New threads

This page contains the latest threads that were created in our community.

Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found

Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after researchers found a hidden browsing-history collector built into its official store version.

The collector was dormant. An empty allow-list kept it switched off, and no proof has emerged that it ever gathered or sent a single browsing domain.

The analysis came from Stripe OLT, a UK security firm, which checked the code against Google's own Web Store signature and confirmed the collector shipped inside the genuine extension, not a counterfeit.

This seems to be a huge security flaw in Edge and MS Defender.

If you go to this site and click on phishing, follow the prompt on that page.


You should not be able to see the page, it should be blocked.

BUT Edge does not block it, neither does defender, Bitdefender does... Why is this allowed?

How to keep your drivers when reinstalling Windows (no internet connection needed)

Microsoft recently revealed Cloud Rebuild, a Windows 11 recovery option that wipes a PC and reinstalls the OS along with all its drivers straight from Windows Update. It works even when Windows itself won't boot, and it doesn’t need a USB stick. The new recovery feature is available for Insiders to test in the latest Experimental builds.

Although Cloud Rebuild already looks like a useful feature, it has one crucial limitation. You still need to be connected to the internet in order for it to work. That kind of defeats the purpose if your network drivers are out of place.
Luckily, Windows already offers a way to export every driver currently installed on a system into a folder. You can use that method to put your drivers on a USB stick, and then simply import them again once you do a clean reinstall.

You can do this using command-line tools called DISM and pnputil, and all it takes is a few simple commands. DISM, short for Deployment Image Servicing and Management, is a built-in Windows tool for managing system images and installed components; and pnputil is a built-in Windows tool for managing driver packages in the driver store. Both have existed in Windows for years.
Here is the full process:
  1. Open Start, type powershell, then press Ctrl+Shift+Enter instead of Enter. This launches PowerShell elevated and triggers a UAC prompt, which you need to accept before either command below will work.
  2. Create a destination folder before exporting anything. DISM throws an error and exports nothing if the folder doesn't already exist: mkdir C:\DriverExport
  3. Export every third-party driver currently installed on the system: dism /online /export-driver /destination:C:\DriverExport
  4. Copy the DriverExport folder to a USB stick or a second internal drive, one that won't get wiped during the reinstall.
  5. Wipe the drive and install a clean copy of Windows as usual.
  6. On first boot, open an elevated PowerShell window again using the same Ctrl+Shift+Enter shortcut.
  7. Point pnputil at the copied folder to bulk-import every driver that matches the current hardware: pnputil /add-driver C:\DriverExport\*.inf /subdirs /install
That's it, after you’re done, you’ll have all your old drivers back like they never left. Windows will even skip drivers that don't have any hardware associated with it, as well as old drivers if Windows Update already installed a newer driver.

my DNS dig failed for 20 minutes and then recovered on its own, with no config change ?

my DNS dig failed for 20 minutes and then recovered on its own, with no config change — what local causes should I look at? I refuse to believe that an internet backbone feature would just drop for 20mins and then mysteriously recover on it's own. Or have you found that to be normal ?

Jamf Threat Labs discovers and investigates CrashStealer, a C++ macOS infostealer that impersonates Apple's crash-reporting framework.

Meet CrashStealer. This one takes delivery more seriously than most, a signed and Apple-notarized dropper that's pulling its second stage payload down through GitHub.The payload is a native C++ stealer with client-side AES-GCM encryption and layered anti-analysis.Check out our writeup for additional details and indicators of compromise.

Introduction​

In early May, a suspicious macOS sample uploaded to VirusTotal surfaced through our sample-processing pipeline, and Jamf Threat Labs began tracking it. It impersonated Apple's crash reporting framework and, at that point, looked like an infostealer still in development. By early July we were seeing in-the-wild detections of the payload matching one of our in-house rules, indicating the project had matured from development into active use. We track this malware under the name CrashStealer.

Unlike much of the commodity stealer activity on macOS, which is built on AppleScript droppers or thin Objective-C wrappers, CrashStealer is implemented in native C++ around an internal class the authors named MacOSData. It validates the victim's login password locally before harvesting, collects broadly across browsers, cryptocurrency wallets, password managers and the keychain, encrypts what it collects with AES-GCM before exfiltrating over libcurl, and persists by copying and re-signing itself. Although its objectives overlap with families such as Atomic (AMOS), MacSync and Phexia, its native C++ implementation and client-side encryption set it apart, and we track it as a distinct family rather than a variant.

