theft Archives

AppWizard

April 10, 2026

Kazakhstan Considers National Messaging App Aitu for Insurance Companies – The Times Of Central Asia

Kazakhstan’s Agency for Regulation and Development of the Financial Market is considering the domestic messaging platform Aitu for communication between insurance companies, non-bank financial institutions, and their clients. The regulator has encouraged market participants to assess Aitu as a communication tool aimed at enhancing personal data protection. Concerns have been raised about Aitu’s user base, functionality, integration costs, and the absence of clear regulatory guidelines for handling personal and financial data. The adoption of Aitu is not mandatory but is seen as a potential secure communication channel. Aitu’s infrastructure supports high data protection due to localized servers in Kazakhstan, which reduces risks of cross-border data issues. The platform features end-to-end encryption and biometric identification through Aitu Passport, aiming to enhance user verification and minimize phishing and identity theft risks. The agency noted that open APIs and business dashboards could allow financial institutions to integrate with Aitu cost-effectively. Additionally, government agencies and quasi-state companies have been encouraged to use Aitu for official communications.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

Winsage

April 9, 2026

BlueHammer: Windows zero-day exploit leaked

A proof-of-concept (PoC) exploit called BlueHammer has been released on GitHub, targeting an unpatched local privilege escalation vulnerability in Windows. The exploit, attributed to users Chaotic Eclipse and Nightmare Eclipse, has been modified by security researchers to work on updated versions of Windows 10, 11, and Windows Server. The exploit manipulates Microsoft Defender to create a Volume Shadow Copy, allowing access to sensitive registry files and enabling the extraction of NTLM password hashes. This facilitates the alteration of a local Administrator's password and subsequent login. The exploit can duplicate the Administrator's security token and create a malicious Windows Service that runs with SYSTEM privileges. While there are no reports of BlueHammer being exploited by malicious actors, researchers warn that such PoC code can be weaponized quickly. Microsoft has committed to investigating reported security issues related to this vulnerability.

Winsage

April 8, 2026

Showing the Windows 10 desktop was the yeast they could do

A bakery in Ontario, Canada, displayed three Windows 10 desktops in a humorous signage mishap. The bakery advertises itself as "Artisan, Fresh, and Healthy," and has a security camera aimed at preventing baguette theft. The presence of Windows 10, despite its criticisms, is seen as more favorable than its successor, Windows 11. The bakery lacks typical enticing imagery, featuring instead the default Windows 10 wallpaper.

Tech Optimizer

April 8, 2026

Avast Antivirus: A Complete Guide to the Software and Its Security Features

Avast antivirus is a widely used digital security solution for mobile and desktop platforms, developed by Gen Digital. It offers a free version that is accessible and easy to set up, making it popular among first-time users. Key security features include real-time threat protection, web protection tools, email protection, behavior monitoring, and a network inspector. The software operates quietly in the background, has a clean and intuitive interface, and provides essential security features in its free version. However, users may experience intrusive upgrade prompts, and advanced tools require a paid subscription. Avast distinguishes itself by offering behavioral threat detection in both free and paid versions, and its extensive user base enhances its threat detection capabilities. The free version includes basic protections suitable for everyday online activities, but advanced features necessitate an upgrade. Users are encouraged to adopt strong passwords, utilize password managers, enable two-factor authentication, and practice safe browsing habits to ensure online privacy.

AppWizard

April 8, 2026

Xbox Game Pass additions for April include Hades 2 and Call of Duty: Modern Warfare

Xbox is adding several titles to its Game Pass Ultimate and PC Game Pass offerings in April. Key dates and titles include: - April 7: Final Fantasy IV - April 8: DayZ, Endless Legend 2, FBC: Firebreak, Warhammer Vermintide 2 - April 9: Planet Coaster 2 - April 10: Tiny Bookshop - April 13: Football Manager 26, Football Manager 26 Console - April 14: Hades 2, Replaced, The Thaumaturge - April 16: The Elder Scrolls IV: Oblivion Remastered, EA Sports NHL 26 - April 17: Call of Duty: Modern Warfare - April 21: Little Rocket Lab, Sopa: Tale of the Stolen Potato, Vampire Crawlers - April 23: Kiln On April 15, the following titles will be removed from Game Pass: Grand Theft Auto V, Ashen, Eiyuden Chronicle: Hundred Heroes, My Little Pony: A Zephyr Heights Mystery, and Terra Invicta.

