We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

tactics

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers
Winsage
November 25, 2025

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

Cybersecurity experts have identified a new campaign that combines ClickFix tactics with counterfeit adult websites to trick users into executing harmful commands under the guise of a "critical" Windows security update. This campaign uses fake adult sites, including clones of popular platforms, as phishing mechanisms, increasing psychological pressure on victims. ClickFix-style attacks have risen significantly, accounting for 47% of all attacks, according to Microsoft data. The campaign features convincing fake Windows update screens that take over the user's screen and instruct them to execute commands that initiate malware infections. The attack begins when users are redirected to a fake adult site, where they encounter an "urgent security update." The counterfeit Windows Update screen is created using HTML and JavaScript, and it attempts to prevent users from escaping the alert. The initial command executed is an MSHTA payload that retrieves a PowerShell script from a remote server, which is designed to deliver multiple payloads, including various types of malware. The downloaded PowerShell script employs obfuscation techniques and seeks to elevate privileges, potentially allowing attackers to deploy remote access trojans (RATs) that connect to command-and-control servers. The campaign has been linked to other malware execution chains that also utilize ClickFix lures. Security researchers recommend enhancing defenses through employee training and disabling the Windows Run box to mitigate risks associated with these attacks.
ClickFix attack uses fake Windows Update screen to push malware
Winsage
November 25, 2025

ClickFix attack uses fake Windows Update screen to push malware

Recent observations have identified ClickFix attack variants where cybercriminals use deceptive Windows Update animations on full-screen browser pages to hide malicious code within images. Victims are misled into executing harmful commands through specific key sequences that copy and execute commands via JavaScript. Security researchers have documented these attacks since October, noting the use of LummaC2 and Rhadamanthys information stealers. Attackers utilize steganography to embed malware payloads within PNG images, reconstructing and decrypting them in memory using PowerShell and a .NET assembly called the Stego Loader. A dynamic evasion tactic known as ctrampoline complicates detection by initiating calls to numerous empty functions. The shellcode extracted from the encrypted image can execute various file types directly in memory. Following a law enforcement operation on November 13, the Rhadamanthys variant's payload delivery through fake Windows Update domains ceased, although the domains remain active. Researchers recommend disabling the Windows Run box and monitoring suspicious process chains to mitigate risks.
CISA alert draws attention to spyware’s targeting of messaging apps
AppWizard
November 25, 2025

CISA alert draws attention to spyware’s targeting of messaging apps

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the increasing threat of spyware targeting messaging applications, particularly on Android devices like Samsung. Cybercriminals are using social engineering techniques, including sending harmless-looking image files via WhatsApp, to install malicious software. Russian hackers have been reported to compromise Signal accounts. The alert highlights a focus on high-value individuals, including government officials and civil society members in the U.S., Middle East, and Europe. CISA has a history of issuing such alerts and provides cybersecurity guidance, including a "must-patch" list for federal agencies. Users are advised to be vigilant and follow mobile security guidelines, as threat groups are also using malicious QR codes and zero-click exploits to compromise devices.
D&D's new turn based tactics PC game should be a delight - but without VR, I'm not finding the fun
AppWizard
November 25, 2025

D&D’s new turn based tactics PC game should be a delight – but without VR, I’m not finding the fun

Demeo x Dungeons and Dragons: Battlemarked is a cooperative multiplayer strategy game set in D&D's Forgotten Realms, available on Steam, PlayStation 5, and Meta Quest, primarily designed for virtual reality (VR). The game features turn-based strategy gameplay with players choosing from various D&D classes and species, represented as virtual miniatures. It is not a virtual tabletop or a direct adaptation of D&D 5e rules. The graphics are low in polygon count but rich in character, and the game emphasizes quick play sessions without the discomfort of VR-induced nausea. The control scheme reflects its VR origins, requiring players to pick up and place figures, which feels cumbersome on a flat screen compared to other games. The game is set to release on November 20, and the reviewer notes that their experience has been limited to single-player due to illness in the office.
The Witcher 4 might be miles away, but Geralt and Ciri are honing their blades for some turn-based tactics this month
AppWizard
November 23, 2025