We have since identified the stage that precedes the payload: a signed and Apple-notarized dropper, distributed as a disk image named "Werkbit Setup," that retrieves the CrashStealer payload from attacker infrastructure and launches it. Because the dropper carries a valid Developer ID and a stapled notarization ticket, it clears Gatekeeper on first launch, in contrast to the ad-hoc-signed payload it installs.

Throughout this post, we examine CrashStealer as we observed it and highlight the behaviors most relevant from a defender's perspective.

what are the good file download manager for Ubuntu Linux ??

Hi everybody.

i want to know about your recommendation for trusted and clean download manager in Ubuntu Linux which similar in its efficiency for IDM in windows and can be downloaded from Ubuntu App center

WhatsApp asked to pause its biggest ever update

India says new username feature could increase ‘online fraud, phishing, digital arrest scams and impersonation attacks’
Indian authorities have asked WhatsApp to pause a major update amid fears that it could lead to a massive increase in scams.

The messaging app announced the new feature last week, which allows users to choose a username rather than a phone number to identify themselves.

Regulators have since raised security concerns about the change, with India’s Ministry of Electronics and Information Technology ordering WhatsApp to suspend the roll out until an assessment is carried out to determine whether it could increase online fraud and scams.

WhatsApp billed the new feature as a privacy update that would allow people to protect their phone numbers from strangers.

The company claimed that a user’s phone number is “personal [and] tied to so many parts of your life”.

It cited an example of joining a group chat, where people are currently forced to share their phone numbers with people they might not know.


“Usernames are our latest step to make WhatsApp even more private,” the company wrote in a blog post announcing the update. “There’s no directory to browse and no suggestions – people will need to know you exact username to contact you for the first time.”

It was set to be introduced to WhatsApp’s 3.3 billion global users in the coming months, though Indian authorities issued a notice blocking the roll out.
India is WhatsApp’s biggest market, with more than 850 million users, though roughly 10 million accounts are banned every month due to policy violations and suspected scam activities.

The government said the new update “may materially increased the incidence of online fraud, phishing, digital arrest scams and impersonation attacks”.

In response, WhatsApp said that users still require a phone number to use the app and that it had systems in place to detect impersonation attempts and scam activity.

“To protect against impersonation, we’ve held the highest-profile names – think public figures, government entities, celebrities, verified Meta accounts – so they can only ever be claimed by their legitimate owners and lookalike derivatives of known names are held as well,” a spokesperson said.

“Users need to know the exact username to message you, we will limit how many new people an account can contact, block repeated attempts to guess someone’s username key, and have systems to detect and remove activity showing common impersonation and abuse patterns.”

Centers Laboratory Data Breach Affects 540,000 Individuals

Healthcare diagnostics company Centers Laboratory (Centers Lab NJ LLC) has informed the US government that a data breach discovered nearly one year ago affects more than 540,000 individuals.

According to a data breach notice posted on its website, the New Jersey-based provider of testing and laboratory services for healthcare organizations discovered an intrusion in its IT environment in August 2025.

An investigation showed that threat actors had gained “limited access” to Centers Laboratory systems between August 9 and August 14, exfiltrating personal and protected health information, including names, dates of birth, SSNs, driver’s license or state identification numbers, passport numbers, and health insurance and medical information.

The healthcare data breach tracker maintained by the Department of Health and Human Services revealed last week that the data breach affects 542,377 individuals.

Centers Lab was targeted by the WorldLeaks cybercrime group, which listed the organization on its website in October 2025.

The hackers leaked more than 1.6 million files totaling 720 GB, allegedly stolen from Centers Lab systems.
WorldLeaks, which made headlines for targeting major companies such as Nike and Dell, emerged in 2025 following the shutdown of the Hunters International ransomware group.

Following the transition to WorldLeaks, the cybercriminals stopped using file-encrypting malware and have focused on data theft and extortion. More than 170 organizations are listed on the group’s website at the time of writing.

Lidl customers across Europe hit in suspected data breach - here's what we know

Customers in three countries have had some of their data stolen
Lidl confirms cyberattack at third-party IT service provider that exposed customer data including names, phone numbers, emails, dates of birth, and customer numbers
Passwords, payment details, and addresses were not affected, but the company warns of phishing risks and urges vigilance against identity fraud attempts
Incident was contained quickly, reported to authorities, and investigated by forensic experts; Lidl operates ~12,900 stores across 32 countries
Lidl is warning its customers of a cyberattack which may have affected some of their personal information stored with the company.

