techniques Archives

AppWizard

March 23, 2026

Google adds ‘Advanced Flow’ for safe APK sideloading on Android

Google has introduced a new mechanism called Advanced Flow within Android to facilitate the sideloading of APKs from unverified developers for power users while enhancing security. This system will launch in August and aims to balance user flexibility with protection against malware and scams, which caused losses of approximately billion last year. To install APKs from unverified developers, users must complete a one-time process that includes activating Developer Mode, confirming they are not influenced by threat actors, restarting the device, and verifying the legitimacy of modifications after a day. Once completed, users can install applications from unverified developers and choose to enable them for a week or indefinitely, with Android providing a warning about the unverified source. The Advanced Flow process is designed to prevent users from being coerced into installing malicious software during scam attempts. Google emphasizes that this system is a compromise between Android's openness and necessary user protections, leading to upcoming developer verification requirements. All Android app publishers will need to undergo identity verification by Google, with non-compliance resulting in blocked software installations on certified Android devices. This verification initiative is now set for rollout in August 2026.

AppWizard

March 22, 2026

Russian hackers hack messengers, Signal and WhatsApp under attack

Hackers with ties to Russian intelligence have intensified efforts against users of messaging platforms like Signal, infiltrating thousands of accounts, as reported by the FBI and CISA. The main targets include current and former U.S. government officials, military personnel, political figures, and journalists. The hackers used advanced techniques to bypass security, tricking users into revealing security codes through sophisticated phishing campaigns. Signal confirmed that their encryption and infrastructure remain secure despite these attacks. This rise in cyber threats is part of a broader trend involving increased activities from pro-Iranian and Russian hackers targeting the U.S. and its allies.

AppWizard

March 21, 2026

Xbox Project Helix Specs Leak: Why Microsoft’s New Console is Amazing

Microsoft's gaming console, codenamed Project Helix, integrates console and PC ecosystems, featuring a custom AMD System on Chip (SoC) with a 3nm process, and a GPU based on AMD's RDNA 5 architecture. It reportedly rivals Nvidia’s RTX 5080 in rasterization and outperforms the RTX 5090 in ray tracing. The console includes a dedicated Neural Processing Unit (NPU) for enhanced AI capabilities, supporting both Xbox and PC games natively. It utilizes AMD’s FSR Diamond technology for near-native 4K visuals and incorporates DirectStorage technology for faster load times. Project Helix supports four generations of Xbox games and is expected to have alpha development kits available in early 2027, with a consumer launch in 2028, priced between ,000 and ,200.

Tech Optimizer

March 19, 2026

ClickFix Lures Power LeakNet’s Growing Ransomware Attack Chain

The ransomware group LeakNet has evolved its tactics, increasing its average targets from three per month and shifting from purchasing stolen network access to launching its own campaigns. They now use deceptive error screens and a new tool that executes malicious code in a computer's memory. Their strategy includes ClickFix lures, which compromise legitimate websites to display fake security checks, tricking users into executing malicious commands. This method broadens their victim reach and reduces costs. The Deno loader, part of this strategy, collects machine information and retrieves additional malicious code without leaving standard files, making detection difficult. After infiltrating a network, LeakNet checks for active user credentials and uses PsExec for lateral movement, employing Amazon S3 buckets for payload staging and data exfiltration. Defenders are advised to monitor for suspicious behavior rather than just known malicious files, focusing on unusual web commands and unexpected cloud storage connections.

AppWizard

March 19, 2026

New Android malware hiding in streaming apps to spy on users’ personal notes

Researchers have discovered a sophisticated malware called Perseus that targets Android users by disguising itself within television streaming applications to steal sensitive information, including passwords and banking details. This malware, reported by ThreatFabric, primarily affects users in Turkey and Italy and is based on the leaked code of previous Android banking trojans, particularly Cerberus. Perseus masquerades as IPTV service apps, often downloaded from unofficial sources, and employs overlay attacks and keylogging techniques to capture user credentials. It specifically targets personal note-taking applications like Google Keep, Evernote, and Simple Notes to extract sensitive information stored within them. The malware landscape is evolving, with new threats like the banking trojan Herodotus and the Crocodilus variant, which can manipulate contact lists. Users are advised to be cautious when downloading applications from unofficial sources.

Tech Optimizer

March 16, 2026

What Is a Crypto Miner Virus?

