despite improvements since its preview launch, it has struggled to consistently filter out sensitive data, such as credit card numbers and passwords, especially when explicit markers are absent. In testing, Recall captured sensitive information during online banking and shopping activities, raising privacy concerns. The feature is still in preview mode, and Microsoft acknowledges its limitations, encouraging user feedback for improvements. Recall is turned off by default on Copilot+ PCs, and accessing screenshots requires physical or remote access to the device, posing potential security risks.

Winsage

July 28, 2025

AdGuard joins the Windows Recall backlash party — “Leaving backdoors wide open and hoping Microsoft will always act in good faith isn’t a solid privacy strategy”

Windows Recall is a feature from Microsoft that has faced criticism for being a potential security hazard and a public relations misstep. It was introduced with the 24H2 release, which included advanced AI functionalities. The feature relies on a neural processing unit (NPU) that operates independently of the cloud to emphasize privacy and security. In April 2025, Windows Recall became widely available for Copilot+ PCs, with security measures like isolating it within a "VBS Enclave" to protect sensitive data. However, skepticism remains, leading platforms like Signal and Brave to implement their own protective measures against Windows Recall. Signal has introduced a feature to prevent Windows Recall from capturing snapshots of its app, while Brave blocks Windows Recall by default for all its browser windows. AdGuard has also released an update to enhance user privacy by allowing users to disable Windows Recall on Copilot+ PCs, expressing doubts about the effectiveness of Microsoft's security measures.