U.S. government Archives

Winsage

April 16, 2026

CISA flags Windows Task Host vulnerability as exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in the Windows Task Host, identified as CVE-2025-60710, which poses a risk of privilege escalation, potentially allowing attackers to gain SYSTEM privileges. This flaw affects devices running Windows 11 and Windows Server 2025 and arises from a weakness in link following. Microsoft released a patch for this issue in November 2025. CISA has added CVE-2025-60710 to its list of actively exploited vulnerabilities and mandated that Federal Civilian Executive Branch agencies secure their systems within two weeks. CISA encourages all organizations, including those in the private sector, to implement necessary patches and improve network security. CISA also advised organizations to follow vendor instructions for mitigations or discontinue use of the affected product if mitigations are unavailable.

AppWizard

April 15, 2026

Rival Aptoide sues Google in U.S. over alleged Android app store monopoly

A Portuguese app store, Aptoide, has filed a lawsuit against Google in a U.S. federal court, alleging monopolistic practices that hinder competition in the Android ecosystem. Aptoide claims that Google controls app distribution and in-app billing systems, violating U.S. antitrust laws. The company argues that it could compete more effectively against Google's pricing and policies if not for what it describes as an "anticompetitive chokehold." Aptoide alleges it is directed away from exclusive content and is excluded from accessing critical services, which harms its business. The lawsuit seeks to stop these practices and demands unspecified triple damages. Aptoide has approximately 436,000 apps and serves over 200 million annual users. This lawsuit follows Aptoide's previous complaint against Google with EU regulators in 2014. The case adds to Google's ongoing antitrust issues, including a recent agreement to modify its practices following a legal battle with Epic Games and a separate ruling declaring Google's search engine an illegal monopoly.

AppWizard

April 11, 2026

US government wants gamers to become air traffic controllers

The U.S. government is launching a campaign to attract gamers to become air traffic controllers, with Secretary of Transportation Sean Duffy promoting the initiative on social media. The air traffic control sector is facing a staffing shortage of approximately 4,000 controllers, with only 11,700 certified professionals and trainees available. This shortage has been worsened by a government shutdown that resulted in 44 days of unpaid work for controllers, leading to retirements. The average salary for an air traffic controller reaches 0,000 after three years. Duffy described the hiring process as "supercharged" and emphasized the need to adapt communication strategies to engage younger demographics. Recent incidents, including a crash at LaGuardia Airport, have raised concerns about staffing levels, although Duffy stated that no critical safety personnel were affected by previous staff reductions.

AppWizard

March 25, 2026

FBI warns of Russian, Iranian cyber activity involving messaging platforms

The FBI issued alerts regarding cyber campaigns by Russian and Iranian actors targeting messaging platforms. Russian intelligence services are reportedly infiltrating applications like Signal, leading to unauthorized access of thousands of accounts of U.S. government officials, military personnel, political figures, and journalists. Russian operatives are using phishing messages disguised as support notifications to trick users into providing verification codes or account PINs, potentially allowing attackers to take over accounts. Once compromised, attackers can access messages, contact lists, and launch further phishing attempts. The advisory emphasizes that while Signal is targeted, similar tactics can affect any messaging app. In a separate alert, the FBI highlighted Iran’s Ministry of Intelligence and Security (MOIS) using Telegram to distribute malware aimed at Iranian dissidents and journalists, enabling them to steal sensitive information. This malware often disguises itself as legitimate software and connects to Telegram bots for remote access and data exfiltration. The FBI linked these activities to the Handala Hack group, which claimed responsibility for a recent attack on medical device manufacturer Stryker. The malware can be introduced through social media by hackers posing as technical support. Experts note that the use of Telegram for cyber compromises is increasing, as it helps malicious actors avoid detection by blending their traffic with trusted platforms.

AppWizard

March 23, 2026

FBI Warns of Russian Hackers Targeting Messaging Apps – The Advocate-Messenger

The FBI has issued a warning about phishing campaigns conducted by cyber actors linked to the Russian Intelligence Services (RIS), which target commercial messaging applications (CMAs). These actors have compromised numerous individual accounts, focusing on individuals with significant intelligence value, such as U.S. government officials and journalists, without breaching the encryption of the applications. The campaigns have allowed unauthorized access to private messages, contact lists, and the ability to send deceptive messages. Users of CMAs, especially Signal, are particularly targeted. The phishing tactics involve disguising messages as communications from automated CMA support, leading victims to click malicious links or provide sensitive information. To mitigate risks, users are advised to enhance their cybersecurity measures, remain vigilant, and follow best practices such as scrutinizing links, verifying group chats, and reporting suspicious activity to the Internet Crime Complaint Center or local authorities.