The Witcher 4 might be miles away, but Geralt and Ciri are honing their blades for some turn-based tactics this month

Sword of Convallaria will feature a crossover event with characters from The Witcher 3: Wild Hunt, starting on November 28. The event will introduce at least four iconic characters, including Geralt, Yennefer, Triss, and Ciri, with Ciri expected to be available for free. The game is a grid-based strategy title reminiscent of Final Fantasy Tactics, and players can access it without upfront costs. Each character has unique abilities, and the crossover does not have a predetermined end date. The game has received mixed reviews, with some praising its gameplay and narrative, while others criticize its gacha mechanics.
This mech themed XCOM-like just got a gargantuan update that overhauls its campaign, redesigns its overworld, and adds personalities to pilots with 'over 100' unique traits
AppWizard
November 23, 2025

This mech themed XCOM-like just got a gargantuan update that overhauls its campaign, redesigns its overworld, and adds personalities to pilots with ‘over 100’ unique traits

Brace Yourself Games released Phantom Brigade 2.0, an update to the mech-themed, simultaneous turn-based tactics game originally launched in 2023. The update addresses criticisms of the initial version, which included repetitive missions and basic enemy AI. Key enhancements in the 2.0 update include a reworked campaign with new maps and quests, an expanded overworld with new provinces, improved mission generation for a dynamic environment, over 100 unique pilot traits and abilities, and revamped gameplay mechanics for better tactical encounters. Early player feedback shows a positive reception, with recent Steam reviews indicating a 90% positive rating. The game is currently available at a discounted price of £12.50 until December 3.
New Viking RPG fusing Baldur's Gate 3's combat with KCD2's bawdy charm sets a launch date, and you can try a demo now
AppWizard
November 22, 2025

New Viking RPG fusing Baldur’s Gate 3’s combat with KCD2’s bawdy charm sets a launch date, and you can try a demo now

Norse: Oath of Blood is a turn-based RPG featuring twins Gunnar Gripsson and Sigrid Gripdottir on a quest for vengeance after their father is betrayed and murdered. The game combines tactical battle systems with a rich narrative and character interactions. It utilizes advanced motion capture technology and aims to capture the human aspects of Viking culture. The release date is set for February 3, 2026, on PC via Steam, with a free demo currently available.
Data Doctors: Beware fake Windows Defender alerts
Winsage
November 22, 2025

Data Doctors: Beware fake Windows Defender alerts

Microsoft's Windows Defender has vulnerabilities that can be exploited by cybercriminals, including a method to remotely disable it using a trusted Windows driver. There has been an increase in counterfeit "Windows Defender" pop-ups that prompt users to call a phone number, connecting them to scammers. These pop-ups do not originate from Microsoft and are often triggered by compromised websites or malicious ads. Scammers use these alerts to gain remote access to victims' computers under the pretense of fixing non-existent issues, often charging for fraudulent services or installing malware. Windows Defender struggles against advanced threats, lacks deeper monitoring capabilities, and is a prime target for attackers due to its widespread use. A multi-faceted security approach, including third-party solutions like Trend Micro, is recommended to address these gaps and enhance protection. Additionally, maintaining smart security habits, such as updating software and using strong passwords, is crucial for overall system security.
Naskay Launches New Android Maintenance App Designed to Boost Speed, Security, and Performance in the USA
AppWizard
November 21, 2025

Naskay Launches New Android Maintenance App Designed to Boost Speed, Security, and Performance in the USA

Naskay has introduced an innovative Android maintenance app in the United States to address issues of sluggish smartphones. The app adapts to users' unique usage patterns and offers features such as clearing junk files, managing background processes, monitoring battery performance, scanning for security threats, and organizing storage efficiently. It includes enhanced security features that scrutinize app permissions and identifies suspicious requests. The storage cleanup feature uses smart algorithms to help users manage duplicate photos and unnecessary files without automatic deletions. Additionally, the app provides tailored solutions for battery optimization while allowing users to maintain control over their device's performance.
Search