In a data breach notification published on its Netherlands, Belgium, and Germany websites, the German discount supermarket chain said an IT security incident at one of its IT service providers affected some of the data stored by Lidl Online Shop customers.

“We were informed of this incident at the beginning of the week,” a machine-translated notification reads. “Despite high IT security standards, unknown persons briefly gained access to a separately stored file with customer data and part of the data was stolen from it. The system of the online shop itself is not affected.”
Read more:

Debian 13.6 Released With Security Updates for Linux, Apache, Curl, QEMU, and More

The Debian Project has released Debian 13.6, the sixth point update for its stable Debian 13 “trixie” distribution. This update, released on July 11, 2026, includes a collection of security fixes, critical bug corrections, and updated installation images.

It does not introduce a new version of Debian; existing systems can be upgraded to the latest revision via standard APT updates from an updated Debian mirror.

Debian 13.6 Released
Debian 13.6 consolidates packages previously issued through Debian Security Advisories (DSAs), so systems that regularly install updates from the trixie-security repository will have fewer packages to download.

The updated installer includes the fixes from this stable point release and features a Linux kernel ABI bump to version 6.12.94+deb13. Administrators can update their systems by running `apt update && apt upgrade`. At the same time, new deployments can use the updated Debian 13.6 installation media.

A significant change in this release concerns UEFI Secure Boot.
Full Story;

The security of password managers

I have created this thread to encourage a serious discussion about the security of Password Manager.

Personally, I have extensively used Sticky Password, Dashlane, Password Boss and Enpass.

I will be sharing studies and links about weakness, usability issues as well as my own experience.


For the past two days, I have been considering my options and I have finally settled on Sticky Password, but now I found out that Sticky Password does have some metadata unencrypted in its vault. I still have no idea what data they don't encrypt, but I will do some research on that matter.



Looking forward to hearing your insights and thoughts as well as you experiences.

Edit:

And excerpt form the link above

The only information that is not encrypted is limited metadata — for example, structural data such as row identifiers and field labels. This metadata does not contain any of the actual stored values like passwords, usernames, or secure notes. The encryption approach remains the same regardless of whether the vault is stored locally or synced online.

I believe I will contact Sticky Password and see what they have to say about this.

Microsoft Testing Copilot Feature That Shows What’s Slowing Down Your Windows 11 PC

Microsoft is quietly testing a new Copilot capability called “PC Insights” that lets the AI assistant analyze your Windows 11 machine’s hardware and pinpoint exactly what’s causing slowdowns. The feature is currently rolling out slowly in the United States and isn’t yet available to all users.

PC Insights is an optional Copilot feature that answers real-time questions about your PC’s current hardware state rather than giving generic troubleshooting advice.

Once enabled, Copilot taps into Windows APIs to read system resources including CPU, RAM, and GPU usage, plus available and total storage capacity.

It can calculate whether you have enough free space to install a new app or game, and it breaks down folder sizes for locations like Downloads and Documents without accessing individual file contents unless you grant explicit permission.

Brown Professor's chart exposes the scale of AI cheating in college exams

Gotta love those academics with data: 86 students registered for the class out of the usual 30. 18 students dropped the course after the announcement of the in-person test. 59 showed up for the final. Maybe two people didn’t “cheat” (🤪) —one of the highest and lowest scorers on the midterm. Presumably, at least 30 people passed this class.

2026-07-09-image-6.jpg

Sandboxie-Plus v1.18.0 / 5.73.0 Latest

Release v1.18.0 / 5.73.0 Latest

Sandboxie-Plus 1.18.0 / Sandboxie 5.73.0 focuses on improving everyday usability, responsiveness, and Chromium browser compatibility, with particular attention given to one of the most frequently requested scenarios: sharing an existing browser profile between the host and a sandbox.

The most significant work in this release addresses long-standing issues affecting Chromium-based browsers such as Chrome, Edge, Brave, and other derivatives when using the host profile from within a sandbox. Previous versions could trigger browser setting resets due to Chromium's Secure Preferences protection, making profile sharing unreliable. This release introduces a compatibility workaround that preserves browser settings and extensions when a host profile is accessed from inside a sandbox, eliminating one of the biggest obstacles to this workflow. In addition, Sandboxie now properly supports Chromium's elevation service and the required DPAPI handling, allowing sandboxed browsers to access host credentials, cookies, passwords, and other protected data when the appropriate compatibility template is enabled. Together, these improvements make running a sandboxed browser against an existing host profile far more practical and transparent than before.

