victim Archives

AppWizard

June 8, 2026

Pirated PC games are delivering password-stealing malware

A surge in Windows malware campaigns has been identified, with malicious software hidden in pirated PC games and modified installers for popular franchises like Far Cry, Need for Speed, FIFA, and Assassin’s Creed. Over 400,000 devices globally have been affected, with around 30,000 cases in the United States. The malware, known as the "RenEngine loader," is disguised as a legitimate game launcher and infects systems when users download cracked games. It aims to deploy an infostealer called ARC, which can capture sensitive information such as passwords and cryptocurrency wallets, and may also install other harmful payloads like the Rhadamanthys stealer and Async Remote Access Trojan (RAT). Users often remain unaware of their infection until significant damage occurs. Recommendations for safety include avoiding unofficial downloads, using up-to-date anti-malware protection, and regularly updating software.

AppWizard

June 3, 2026

Malware campaign targeting Minecraft users infects over 116,000 systems

A recent investigation by McAfee researchers has identified a Malware-as-a-Service (MaaS) operation called WeedHack, which targets Minecraft users. Since its launch in January 2026, WeedHack has compromised over 116,000 systems, with 2,000 to 3,000 new infections daily. The operation uses YouTube and SEO poisoning to distribute malware, promoting Minecraft mods and utilities through videos. WeedHack is accessible for free, with premium features available at low costs. The malware targets Minecraft session IDs, collects system information, and extracts credentials from various platforms. It includes a web-based dashboard for tracking infections and offers tools for injecting malware into legitimate mods. The operation has also been linked to incidents of cyberbullying among its users. McAfee advises caution when engaging with Minecraft-related content on YouTube.

Winsage

June 3, 2026

Windows Netlogon CVE-2026-41089 exploited: Priority patch needed

Microsoft has addressed a critical vulnerability identified as CVE-2026-41089, which could allow unauthorized access to sensitive data. This vulnerability primarily affects specific Microsoft software and has been classified with a high severity rating. If unaddressed, it could lead to data breaches and unauthorized access. Microsoft recommends users apply the latest security patches and updates. The cybersecurity community emphasizes the importance of prioritizing cybersecurity strategies and collaboration among industry stakeholders to mitigate risks associated with such vulnerabilities.

Winsage

June 3, 2026

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

Cybersecurity researchers have identified an unpatched vulnerability that could expose NTLMv2 hashes to attackers, linked to the "search:" URI handler. This issue is similar to CVE-2026-33829, which involved a spoofing vulnerability in the Windows Snipping Tool's ms-screensketch: URI handler. The flaw allows attackers to trick users into connecting to their SMB servers, disclosing NTLMv2 hashes for authentication exploitation. The new vulnerability operates using "search:" and "crumb=location:" parameters, resulting in a similar Net-NTLMv2 leak. Microsoft has chosen not to address this issue, stating only vulnerabilities classified as Important or Critical would be fixed. Recommendations to mitigate risks include blocking outbound SMB traffic, enforcing SMB signing, and disabling NTLM authentication where possible.

AppWizard

June 2, 2026

Google’s Phone app will tell you if a scammer is impersonating one of your contacts

Google's Phone app is introducing a feature to alert users about potential AI impersonation scams by flagging calls that appear to be from their contacts as suspicious. This update is part of the broader June Android update, which includes other enhancements such as support for Apple AirDrop, accessibility of the Personal Safety app for children under 13, AI-powered clothing try-on features in Photos, and improved search functionality for outfits. The Phone app will notify users with a message indicating that "Someone may be pretending to call from your contact’s number," allowing them to hang up if the call is deemed suspicious. This feature will be automatically enabled for users on Android 12 and later, starting with Pixel devices, and relies on a system where both the user and their contact must use the Phone by Google app to verify call authenticity through a "silent confirmation signal." The feature utilizes end-to-end encrypted rich communication services (RCS) technology.

