variants Archives

AppWizard

April 25, 2026

Android Hackers Target 800 Banking, Crypto and Social Media Apps With ‘Near-Zero Detection Rates’: Zimperium

Android hackers are targeting over 800 applications in banking, cryptocurrency, and social media sectors, utilizing four active malware families: RecruitRat, SaferRat, Astrinox, and Massiv. These malware employ advanced techniques to evade detection and execute credential theft, unauthorized financial transactions, and data exfiltration. Attackers lure victims through phishing websites, fraudulent job offers, fake software updates, text-message scams, and promotional lures. Once installed, the malware can request Accessibility permissions, obscure app icons, obstruct uninstallation, and steal sensitive information through counterfeit lock screens. They can also capture one-time passcodes, stream device screens, and overlay fake login pages on legitimate applications. The malware uses HTTPS and WebSocket communications to blend malicious traffic with normal activity and may incorporate encryption layers to avoid detection.

AppWizard

April 21, 2026

Trojanized Android App Fuels New Wave of NFC Fraud

A new variant of the NGate malware family has emerged, using a trojanized Android application to capture payment card data and personal identification numbers (PINs). This modified version of HandyPay, a legitimate NFC relay app, has been distributed since November 2025, primarily targeting users in Brazil. The malware intercepts NFC payment card data and allows fraudulent transactions. Two distinct malware samples have been observed, delivered through phishing infrastructure that impersonates a Brazilian lottery site and a Google Play listing for a card protection tool. The trojanized app captures NFC data, requests the victim's card PIN, and transmits this information to attacker-controlled infrastructure. It requires minimal permissions, leveraging its role as the default payment application to evade detection. Evidence suggests that generative AI tools may have been used in its development, indicated by emoji markers in debug logs. ESET has reported its findings to Google, and Google Play Protect can detect known versions of the malware. The developer of HandyPay is investigating the misuse of its application.

Tech Optimizer

April 21, 2026

Microsoft Defender: The Gold Standard for 2026 Security

Microsoft asserts that Microsoft Defender Antivirus is sufficient for most Windows 11 users as their sole security solution, following updates to the Windows security framework designed to counteract emerging threats. The current Windows security experience includes features such as real-time protection, cloud-delivered intelligence, smart app control, and cross-platform presence. Microsoft believes that the operating system itself is the most effective guardian of user data, embedding protections directly into the kernel to avoid performance slowdowns associated with external antivirus solutions. Despite this, the cybersecurity sector argues that specialized third-party software remains important, offering features like advanced password management and dedicated identity theft protection that Microsoft Defender lacks. The threat landscape in 2026 is increasingly driven by AI, prompting Microsoft to integrate AI into the Defender engine for proactive threat detection. While Microsoft Defender provides a robust baseline for security, a comprehensive strategy also requires good digital hygiene, strong password policies, and skepticism towards suspicious links.

AppWizard

April 18, 2026

Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits

On April 16, Google released Android 17 Beta 4, concluding its beta phase and focusing on app compatibility and platform stability. Developers must finalize updates for Android 17 to avoid delays when the stable version is released. Key behavioral changes for apps targeting Android 17 include: - Large-screen resizability restrictions, preventing apps from opting out of maintaining orientation, resizability, and aspect ratio constraints. - Expanded restrictions on dynamic code loading, requiring native files loaded via System.load() to be read-only. - Certificate Transparency is enabled by default. - Local network access is restricted by default, with a new ACCESSLOCALNETWORK permission for persistent access. - Stricter rules on background audio interactions, including playback and volume change APIs. Android 17 introduces per-app memory limits based on device RAM to target memory leaks and anomalies, with minimal impact expected on app sessions. Developers can check for memory limit impacts via ApplicationExitInfo and utilize profiling tools in Android Studio Panda. An on-device anomaly detection service monitors resource-intensive behaviors and provides profiling artifacts. Additionally, the Android Keystore now supports ML-DSA for quantum-safe signatures, allowing developers to generate keys and create signatures within secure hardware.

AppWizard

April 17, 2026

Torchlight Infinite’s new season is the high-speed ARPG’s most popular yet

A new season of Torchlight Infinite, titled 'Lunaria,' has launched, achieving its most successful debut on Steam with a peak of 26,618 players. The update introduces new features such as an endgame farming system, a character focused on potion mechanics, and temporary alliances with bosses. Key gameplay mechanics include awakening statues in the Netherrealm to spawn monsters and collect rewards, alongside random events that enhance loot opportunities. The update also adds Rhapsodies for variability in farming, a Creation Engine for converting Creation Crystals into loot, and a new character, the Scent Weaver Sage, who uses elixirs in combat. Quality-of-life improvements include visual upgrades for characters and monsters, enhanced user interface, and a re-arranged main theme for the game's third anniversary. The 'Lunaria' season is available for free on Steam, along with a 'Midas Touch' event for additional rewards.

