usernames Archives

Winsage

May 12, 2026

Hackers Can Hide Malware Inside Images to Hack Windows

Researchers at Cyfirma have identified a cyberattack campaign named Operation SilentCanvas that targets Windows systems using deceptive JPEG files to infiltrate devices. The attack begins with victims receiving a file named sysupdate.jpeg, which contains a PowerShell script instead of an image. This script establishes staging environments and downloads additional malicious components while avoiding detection. The malware reconstructs command strings at runtime and downloads a secondary payload called access.jpeg, executed in memory. It exploits Microsoft's .NET compiler to create a custom launcher named uds.exe on infected machines. The malware takes control of a registry key to create a hidden desktop environment for undetected execution of malicious tools and installs a persistent Windows service, OneDriveServers, to maintain activity after reboots. Additionally, it can intercept usernames and passwords at the Windows login screen and create hidden local administrator accounts for long-term access. Security teams are advised to monitor the execution of commonly abused Windows binaries like csc.exe and ComputerDefaults.exe to mitigate risks.

AppWizard

May 8, 2026

Look at how they massacred my boy: Google is killing these Fitbit app features

Google has launched the Google Health app, rebranding the existing Fitbit application, but it will phase out several features that longtime Fitbit users relied on. The badge system will be completely removed, and users will lose unique usernames, profile pictures, direct messaging, and community feeds. Child profiles will no longer allow adding friends, and the weekly leaderboard will only focus on steps and cardio load. In health and wellness, minute-by-minute stress check graphs will no longer be available, and detailed skin temperature data will be replaced with daily and weekly trends. Users cannot set calorie targets through food plans anymore, although they can set macronutrient goals. Recipes for Google Health Premium users will also be discontinued, and daily fitness plans will shift to weekly ones. Sleep features will be reduced, with the discontinuation of sleep profiles, monthly sleep animals, and the Estimated Oxygen Variation (EOV) feature. Premium subscribers will now use the Health Coach for personalized sleep responses, and snore detection on certain devices will be eliminated. The app will maintain compatibility with Health Connect and Apple Health but will no longer support connections to Lifescan devices, affecting users who monitor blood glucose levels. Users can log glucose data manually, but reminders and symptom tracking will be removed.

AppWizard

April 28, 2026

10,000 Users Exposed As Fake Document Reader App Delivers Anatsa Banking Trojan

Security researchers from ThreatLabz discovered a malicious document reader app on the Google Play Store that delivered the Anatsa Android banking trojan. The app, which had over 10,000 downloads before its removal, disguised itself as a legitimate file management tool using the package name com.groundstation.informationcontrol.filestationbrowsefilesreaddocs. It employed a "dropper" technique to hide its malicious code, connecting to an external server to retrieve the malware payload after installation. Anatsa is designed to steal financial information by overlaying a fake login screen over legitimate banking apps, capturing user credentials and enabling unauthorized transactions. Users are advised to delete the app and monitor their financial accounts. Technical indicators for identifying infections include the Anatsa Installer SHA256 (5c9b09819b196970a867b1d459f9053da38a6a2721f21264324e0a8ffef01e20), Payload URL (http://23.251.108[.]10:8080/privacy.txt), Payload SHA256 Hash (88fd72ac0cdab37c74ce14901c5daf214bd54f64e0e68093526a0076df4e042f), and Command and Control servers (http://172.86.91[.]94/api/ and http://193.24.123[.]18:85/api/).

AppWizard

April 27, 2026

RIP Signal: Russians kill trust in many EU diplomats’ beloved messaging app

Signal is experiencing a crisis of trust due to security breaches, including successful infiltrations by Russian hackers in Germany and the Netherlands. Senior EU officials have disbanded a Signal group due to hacking fears. Accessing Signal chat content on the dark web can cost between ,000 to ,000, while WhatsApp data is cheaper, ranging from ,000 to ,000. Personal information, such as travel histories, can be bought for 0 to 0, especially for individuals who have traveled to countries known for data leaks. Investigations revealed that Russian diplomats' medical records, banking information, and dating site usernames are available on the black market. Location tracking can be precise when certain applications are downloaded. A Kazakh refugee in Brussels faced high-definition surveillance, and local laws challenge private detectives' effectiveness. State actors have used Israeli spyware like Pegasus to target journalists and adversaries. The prospect of secure communication is diminishing, with online exchanges increasingly seen as vulnerable.

