sources Archives

AppWizard

April 21, 2026

Trojanized Android App Fuels New Wave of NFC Fraud

A new variant of the NGate malware family has emerged, using a trojanized Android application to capture payment card data and personal identification numbers (PINs). This modified version of HandyPay, a legitimate NFC relay app, has been distributed since November 2025, primarily targeting users in Brazil. The malware intercepts NFC payment card data and allows fraudulent transactions. Two distinct malware samples have been observed, delivered through phishing infrastructure that impersonates a Brazilian lottery site and a Google Play listing for a card protection tool. The trojanized app captures NFC data, requests the victim's card PIN, and transmits this information to attacker-controlled infrastructure. It requires minimal permissions, leveraging its role as the default payment application to evade detection. Evidence suggests that generative AI tools may have been used in its development, indicated by emoji markers in debug logs. ESET has reported its findings to Google, and Google Play Protect can detect known versions of the malware. The developer of HandyPay is investigating the misuse of its application.

AppWizard

April 21, 2026

Steam Controller unboxing video mysteriously appears on SteamDB

A significant shipment of "WIRELESS PC CONTROLLER[s]" was delivered to Valve, and an unboxing video for the Steam Controller has been listed on SteamDB. The shipment was confirmed through shipping documents, and the unboxing video entry is labeled and credible. The video was uploaded on April 20 at 21:22:26 UTC, with the "controller_support" status marked as "full." The delivery consisted of 14 tons of controllers, indicating progress for the Steam Controller's launch compared to the Steam Machine.

Tech Optimizer

April 21, 2026

Gen Digital Inc stock (US36870C1018): Is its cybersecurity moat strong enough for steady investor re

Gen Digital Inc operates a consumer-focused cybersecurity model centered on subscription-based protection services, including antivirus, VPNs, and identity theft protection. The company generates predictable revenue through auto-renewals, with over 90% of customers renewing annually. Its business model scales with internet penetration and focuses on individual users rather than enterprise contracts. Gen Digital emphasizes organic growth through product innovation and geographic expansion, with key growth drivers including the increase of connected devices and cloud-based delivery. The product portfolio features tiered subscription plans, catering to diverse consumer needs, and the company maintains a competitive position through superior detection rates and customer support. Gen Digital's primary markets are North America and Europe, with emerging opportunities in Latin America and Asia. Analysts view the subscription model favorably for its resilience and cash flow generation, while risks include competition from free tools and regulatory changes. Upcoming earnings will provide insights into subscriber trends and pricing power.

Tech Optimizer

April 21, 2026

Even trusted apps can infect your PC with malware now

Recent supply-chain attacks are increasingly targeting well-known software such as CCleaner, Steam games, and Notepad++, allowing hackers to distribute malware through legitimate updates. The introduction of artificial intelligence has accelerated the frequency and sophistication of these attacks, with hackers compromising developers or exploiting third-party tools to inject malicious code. Notepad++ was specifically affected by a supply-chain attack where a compromised third-party tool led to the distribution of tainted software. Attackers use various strategies, including hacking developers' credentials, purchasing access, or compromising tools relied upon by developers. Antivirus software is crucial for protecting users from malware, even from trusted sources, as modern solutions have minimal impact on system performance.

AppWizard

April 21, 2026

NGate Android malware uses HandyPay NFC app to steal card data

A new variant of the NGate malware targets Android users by disguising itself within a trojanized version of the HandyPay app, which is a legitimate mobile payment processing application. This malware, documented since mid-2024, siphons payment card information through the mobile device's near-field communication (NFC) chip and sends the stolen data directly to attackers, who create virtual cards for unauthorized purchases or cash withdrawals from NFC-enabled ATMs. The new variant has been injected with malicious code into the HandyPay app, which has been available on Google Play since 2021. The code includes emojis, indicating the possible use of a generative AI tool in its development. The shift from previous iterations, which used an open-source tool named NFCGate, to HandyPay is likely motivated by financial considerations and the need for evasion, as HandyPay is more affordable and requires fewer permissions. This NGate variant has been active since November 2025, primarily targeting Android devices in Brazil. It employs two main distribution methods: a counterfeit app named “Proteção Cartão” hosted on a fraudulent Google Play page and a fake lottery website that redirects users to WhatsApp to download the malicious APK. Upon installation, the app prompts users to set it as their default NFC payment application, requests their card PIN, and instructs them to tap their card on the phone for reading, transmitting all collected information to an attacker's email address. To protect against such threats, Android users are advised to avoid downloading APKs from outside Google Play, disable NFC when not in use, and use Play Protect to scan for threats.