Recovery functionality has also received several improvements. RecoverFolder and AutoRecoverIgnore patterns now support wildcards, including recursive matching, providing much more flexible recovery configuration. AutoRecoverIgnore rules can now also be applied to the Quick Recovery dialog, while recovery handling itself has been refined to avoid unnecessary dialog closures and to provide a more consistent deletion workflow. Several issues affecting Immediate Recovery have been resolved as well, including problems caused by path casing differences and situations where recovery could become permanently suspended.

The SandMan user interface has been improved with pending-change highlighting in the Options and Settings dialogs. Responsiveness has also been significantly improved during periods of heavy Sandboxie logging by batching UI updates and reducing rendering overhead.

The crash dump mechanism has also been completely reworked. The new crash reporter provides a more streamlined experience and, if the user chooses, can automatically submit crash reports together with an optional comment, making it much easier to provide useful feedback and helping identify and resolve issues more quickly.

This release further resolves several smaller but noticeable issues throughout the project, including cleaner handling of expected system account lookups, correct display of network paths in notifications, and numerous fixes that improve overall stability and polish.

Overall, version 1.18.0 delivers a substantial quality-of-life update, with the new Chromium profile compatibility work standing out as a major improvement for users who rely on sharing their existing browser environment between the host system and Sandboxie.

For a full list of changes please review the change log.

You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.

https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.18.0
https://www.wilderssecurity.com/threads/sandboxie-plus-v1-18-0.460302/

A Week With Comodo, and I am shocked.......... (not a fanboy)

If you read my posts you know I have an AMD PC. You know I am not a beginner, but I'm not near as smart as many here. I am also 70.

I have enjoyed building, and installing, and playing with software since Win 95, actually Win 3 (I think).

You'll notice I like software that doesn't slow me down.

I have a clean install, and an image of that install, made by Macrium Reflect X.

I have lots of software, I have collected over the years.

I love Avast one and or Avast one with VoodooShield (Cyberlock) , I also like the following for speed: McAfee, Kaspersky (my fav), F-secure, and a couple others.

My experience with Comodo in the past was via interacting with Cruel Sister (I found her bio fascinating).

I used her recommendations concerning Comodo 4 or 5 times. Her settings no doubt are the gold standard for security via Comodo.

But I always ran into little burps, different types of inconveniences. Now I am not saying this is CS's fault. It's just the Comodo way at times.

But that all changed 7 days ago. I decided to go to my image, and then download the latest version of Comodo by searching Google "Free Comodo Antivirus". The first link was to Comodo, I clicked on the first tab. I believe this gives you the Pro version, but the about actually says Comodo Internet Security 2025 Pro.

Now I have to admit, none of this is my own doing. For after installing I turned to Ai, and took a screenshot of each and every page, under settings. I showed them one at a time to Ai, and asked for settings to provide great security, without becoming bothersome, and I didn't want to slow down my PC. Ai gave me advice on each and every screenshot of which I believe there were 30.

I then deleted those original screenshots after making all the changes according to Ai, and I made another screenshot of those settings, again equaling 30, to keep for future installs, along with importing the settings from Comodo to my D: and E: drives onboard and to F: which stays offline.

Now this time was spectacular. Everything is as fast as McAfee / K7 and I assume as secure as Bitdefender or Kaspersky. Now I can attest to the blazing fast speed, for Apps, and webpage loading, and surfing. What I have no way of knowing is how great is the security, for the only tests I can do are the normal Gibson, EICAR ECT.

Now for those interested I have 30 screenshots. I just don't know how to share them here. Last time I tried I made a huge mess, my post looked horrible. Images to big, to small, duplicates, and an admin had to fix. SO IF anyone has a dummy email account, I would gladly email the 30 screenshots to you and possibly you could apply them to this post. I mean for a visual, for those who might be interested in Ai's preferred settings for Comodo, to make it fast, secure, and nonobtrusive.

Hope someone finds this helpful.

How to check your disk health in Windows 11 to prevent data loss

You can avoid losing your data by routinely performing health checks. If you do a check and the drive says that it is failing, then you have time to back up your important data before any data loss occurs.

