September 2025 Archives

AppWizard

December 2, 2025

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

A new Android malware named Albiriox has emerged, marketed as malware-as-a-service (MaaS). It features a hard-coded list of over 400 applications, including banking and cryptocurrency platforms, and is distributed through social engineering tactics using dropper applications. Initially advertised in late September 2025, it became a full MaaS offering by October, with Russian-speaking threat actors behind its development. Albiriox allows remote control of compromised devices via an unencrypted TCP socket connection and Virtual Network Computing (VNC), enabling attackers to extract sensitive information and perform overlay attacks for credential theft. One campaign targeted victims in Austria using German-language lures and counterfeit Google Play Store listings. Albiriox also utilizes Android's accessibility services to bypass security measures and employs a novel distribution strategy involving a counterfeit website that collects phone numbers. Additionally, another Android MaaS tool, RadzaRat, was introduced, masquerading as a file management utility while offering extensive surveillance and remote control capabilities. RadzaRat can log keystrokes and maintain persistence through specific permissions, highlighting a trend in the availability of sophisticated cybercrime tools.

AppWizard

November 27, 2025

Minecraft’s Final Game Drop Update Of 2025 Arrives Next Month

Minecraft's upcoming content drop, 'Mounts of Mayhem', will be released for the Bedrock Edition on 9th December 2025. Key features include the introduction of a new weapon, the spear, a Zombie Horse, a new tameable mob called Nautilus, and the Camel Husk with two riders (a husk and a parched). Quality-of-life improvements will allow players to traverse water while mounted on horseback. Additional details can be found in the latest monthly video update and the Minecraft Live September 2025 round-up post.

Winsage

November 26, 2025

Microsoft: Security keys may prompt for PIN after recent updates

Microsoft issued a notice to users about a new behavior related to FIDO2 security keys following Windows updates since the September 2025 preview update. This change affects devices on Windows 11 versions 24H2 or 25H2, where users may be prompted to enter a PIN during authentication. The adjustment aligns with WebAuthn specifications, which outline protocols for authentication methods, including PINs and biometrics. User verification can be categorized as discouraged, preferred, or required, with "preferred" necessitating a PIN setup if supported by the authenticator. The rollout began after the KB5065789 preview update and was completed with the November KB5068861 security update. Microsoft stated that after installing the September 29, 2025 update, users might need to create a PIN to sign in with a security key, even if it was not required during initial registration. This behavior occurs when a Relying Party or Identity Provider requests User Verification = Preferred during authentication with a FIDO2 security key lacking a PIN. Organizations can opt to adjust the user verification setting to "discouraged" if they do not want to require users to create or enter PINs. FIDO2 security keys enable passwordless authentication by requiring the physical presence of a USB, NFC, or Bluetooth token, gaining popularity as organizations seek to reduce risks associated with traditional passwords.

Winsage

November 22, 2025

How to manage AI actions in File Explorer on Windows 11

Microsoft has introduced AI enhancements in Windows 11, particularly in File Explorer, featuring "Ask Copilot" and "Semantic Indexing." AI actions have been added to the context menu, allowing users to perform tasks based on file types, with integration into Microsoft 365 apps, Photos, or Paint. The rollout began with the September 2025 Security Update, but users in Europe may experience delays in access. To enable AI actions in File Explorer, users should open Settings, click on Apps, select the Actions page, and turn on the AI actions. Users can engage with AI actions by right-clicking on image files (JPG, JPEG, PNG) and selecting options like Bing Visual Search, Blur Background, Erase Objects, Remove Background, and Describe Image. If Microsoft 365 apps are installed, users can summarize documents and convert tables without opening the apps. To disable AI actions, users can follow the same steps as enabling them but turn off the AI actions instead. The "AI actions" menu will still appear, but no active features will be displayed.