Winsage

April 15, 2026

Windows Update Warning: Fake Windows 11 24H2 Site Pushes Password-Stealing Malware

A sophisticated fake Windows update site has emerged, designed to mimic Microsoft’s branding to distribute malware, specifically targeting individuals seeking early access to Windows 11 version 24H2. The fraudulent site resembles a legitimate cumulative update download page, using familiar design elements to evade detection. The malware operates as an information-stealing entity, targeting saved passwords and browser sessions, potentially bypassing two-factor authentication. It transmits stolen credentials through encrypted channels to external servers. The installer uses legitimate packaging tools to minimize detection and employs obfuscated scripts within legitimate software components. The campaign modifies system startup entries and creates disguised shortcuts to maintain persistence. Researchers noted the use of a typosquatted domain and meticulously spoofed file properties. As of April 2026, Microsoft has not released Windows 11 version 24H2 to the public, and legitimate updates are only available through Windows Update. Users are advised to obtain updates exclusively through official channels and keep security features updated.

Tech Optimizer

April 14, 2026

Fake Windows 11 24H2 Update Site Distributes Password-Stealing Malware

A recent discovery by Malwarebytes has identified a cyber threat involving a typosquatted domain that mimics official Microsoft support pages. This site uses authentic branding and KB-style reference numbers to deceive users into downloading what appears to be a legitimate cumulative update. The malware, once installed, operates stealthily, stealing passwords from browsers and active sessions, which allows attackers to bypass two-factor authentication. The stolen data is sent to external servers through encrypted channels. Initial scans showed zero detections by multiple antivirus engines due to the malware's obfuscated scripts. It also modifies system startup entries and creates disguised shortcuts for persistence. Microsoft has not yet released Windows 11 version 24H2 to general users, and updates should only be obtained through official channels to avoid potential threats.

Winsage

April 10, 2026

Windows Zero-Day Published on Github as Microsoft Fails to Act

A security researcher named Chaotic Eclipse published a working exploit for a Windows zero-day vulnerability, called BlueHammer, on GitHub on April 2. The exploit allows attackers to gain SYSTEM-level privileges by exploiting a race condition in Windows Defender’s signature update mechanism. The exploit has gained significant attention, with over 100 forks and nearly 300 stars on GitHub. Will Dormann, a principal vulnerability analyst, confirmed that while BlueHammer is functional, it may not always operate reliably. Microsoft has not issued a patch for this vulnerability. The exploit targets the Windows Defender signature update process, allowing low-privilege attackers to manipulate a file path during operation, leading to access to the Security Account Manager (SAM) database. Currently, only 8 out of 72 cybersecurity vendors on VirusTotal flag the exploit file as malicious, which raises concerns about detection coverage. Microsoft reiterated its commitment to coordinated vulnerability disclosure but did not address the communication issues regarding the BlueHammer report.

AppWizard

April 9, 2026

Minecraft 26.2 Snapshot 1

- The upcoming release is titled "Chaos Cubed." - Players can explore the Overworld and sulfur caves, seeking sulfur springs and new resources. - A new mob called the Sulfur Cube has been introduced, which absorbs blocks and can be interacted with using Shears. - The Sulfur Cube can detect nearby block items and will follow players holding absorbable blocks. - Upon defeat, the Sulfur Cube splits into two smaller versions, which can be fed to grow larger. - New Cinnabar and Sulfur block sets have been added, including various variants like Polished and Bricks. - The sulfur caves biome has been added, featuring sulfur pools and the Sulfur Cube mob. - Potent Sulfur is a new block that produces nausea-inducing gas when placed under water. - Sulfur Springs generate naturally above the sulfur cave biome in various sizes. - Vulkan support has been added for improved visual experience, with a new "Graphics API" option in Video Settings. - Players can toggle between OpenGL and Vulkan, with Vulkan being the default if supported. - New attributes related to bounciness and friction have been introduced for entities. - New sounds and textures for Sulfur, Potent Sulfur, Cinnabar, and the Sulfur Cube have been added. - Various bugs have been fixed to improve gameplay stability.

AppWizard

April 7, 2026

PC Users Can Claim Over $25 Of Free Games, No Subscription Required

PC gamers can access complimentary titles from the Epic Games Store every Thursday, with no fees or subscriptions required. This week's offerings include "Clone Drone in the Danger Zone," a beat 'em up game released in 2021, typically priced at .99, and "TOMAK: Save the Earth Regeneration," celebrating its 25th anniversary, usually priced at .99. "Clone Drone in the Danger Zone" features various modes, including Story Mode, Endless Mode, and multiplayer options, and has a 96% Overwhelmingly Positive rating on Steam. "TOMAK" involves nurturing a goddess to prevent Earth's destruction. The next batch of free games will be available on Thursday, April 9, at 11 a.m. ET / 4 p.m. BST.