A crypto miner virus, or cryptojacking malware, secretly uses a device’s CPU or GPU to mine cryptocurrency for an attacker, leading to increased electricity costs and potential hardware damage for the victim. It typically infects devices through phishing emails, pirated software, compromised websites, and malicious browser extensions. Monero is the preferred cryptocurrency for mining due to its efficiency on standard CPUs and privacy features. Signs of infection include overheating, high CPU usage, and increased electricity bills. Detection involves monitoring system performance and running antivirus scans. Prevention includes using antivirus software, keeping systems updated, and avoiding pirated software. Notable incidents include attacks on a European water utility and the Los Angeles Times website.

AppWizard

March 14, 2026

Starfield’s composer says the game will become ‘legendary’, Todd Howard’s a ‘visionary’, and maybe you ‘were just not ready for it’

Composer Inon Zur has worked in the gaming industry for nearly three decades, contributing to numerous titles, including Bethesda's Fallout series and Starfield. In an interview, he praised Todd Howard for his creativity and vision, despite mixed reviews for Starfield, which received a 75% score from PC Gamer. Zur described the score for Starfield as a standout feature, emphasizing the duality of vastness and motion in space. He used unconventional orchestration techniques, with woodwinds creating rapid patterns and brass and strings providing a stable backdrop. Zur aimed to capture the relationship between individuals and the enormity of space, which influenced his compositional process.

AppWizard

March 14, 2026

STORMIND GAMES REVEALS REMOTHERED: RED NUN’S LEGACY FOR PC & CONSOLES

Stormind Games announced the third installment of the Remothered survival horror franchise, titled Remothered: Red Nun’s Legacy, set to launch later this year on PlayStation 5, Xbox Series X|S, Nintendo Switch 2, and PC. The game aims to provide a conclusion to the narratives of its predecessors while introducing new gameplay elements and storytelling techniques. CEO Antonio Cannata emphasized the studio's commitment to the franchise, and Game Director Antonio Cutrona noted that the game will feature new skills and a standalone experience for newcomers while offering closure for long-time fans. Players will navigate a convent filled with secrets and face Stalkers while uncovering the truth behind the Red Nun. Key features include survival mechanics, homage to classic horror, hypnosis powers, exploration of a detailed world, and uncovering the story of the Cristo Morente. Players can wishlist the game on various platforms and follow updates on social media.

Winsage

March 13, 2026

Microsoft DirectX Gears Up For ML Era On Windows, Advanced Shader Delivery Solves Game Stutter & Load Times, DXR 2.0 Teased

At GDC 2026, Microsoft announced the introduction of ML-Powered DirectX and Advanced Shader Delivery. The ML-enhanced DirectX includes Cooperative Vectors within Shader Model 6.9, facilitating neural rendering techniques such as Neural Texture Compression and Neural Radiance Caching. DirectX Linear Algebra is introduced to support matrix-based ML workflows, and the DirectX Compute Graph Compiler enables full model graphs to run with native GPU performance. Advanced Shader Delivery allows game developers to provide precompiled shaders to reduce load times and stuttering. New APIs, App Identity API and Stats API, have been introduced to support this feature. NVIDIA, AMD, Intel, and Qualcomm have expressed their support for these advancements. Additionally, Microsoft is developing DXR 2.0, which will support Shader Model 6.10 and is expected to roll out in late summer 2026.

AppWizard

March 12, 2026

Fake Red Alert app used in Android spyware smishing

Acronis' Threat Research Unit has discovered a targeted campaign against Android users involving a counterfeit version of Israel's Red Alert rocket warning app that distributes spyware. The malicious software is spread through SMS messages that appear to be official communications from the Home Front Command, prompting users to download an "update." The fraudulent app mimics the legitimate safety tool, maintaining its rocket alert functionality to avoid detection. Once installed, the spyware collects sensitive data such as SMS messages, contacts, location information, device accounts, and a list of installed applications. This tactic, termed "smishing," combines SMS and phishing techniques. The malware uses sophisticated methods like certificate spoofing and runtime manipulation to bypass Android's signature checks, and it consists of a loader and a secondary component that executes the real alert application while the spyware operates in the background. The spyware monitors user permissions and can harvest SMS messages, contacts, and location data, adjusting its behavior based on the user's geographical position. It sends collected data to a remote command-and-control server, with the exfiltration endpoint identified as ra-backup[.]com. Acronis suggests this campaign may be linked to the group Arid Viper (APT-C-23), known for targeting Israeli interests with trojanized Android applications. Researchers recommend users only download apps from official sources, avoid sideloading packages from SMS links, and review app permissions carefully. They advise checking for the package name com.red.alertx on devices and performing a factory reset if found, along with changing credentials for any accessed accounts.