Winsage

November 20, 2025

Evicting Copilot: The Insider’s Guide to Purging AI from Windows 11

Microsoft's Windows 11 has introduced Copilot, an AI assistant aimed at enhancing productivity, but it has faced criticism from users concerned about privacy and resource usage. Copilot offers features like document summarization and image generation, but some users have labeled it an unwelcome presence. During the March 2025 Patch Tuesday, some users experienced Copilot being inadvertently uninstalled. Privacy concerns and performance issues have led many to seek ways to disable or remove Copilot, with methods including hiding the Copilot button, using Group Policy Editor, editing the Windows Registry, and uninstalling the app through Settings or PowerShell commands. In corporate environments, IT administrators can disable Copilot using Intune or Group Policy. Users have reported that Windows updates can reinstall Copilot, prompting them to disable automatic updates or block related domains. Recent user sentiment indicates growing fatigue with AI features, and there is potential for Microsoft to introduce easier opt-out options in future updates.

Winsage

November 12, 2025

Microsoft: Windows 11 23H2 Home and Pro reach end of support

Microsoft has announced that security updates for the Home and Pro editions of Windows 11 23H2 will cease as of November 11, 2025. The last available update for these editions will be the November 2025 monthly security update. In contrast, the Enterprise, Education, and IoT Enterprise editions of Windows 11 23H2 will remain under mainstream support until November 2026. Users are encouraged to upgrade to Windows 11 25H2, which became available in September 2025 and will receive support until October 2027. Eligible devices can check for the update in the Windows Update settings, and for unmanaged devices, the update will be applied automatically.

BetaBeacon

November 11, 2025

Google Play will reward your gaming skills in the new Free Fire League

Google Play Games is offering Android users a chance to earn Play Points by participating in the Free Fire League competition, which is open until Nov. 23. Gamers earn Play Points for every elimination they achieve in the game.

Tech Optimizer

November 7, 2025

Malwarebytes scores 100% in AV Comparatives Stalkerware Test 2025

The AV-Comparatives Stalkerware Test 2025 evaluated 13 Android security solutions against 17 stalkerware-type applications. The test revealed that stalkerware remains a significant threat, often installed covertly and designed to evade detection. Malwarebytes achieved a perfect 100% detection rate, while Bitdefender, ESET, Kaspersky, and McAfee each detected 94%. Avast, Avira, and F-Secure identified 88%, Norton and Sophos around 82%, and G Data (65%), Google (53%), and Trend Micro (59%) had lower detection rates. The evaluation emphasized the importance of clear communication of threats to potential victims. Malwarebytes' involvement in the Coalition Against Stalkerware highlights its commitment to user safety and effective detection of stalkerware.

Tech Optimizer

November 7, 2025

PostgreSQL 13’s Sunset: Why Database Pros Must Upgrade Before the Lights Go Out

Organizations using PostgreSQL 13 must upgrade before its end-of-life on November 13, 2025, as this will result in the cessation of security patches, bug fixes, and official support. Continuing to use an unsupported version exposes systems to vulnerabilities, which can lead to data breaches and compliance challenges. The last minor release for PostgreSQL 13 was 13.21 in May 2025. Upgrading to newer versions, such as PostgreSQL 16 or 17, offers performance improvements and enhanced features. Strategies for upgrading include using tools like pg_upgrade, pg_dump/pg_restore, and logical replication to minimize downtime. Compatibility issues may arise due to deprecated functions in PostgreSQL 13, necessitating code reviews. Managed services like those from Percona can provide support beyond EOL. The costs of not upgrading can be significant, with potential downtime from security breaches often exceeding migration expenses.

AppWizard

October 31, 2025

IAS uncovers ‘Arcade’ ad-fraud scheme exploiting Android gaming apps | News

Integral Ad Science (IAS) has identified an ad-fraud operation called ‘Arcade’ that exploits over 50 Android gaming apps with around 10 million installations. This operation reroutes ad traffic to more than 200 HTML5 gaming sites, generating ad impressions without user engagement. Initially active in the US, Brazil, and Canada, Arcade has shifted focus to the Asia-Pacific region, with countries like Turkey, Vietnam, the Philippines, Thailand, Indonesia, and Malaysia accounting for nearly half of the detected traffic by September 2025. The apps switch to fraud mode upon detecting installation from a paid campaign, activating hidden browsing and ad-serving code via a remote command-and-control server. Arcade generates revenue through covert traffic to gaming domains and disruptive ads outside standard app usage. Despite having fewer apps than previous IAS findings, Arcade has a significantly larger traffic impact.