NewApp Digest
search bot

websites

This tax-themed malvertising attack can blind security software before it arrives — and then unleashes ransomware
Tech Optimizer
March 24, 2026

This tax-themed malvertising attack can blind security software before it arrives — and then unleashes ransomware

Cybercriminals are targeting taxpayers with phishing schemes and malware attacks as the April 15 tax deadline approaches. They create fake tax form websites that appear in Google Ads, leading users to download malicious software like ScreenConnect, which can disable device security. These tactics aim to steal sensitive information and potentially facilitate ransomware attacks. Counterfeit Chrome updates are also being used in similar schemes. Taxpayers are advised to verify the authenticity of websites and rely on trusted sources to protect their personal information.
I'm seriously tempted to drop Microsoft Edge after the latest Firefox update
Winsage
March 24, 2026

I’m seriously tempted to drop Microsoft Edge after the latest Firefox update

Mozilla Firefox has released version 149, which includes features such as Split View, a free VPN for public Wi-Fi, enhanced PDF performance, and improved security measures that block notifications and revoke permissions on malicious websites. Firefox allows users to easily disable all AI features with a single switch, while Microsoft Edge requires users to navigate through multiple settings. Firefox is available for download on its website and the Microsoft Store.
Russia's Max: The unencrypted super-app being forced on citizens
AppWizard
March 23, 2026

Russia’s Max: The unencrypted super-app being forced on citizens

The Max application was launched by VK in 2025, raising concerns about potential government surveillance and a separation from Western digital services. The app combines social media, messaging, and government services, including a digital ID and banking, and is being promoted as a "secure" platform by President Vladimir Putin, who aims for "technological sovereignty." Since September, Max has been pre-installed on devices sold in Russia and is included on a "white list" of services operational during internet blackouts. Initially available only to users with Russian or Belarusian SIM cards, it now supports English and phone numbers from 40 "friendly" countries but is not available in the EU or Ukraine. Public sentiment is mixed, with some individuals feeling forced to use it for communications, while others have concerns about privacy and data security. Max does not offer end-to-end encryption, and user data is stored on Russian servers. The app's introduction is part of Russia's strategy for a "sovereign internet," with increased regulatory authority to monitor online activities.
ClickFix Lures Power LeakNet’s Growing Ransomware Attack Chain
Tech Optimizer
March 19, 2026

ClickFix Lures Power LeakNet’s Growing Ransomware Attack Chain

The ransomware group LeakNet has evolved its tactics, increasing its average targets from three per month and shifting from purchasing stolen network access to launching its own campaigns. They now use deceptive error screens and a new tool that executes malicious code in a computer's memory. Their strategy includes ClickFix lures, which compromise legitimate websites to display fake security checks, tricking users into executing malicious commands. This method broadens their victim reach and reduces costs. The Deno loader, part of this strategy, collects machine information and retrieves additional malicious code without leaving standard files, making detection difficult. After infiltrating a network, LeakNet checks for active user credentials and uses PsExec for lateral movement, employing Amazon S3 buckets for payload staging and data exfiltration. Defenders are advised to monitor for suspicious behavior rather than just known malicious files, focusing on unusual web commands and unexpected cloud storage connections.
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
AppWizard
March 19, 2026

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have identified a new family of Android malware called Perseus, designed for device takeovers and financial fraud. It utilizes Accessibility-based remote sessions for real-time monitoring and interaction with infected devices, particularly targeting Turkey and Italy. Perseus monitors user notes to extract personal or financial information and is distributed through dropper applications via phishing websites. It expands on the codebase of previous malware like Phoenix and employs disguises as IPTV services to reduce user suspicion. Once operational, it performs overlay attacks and captures keystrokes to steal credentials from financial applications. The malware allows operators to issue commands through a command-and-control panel, enabling various malicious actions, including capturing note content and initiating remote visual streams. Perseus also conducts environment checks to evade detection and ensure it operates on legitimate devices.
AI Fatigue: Microsoft Pulls Back on Putting Microsoft Copilot Everywhere in Windows 11
Winsage
March 19, 2026

AI Fatigue: Microsoft Pulls Back on Putting Microsoft Copilot Everywhere in Windows 11

Microsoft has decided to abandon plans to integrate Copilot more deeply into Windows 11 following user complaints. Features that would have introduced AI-driven notifications and enhancements are no longer being pursued. The company acknowledged user pain points and is shifting focus towards core stability fixes scheduled for 2026. Additionally, the launch of Windows Recall in 2024 faced privacy issues, leading to a revised version that includes data encryption and user authentication. Microsoft has also allowed administrators on Pro and Enterprise systems to uninstall the Copilot app under certain conditions, reflecting a response to user feedback and past update failures.
silver Android smartphone
Tech Optimizer
March 19, 2026

Top Antivirus Software Options for MacBook Users

Cybersecurity experts warn that MacBooks are becoming increasingly vulnerable to cyber threats, making the installation of robust antivirus software essential for protecting personal and financial data. Leading antivirus solutions for MacBooks include: - Bitdefender: Highly rated for security performance, includes a VPN, and offers protection across multiple devices. - Norton: Known for its dedicated malware research lab, offers features like phishing detection and a firewall, and ranks second-best for Mac antivirus. - Malwarebytes: User-friendly with strong malware removal capabilities, ranks second to Bitdefender, and offers a 14-day free trial. - Intego Mac Internet Security X9: Easy to use with comprehensive features including a firewall and parental controls. - ClamXAV: An open-source option that allows customization and provides multiple levels of protection at a low cost. Apple's built-in security features are less effective against sophisticated threats like ransomware, leaving users without antivirus protection at higher risk for attacks and financial losses. Cybersecurity threats targeting macOS are increasing, emphasizing the need for dedicated antivirus solutions.
Steam build of Death Stranding 2 leaks two days ahead of launch
AppWizard
March 18, 2026

Steam build of Death Stranding 2 leaks two days ahead of launch

Death Stranding 2 is available for preload on Steam, but a pre-release version has leaked on piracy websites two days before its official launch. The leak originated from Steam, where unencrypted game files were mistakenly made accessible, allowing users to download the entire game, which is 113GB in size. While Steam's DRM is easier to bypass than Denuvo, the absence of Denuvo has facilitated this leak. Pirates can download and play the game, but the pre-release build lacks Russian voiceovers. Players who pirate the game will face limitations regarding online features, which are central to the gameplay. The official release is scheduled for March 19 at 7:30 am Pacific (2:30 pm GMT).
Search