AppWizard

March 23, 2026

Russian hackers hijack thousands of ‘high intelligence’ messaging app accounts, FBI warns

Hackers linked to Russian intelligence are targeting high-profile users of popular messaging applications, according to a warning from the FBI and CISA. The primary targets include U.S. government officials, military personnel, political figures, and journalists. The attackers compromise accounts to access messages and contact lists, allowing for further phishing attempts. Signal users are particularly at risk, though techniques can extend to WhatsApp and Telegram. The hackers use social engineering tactics, impersonating official support accounts to trick users into revealing sensitive information. The FBI and CISA advise users to be cautious of unexpected messages and suspicious links. Victims are encouraged to report incidents to the Internet Crime Complaint Center (IC3).

AppWizard

March 22, 2026

Russian hackers hack messengers, Signal and WhatsApp under attack

Hackers with ties to Russian intelligence have intensified efforts against users of messaging platforms like Signal, infiltrating thousands of accounts, as reported by the FBI and CISA. The main targets include current and former U.S. government officials, military personnel, political figures, and journalists. The hackers used advanced techniques to bypass security, tricking users into revealing security codes through sophisticated phishing campaigns. Signal confirmed that their encryption and infrastructure remain secure despite these attacks. This rise in cyber threats is part of a broader trend involving increased activities from pro-Iranian and Russian hackers targeting the U.S. and its allies.

AppWizard

March 22, 2026

Russian Intelligence targets American messaging app users, FBI says

FBI Director Kash Patel revealed that hackers linked to Russian intelligence are targeting the messaging accounts of high-profile U.S. individuals, including current and former government officials, military personnel, political figures, and journalists. The FBI has identified these cyber actors, who have gained unauthorized access to thousands of accounts globally, allowing them to view private messages, send impersonating messages, and conduct phishing attempts. The campaign specifically targets users of commercial messaging applications like Signal, which has been blocked in Russia due to alleged legal violations. Dutch intelligence agencies reported that Russian hackers are also engaged in a global cyber campaign against WhatsApp and Signal accounts, using phishing tactics to access sensitive information. Signal acknowledged recent targeted phishing attacks leading to account takeovers. Since Russia's invasion of Ukraine, its cyber operations have increasingly focused on disruptive tactics against Western allies.

AppWizard

March 21, 2026

Cyber actors linked to Russia target messaging app users, FBI warns

The United States has issued a warning about cyber actors linked to Russian intelligence targeting users of commercial messaging applications, particularly Signal, compromising thousands of accounts worldwide. The FBI and CISA released a public service announcement detailing the operation's focus on individuals of “high intelligence value,” including U.S. government officials, military personnel, political figures, and journalists. Attackers have not breached the encryption of these platforms but manipulate users into disclosing credentials or linking devices. Russian intelligence-linked actors often pose as official support accounts, creating urgency to obtain security codes. Dutch intelligence agencies also reported a similar campaign targeting Signal and WhatsApp accounts of dignitaries and military personnel. Users are urged to be cautious of suspicious messages and to avoid sharing personal information. Signal reaffirmed that its encryption remains intact, emphasizing that vulnerabilities arise from user behavior rather than technical flaws in the application itself.

Winsage

January 15, 2026

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

Microsoft and the U.S. government have issued a warning about a vulnerability in Windows, designated CVE-2026-20805, which is currently being exploited. This flaw allows an authorized attacker to leak a memory address from a remote ALPC port, potentially leading to arbitrary code execution. It has a medium severity rating of 5.5 on the CVSS scale. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog and requires federal agencies to implement a patch by February 3. Additionally, two other vulnerabilities were acknowledged: CVE-2026-21265, a secure boot certificate expiration bypass with a CVSS rating of 6.4, and CVE-2023-31096, an elevation of privilege flaw affecting third-party Agere Modem drivers, rated at 7.8. Two more vulnerabilities, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7.4), are use-after-free flaws in Office that could allow unauthorized code execution.