AppWizard

April 6, 2026

Dangerous “NoVoice” malware found in over 50 Play Store apps that were installed 2.3 million times

A new malware threat called "NoVoice" has been found in over 50 applications on the Google Play Store, with 2.3 million installations on Android devices. Discovered by McAfee, this malware is hidden in seemingly harmless apps like system cleaners, games, and image galleries. It exploits Android vulnerabilities to gain root access, potentially allowing attackers to steal sensitive information and manipulate applications without user consent. In some cases, it may persist even after a factory reset. Google has stated that Android devices updated since May 2021 are protected against this threat and that Google Play Protect actively removes malicious apps and blocks new installations. The malware was not able to infect devices in Beijing and Shenzhen, suggesting the attackers may be avoiding local law enforcement. One identified app carrying the NoVoice payload is SwiftClean, developed by Biodun Popoola. The malware operates using a silent audio file, executing its code without user detection. Users are advised to download apps only from the Google Play Store and keep their devices updated.

AppWizard

February 17, 2026

29 Years Ago, AOL Launched An App That Changed Everything

AOL's AIM introduced an early AI chatbot and reached 36 million users in 2001. The platform struggled to adapt to the rise of mobile communication, leading to its shutdown on December 15, 2017. AIM popularized personal screen names, emojis, and status markers in instant messaging, and it influenced figures like Biz Stone and Mark Zuckerberg. AIM's legacy continues to impact modern messaging, which incorporates various multimedia elements.

Winsage

November 17, 2025

Windows 11 users just got a more convenient way to store passkeys – here’s how it works

The technology behind passkeys involves cryptographic keys and standards like FIDO2 and WebAuthn, but users can enhance their security by creating passkeys whenever offered by websites or apps, using face recognition, fingerprints, or PINs. Users can accumulate multiple passkeys for easier sign-in across services. 1Password is set to integrate a new native passkeys plugin API with Windows 11, allowing users to manage passkeys through 1Password while using Windows Hello for authentication. This integration requires the latest version of Windows 11 and the MSIX version of the 1Password app. Users can enable the passkey feature in 1Password and designate it as the system authenticator in Windows settings. Other password managers may also adopt this integration, and Windows is introducing its own passkey sync mechanism through the Microsoft Password Manager in Edge. Passkeys do not replace existing credentials but serve as a secure alternative to usernames and passwords, with some services offering fully passwordless options.

AppWizard

November 9, 2025

SoftTalk Messenger introduces monetisation for African content creators

SoftTalk Messenger, a Nigerian-owned messaging app, has launched a monetisation programme for African content creators that rewards engagement and prioritises user privacy. The platform allows group administrators and digital community leaders to earn directly from audience interaction through its Creator Partner Program, which calculates earnings based on monthly engagement scores. Users can communicate without disclosing phone numbers, using usernames to enhance privacy. SoftTalk Messenger offers features including text, voice, and video calls, marketplace functionalities, and utility bill payments. Creators can retain 100% of their earnings without relying on foreign intermediaries. Registration does not require a phone number, and the Creator Partner Program requires a minimum of 100 group participants.

AppWizard

November 4, 2025

Dangerous new Android trojan is taking over phones and draining bank accounts — how to stay safe

A new banking Trojan is disguising itself as legitimate applications like digital ID tools and news readers, targeting Android users with banking and cryptocurrency apps. This malware steals login credentials and operates stealthily as an infostealer, evading detection while continuously collecting data. It can take over screens, interact with buttons, and use fake login screens for overlay attacks on real banking apps. Users are advised to regularly check accessibility services, download apps only from the Google Play Store or reputable sites, and scrutinize app permissions. Implementing layered security measures, such as using antivirus applications and keeping software updated, is essential to mitigate risks associated with this malware.

Tech Optimizer

November 1, 2025

maCERT Warns of Rapidly Spreading Spyware “Acreed”

maCERT, the Moroccan national cybersecurity agency, has issued an alert about a new spyware toolkit called Acreed, which emerged in February 2025. Acreed has become one of the most prevalent information stealers on the dark web, accounting for approximately 17% of underground cyber activity. Its primary function is to infiltrate computers and extract sensitive information, which is then sold or exploited by hackers. Acreed spreads through deceptive emails, infected advertisements, and pirated software downloads. It collects data such as usernames, passwords, browser information, cryptocurrency wallet details, and session tokens for cloud services. The data is transmitted to remote servers controlled by cybercriminals. The risks associated with Acreed affect both individuals and business networks. Recommendations to mitigate the threat include keeping antivirus software updated, monitoring for suspicious activity, avoiding unofficial software downloads, and being cautious with unsolicited emails. Users who suspect infection are encouraged to report it to maCERT for assistance.