Windows 11 allows you to check the state of your HDD or SSD using built-in tools. Here’s how you can go about finding the status of your drive:
  1. Open Settings (Press Win + i)
  2. Go to System > Storage
  3. Scroll down and click on Advanced storage settings
  4. Click on Disks & volumes
  5. Under each disk it will give the status, such as Healthy
  6. Select your main drive from the list and click the Properties button next to it
  7. Look at the Drive Health section; it will show you: Estimated remaining life, Available spare, and Current Temperature
It is a good idea to check the health every few months so that you don’t get caught out. However, don’t rely on it 100%; keep backing up regardless in case it misses a drive failure.

Microsoft Confirms Windows GDID Device Identifier That Cannot Be Disabled, Documented in FBI Case Filing

Microsoft has publicly acknowledged the existence of the Global Device Identifier (GDID), a device-specific ID assigned to Windows installations, in a federal complaint filed by US prosecutors against an alleged member of the Scattered Spider hacking group.

The ID is generated when Windows is set up with a Microsoft Account, persists through Windows updates, and cannot be disabled without affecting Windows activation and Microsoft Store apps.

Microsoft briefly mentioned GDID in the Azure Monitor documentation, describing it only as "an identifier used by Microsoft internally." The complaint cites a Microsoft representative describing GDID as "a persistent, device-level identifier designed to uniquely identify an installation of a Windows operating system on a device, either a physical device such as a mobile phone or laptop or a virtual machine, across certain Microsoft services and scenarios."

Why Privacy Researchers Are Concerned and What Users Can Do​

Multiple security researchers have raised concerns about the visibility and control users have over GDID:
  • There is no consent screen when GDID is assigned. Apple's advertising identifier requires an App Tracking Transparency prompt with a visible reset. Android provides similar controls. GDID has neither.
  • Activation dependence. Massgrave, the group behind Microsoft Activation Scripts, has noted that Windows setup sends hardware info to Microsoft and receives identifiers back that are later used for Store access and licensing. Blocking GDID assignment breaks both activation and UWP apps.
  • Reinstalling Windows produces a new GDID, but signing back into the same Microsoft Account gives Microsoft a clear path to link the new identifier to previous activity.
  • Microsoft's public documentation of the identifier consists of one sentence in an Azure Monitor reference table for enterprise IT administrators.
Security researcher Matthew Hickey has characterized Windows as "surveillance software" in response to the case. Costin Raiu asked on the Three Buddy Problem podcast how much similar functionality exists on other platforms.

Users concerned about GDID have limited direct options because the identifier cannot be turned off without breaking core Windows functionality. Practical steps that reduce related tracking include:
  1. Use a local account instead of a Microsoft Account when possible. Windows 11 has made this harder in recent versions, but the option is still available during setup for users who know how to reach it.
  2. Turn off optional diagnostic data through Settings, Privacy and security, Diagnostics and feedback.
  3. Disable personalized ads and launch tracking under Privacy and security, Recommendations and offers.
  4. Turn off Cloud Content Search under Privacy and security, Search, to stop local searches from sending data to Bing.
  5. Review and disable Activity History and other telemetry options in Privacy and security settings.
  6. For journalism, activism, or domestic abuse situations where identifier persistence poses a threat, use Linux routed through Tor rather than relying on a commercial VPN with a Windows PC.
Users who reinstall Windows to obtain a new GDID should be aware that signing back into the same Microsoft Account provides Microsoft with data linking the new identifier to previous activity.

LG and Alienware monitors caught auto-installing Windows adware

Adware is usually associated with pre-built PCs and dubious free downloads, but some users recently discovered that even legitimate monitors can quietly install apps that display pop-ups without permission. Fixing the issue seems to require changing local group policy settings or, in extreme cases, disabling the Microsoft Store altogether.

Redditor "Mags_Smash" recently complained about seeing McAfee pop-up ads on his PC despite never having installed the antivirus suite. He eventually traced the ads back to another app that his new LG monitor had installed without his knowledge.

After connecting one LG UltraGear 27GP83B monitor and two 27GN800s, Mags_Smash found that at least one of the panels had installed an "LG Monitor App Installer" via the Microsoft Store and Windows Update. The application shows up under the name "9PM9N6F47JB8-LGElectronics.LGMonitorApp" in Reliability Monitor, and Event Viewer logged its successful installation.

Several others reported the same problem after coming across the discussion, and some found their own systems were affected once they went looking. Others confirmed similar behavior with Dell and Alienware monitors, comparing it to how Asus motherboards automatically install the company's Armory Crate software.