Tech Optimizer

May 31, 2026

‘Your devices could be at risk’: how antivirus scams trade on fear

Many users receive emails claiming their McAfee antivirus protection is nearing expiration, offering an 89% renewal discount for same-day payment. These emails are not from McAfee but are attempts by cybercriminals to steal personal financial information. The emails often create a false sense of urgency and may contain inconsistent grammar and obscure sender addresses. Clicking links in these emails can lead to counterfeit websites designed to harvest personal data. Users are advised to verify their subscription directly on McAfee.com and report suspicious emails to McAfee and their email provider.

AppWizard

May 30, 2026

Concerned about privacy on your Android? Here’s why Bitdefender is your all-in-one solution

Privacy on Android can be compromised through routine activities like checking bank accounts, shopping online, or using public Wi-Fi. Bitdefender Antivirus Plus offers comprehensive security features, including phishing protection, scam detection, VPN capabilities, and app security. Its VPN encrypts internet connections and routes traffic through secure servers to minimize tracking and protect data from third-party access. Bitdefender also monitors applications for suspicious behavior and blocks threats, ensuring security across the Android ecosystem. The software operates autonomously in the background, scanning for threats and applying protective measures without requiring constant user intervention.

AppWizard

May 28, 2026

Victims of cheaters in Marvel Rivals will be refunded all the ranked points they lost if they report them thanks to NetEase’s new Anti-Cheat Rank Compensation System

Marvel Rivals is experiencing a significant increase in cheating incidents, prompting NetEase to initiate a ban wave and announce updates to its anti-cheat system. Many players believe these measures are inadequate. To address player frustration, NetEase will introduce a new Anti-Cheat Rank Compensation System, allowing players to receive a full refund of Ranked Points lost if they report a confirmed cheater, although this does not apply to Placement Matches. This system, called the "Victim Compensation Protocol," is similar to those in other games like Overwatch and Valorant. However, players remain concerned that current punitive measures are insufficient to deter cheaters, especially since Marvel Rivals is free-to-play, making account bans ineffective. More stringent measures, such as hardware or IP bans, may be necessary, but these harsher penalties are only a small part of the overall ban efforts.

Tech Optimizer

May 28, 2026

5 myths about antivirus software that are hurting your device more than helping it

Windows Defender is a basic antivirus that meets the needs of most users against everyday threats but lacks the comprehensive protection of advanced solutions like Bitdefender, which offers features such as real-time protection against scams, identity theft, ransomware, a VPN, parental controls, and a password manager. Even careful internet users can fall victim to cyber threats, making antivirus software necessary. Modern antivirus solutions, including Bitdefender, do not significantly slow down PCs due to advancements like AI-powered scanning technology. Today's antivirus software operates automatically, requiring minimal user intervention, and protects against a wide range of threats beyond just viruses, including ransomware, phishing, and spyware.

AppWizard

May 28, 2026

Fake ‘Cockroach Janta Party’ Android app flagged as critical malware threat, report warns

A cybersecurity report released on May 22, 2026, identifies a counterfeit Android application posing as the official app of the Cockroach Janta Party as a significant malware threat. The malicious app, known as Cockroach.Janta.Party, functions as a Remote Access Trojan (RAT) and can infiltrate Android devices, steal sensitive information, intercept communications, and control infected smartphones. The genuine Cockroach Janta Party has no affiliation with this app and is a victim of brand impersonation. The app is distributed through WhatsApp, Telegram, and misleading websites, particularly a rogue domain, cockroachjantaparty[.]org. It targets Android devices running versions 8.0 to 14 and requests elevated permissions, including access to camera, SMS, call logs, and contacts, while misusing the Android Accessibility Service to read on-screen content and grant itself additional permissions. The app contains multiple malicious modules for data exfiltration and uses a Command and Control infrastructure based on the Telegram Bot API. Users are advised to uninstall the app, disable Accessibility permissions, reset banking credentials, enable two-factor authentication, and conduct a full mobile security scan. The legitimate Cockroach Janta Party is encouraged to issue a formal clarification regarding the impersonation.