AppWizard

April 21, 2026

New NGate Android malware variant uses NFC app to steal card data

A new variant of the NGate Android malware exploits a legitimate NFC payment app, HandyPay, to steal users' card information and PINs, enabling unauthorized contactless transactions. This malicious version of HandyPay, which has been available since 2021, was identified by ESET researchers and is distributed through a fraudulent lottery website and a fake Google Play page. The malware captures sensitive information by prompting users to enter their payment card PIN and tap their card against the device, sending the data to an attacker-controlled phone and exfiltrating the PIN to a command-and-control server. The campaign employs social engineering tactics and requires minimal permissions, relying on users to enable app installations from unknown sources. The attackers use a centralized infrastructure for malware distribution and PIN collection, with evidence of compromised devices in Brazil. The shift to modifying a legitimate application is motivated by financial incentives, as it offers similar functionality at a lower cost compared to underground tools. Users are advised to avoid installing apps from unofficial sources and to ensure the legitimacy of applications before entering sensitive information.

AppWizard

April 21, 2026

Minecraft Crafting Essentials: How to Craft Paper | Attack of the Fanboy

Paper is an essential resource in Minecraft, particularly highlighted in the 1.21 Tricky Trials update. Players can craft paper by arranging three sugar cane in a horizontal row on a crafting table. Sugar cane can be found near water sources, thriving in deserts and swamps, and can be planted on various surfaces. The introduction of the Crafter block in the 1.21 update allows for automated paper production, enhancing efficiency. Sugar cane growth is influenced by random ticks, with Java Edition experiencing updates every eighteen minutes and Bedrock Edition every fifty-four minutes. Trading paper with villagers can yield emeralds, with a potential to reduce the trade cost to one sheet per emerald by curing zombie villagers. Additionally, the lore of the game connects paper to the Ancient Builders and their libraries, emphasizing its historical significance.

Tech Optimizer

April 21, 2026

Microsoft quietly reveals whether you need a third-party antivirus software in Windows 11

Microsoft has stated that third-party antivirus software is not necessary for Windows 11, as its built-in antivirus solution, Windows Defender, is sufficient for most users. This assertion was made public on April 9, when Microsoft declared Windows 11 the most secure version of its operating system. Windows Defender is effective when users regularly install Security Intelligence Updates, apply monthly Patch Tuesday updates, and activate SmartScreen for filtering harmful downloads. While third-party antivirus solutions may be beneficial in certain scenarios, such as enterprise environments or for users seeking additional features, Microsoft advises relying on a single real-time antivirus solution, which is typically Windows Defender. Microsoft Defender is a comprehensive protection stack that includes real-time scanning, cloud-delivered protection, and automatic updates. Independent tests have shown that Microsoft Defender achieves high protection rates, comparable to leading paid antivirus solutions. The built-in Windows Security application includes features like SmartScreen, Smart App Control, and ransomware protection, providing extensive coverage without additional costs. The consensus is that most users will not need third-party antivirus software in 2026, as Windows Security offers robust protection against modern threats.

Winsage

April 18, 2026

“A solid list from the community,” as Reddit users highlight 10 open‑source apps that run great on Windows 11 and deserve more attention

Open-source software is becoming increasingly popular among Windows 11 users for its control, privacy, and avoidance of subscription models. Key applications highlighted include: - Firefox: A recommended open-source browser known for its privacy, customization, and performance, with robust extension support and regular updates. - Bitwarden: An open-source password manager that offers encrypted vault syncing across devices, end-to-end encryption, and features like password generation and autofill. - OBS Studio: A standard tool for screen recording and live streaming, praised for its flexibility and hardware acceleration support on Windows 11. - LibreOffice: A comprehensive office suite that provides document, spreadsheet, and presentation tools without subscription fees, supporting common Microsoft Office file formats. - 7-Zip: A file compression utility recognized for its speed and efficiency, offering enhanced security features not present in Windows 11's built-in archive support. - LocalSend: A file transfer tool that allows secure transfers over a local network without needing accounts or cloud services. - GIMP: An open-source image editing tool regarded as an alternative to Photoshop, known for its flexibility and extensive customization options. - Blender: An advanced open-source application for 3D modeling, animation, and video editing, benefiting from strong GPU acceleration on Windows 11. - PowerToys: A suite of productivity utilities for Windows 11 that enhances core features with tools like FancyZones and PowerRename. These applications are favored for their ability to enhance the user experience while prioritizing control, transparency, and long-term usability.

AppWizard

April 18, 2026

Forget Photos and Maps, this is the Google app I can’t live without anymore

Google Wallet has become an essential tool for managing payments and tickets in daily life. Initially limited by bank support, the user gained trust in the app after opening a new bank account that embraced it. The app allows for contactless payments, simplifies ticket management by enabling users to scan and save tickets, and provides offline access to tickets. It also stores loyalty cards, insurance cards, and travel itineraries, enhancing the overall travel experience. The app facilitates seamless public transport navigation, although full integration with Paris' metro system is still pending.