Tech Optimizer

April 7, 2026

Webroot cuts prices by 50% on Total Protection plans — get the bundled VPN, antivirus software, and more from $90 for your first year

Webroot by OpenText is offering a promotion on its Total Protection software services. The Total Protection subscription is available for .99, reduced from .99, covering protection for five devices under one user identity for the first year. The Total Protection Family plan is priced at .99, down from .99, extending protection to ten devices and accommodating ten distinct identities for the first year. Both plans include antivirus, anti-phishing, malware and ransomware protection, a secure VPN, a password manager, unlimited cloud backup for one PC or Mac, advanced dark web monitoring, account monitoring, parental controls, and identity theft insurance with up to million in expense reimbursement.

Tech Optimizer

April 7, 2026

Norton 360: Comprehensive Cybersecurity for Devices

Norton 360 is a comprehensive cybersecurity solution that protects consumers and businesses from digital threats, integrating features like a VPN and password manager. It safeguards various devices, including PCs and smartphones, and offers multiple editions for individuals, families, and small businesses. Key features include real-time threat detection, a smart firewall, a no-logs VPN, a password manager, parental controls, behavior-based detection for zero-day threats, cloud backup functionality, and performance optimization tools. The suite is effective against phishing, malware, and ransomware, with a 100% detection rate confirmed by independent tests. Norton 360 also caters to small businesses with endpoint protection, compliance tools, and secure file sharing. It employs heuristics and machine learning for threat adaptation and supports unlimited devices in premium plans. The software is compatible with Windows, macOS, Android, and iOS, and offers a VPN service with servers in over 30 countries. Norton 360 competes in the global cybersecurity market, maintaining a strong presence in North America and Europe, with subscription models ranging from basic to deluxe editions. Demand for the product has increased due to high-profile data breaches, and it is available in over 150 countries. Common use cases include protecting home networks, securing client data for freelancers, and safeguarding school-issued laptops. Norton 360 is part of Gen Digital Inc., which focuses on consumer cybersecurity.

Tech Optimizer

April 6, 2026

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Cybersecurity researchers have discovered 36 malicious packages in the npm registry that impersonate Strapi CMS plugins. These packages exploit Redis and PostgreSQL, deploy reverse shells, harvest credentials, and establish persistent implants. Each package consists of three files—package.json, index.js, and postinstall.js—without descriptions or repositories, and all use version 3.6.8 to mimic legitimate Strapi plugins. The malicious packages follow a naming convention starting with "strapi-plugin-" and were uploaded by four accounts within 13 hours. The identified packages include names like strapi-plugin-cron, strapi-plugin-database, and strapi-plugin-server. The malicious code is embedded in the postinstall script, executing automatically upon installation with the same privileges as the user. The payloads evolve from exploiting Redis for remote code execution to attempting direct PostgreSQL database exploitation and deploying persistent implants for remote access. The campaign appears to target cryptocurrency platforms, as indicated by the focus on credential theft and digital assets. Users of these packages are advised to assume compromise and rotate credentials. This incident reflects a broader trend of supply chain attacks in the open-source ecosystem, with recent examples including credential exfiltration payloads in GitHub repositories and compromised GitHub Actions workflows. Group-IB reported that software supply chain attacks are increasingly reshaping the cyber threat landscape, targeting trusted vendors and open-source software to gain access to downstream organizations.

AppWizard

April 6, 2026

Veteran indie developer scared to reveal new game in case it gets “slurped up by AI”

Lucas Pope is a notable game developer known for creating "Papers, Please" and "The Return of the Obra Dinn." He has since worked on smaller projects, including Mars After Midnight, but has not released anything on Steam recently. During a podcast, Pope expressed concerns about the impact of artificial intelligence on game development, particularly regarding idea theft and the potential for his work to be copied or imitated. He feels uneasy discussing ongoing projects due to these risks and reflects on the pressure of following up his previous successes. Despite these worries, Pope's reputation allows him to avoid some challenges faced by less-known developers, and his next project is expected to generate significant interest.