Knockoff browser extension filters pseudo-brands on Amazon

If you shop at Amazon, you may have noticed a rising number of sellers that sound like a very bad draw at Scrabble. Try searching for common items such as powerbanks, USB cables, or dog beds.

You find the usual assortment of known brands and also plenty of offers from sellers that you may have a hard time pronouncing.

Enter the Knockoff extension: it is designed to filter these sellers on Amazon. The developer of the open source extension explains its purpose in the following way:

Amazon is flooded with trademark-squat “brands” (SZHLUX, HORUSDY, LATTOOK, DOZAWA…): random strings registered at the USPTO purely to unlock Amazon Brand Registry, selling commodity goods with no company, no warranty, and no reputation behind them. Knockoff detects those listings and hides, dims, or labels them, right in the search results.

The extension runs locally in the browser. It comes with a seed list of “notorious pseudo-brands” and two other lists — “established Chinese-owned brands” and “established brands”, that you can enable or disable based on your preferences. It uses name heuristics on top of that and can also identify brand-less offers. You may also add companies to your own allowlist or blocklist.

The extension goes through all lists, starting with the allowlist and blocklist, to resolve each product listing on Amazon. Furthermore, you can set filter levels from relaxed to strict, which determine what is getting filtered:
RelaxedKnown pseudo-brands + your blocklist
Standard (default)+ suspect-looking names + unbranded listings
Strict+ anything not on a known-brands list (allowlist-only)

Qihoo 360 Total Security 2026 Free

Qihoo 360 is a Chinese antivirus company and, above all, a giant in the field of IT security in China.
Having owned its own antivirus software for a long time, Qihoo expanded internationally in 2011 with an "Internet Security" version, followed by a "Total Security" version. It also offers a web browser, 360 Browser.
For a long time, Qihoo used its own Cloud technology along with virus databases from Avira and Bitdefender. Currently, Qihoo uses only its own technologies (its Cloud and KuPeng).

Let’s take a closer look at all of this.



Interface :

The interface has changed colors! Gone is the bluish hue—it’s now a very white interface with blue accents. Qihoo hasn’t completely abandoned blue, though, which gives it an elegant look.
While checking it out, I notice that Qihoo still doesn’t enable certain settings, such as PUP scanning, and doesn’t offer KuPeng by default. Since I want to test it at its maximum performance, I enable and install KuPeng.
Qihoo still comes with some bloatware and offers Opera during installation

Malware URL : 6,5/10
Qihoo lets some serious infections slip through (4 in total), though it manages to block one of them thanks to HIPS.
The web filter—even though it isn't installed by default and I installed it myself—is completely useless: No sites were blocked while browsing!

Malware Pack : 59 out of 69 threats remain
Despite a few blocks from the HIPS, the machine becomes infected very quickly and severely.
Worse still, Qihoo suffers from latency issues—I’ve noticed that it detects threats 5 to 10 minutes after they’ve been executed! Why doesn’t it block the file if it knows about it? Because this isn’t the first time!
Malware such as stealers or other RATs like NanoCore slip through undetected.

Final scan :
Qihoo: 0
Symantec : 15
Emsisoft : 11
KVRT : 14 (Memory infected !!)

Final opinion:

Even though Qihoo promises improvements, aside from the interface, I don't see any...
The delays in alerts and detections are still there, the HIPS is very lacking, the firewall is very basic (and you have to pay if you want more features)—in short, Qihoo is becoming a shadow of its former self.
Not recommended.

@Dreams&Visions request

Free Subnetlens Network Scanner

Jatter AI Browser

Microsoft confirms Secure Boot update failing on some Windows 11 PCs, blocks update due to known issues

Microsoft has confirmed that Secure Boot certificate updates are failing or being blocked on some Windows 11 PCs due to known issues. The company says it is working with PC makers on a patch, but you may still need to take action if the certificate is blocked for other reasons.

In an updated support document first spotted by Windows Latest, Microsoft says it has paused the Secure Boot rollout for some PCs due to potential known issues. If your device is affected, you’ll now see a detailed error message in the Windows Security app
Read full Story:

ESET NOD32 Antivirus for Windows (1-Year) $19.99

AI-Driven Protection for Safer Browsing​

  • Antivirus & Antispyware: Detects, blocks, and removes viruses, spyware, malware, and other online threats in real time.
  • Ransomware Shield: Helps prevent ransomware from encrypting files and demanding payment for their recovery.
  • Intel Threat Detection Technology: Leverages Intel hardware capabilities to enhance detection of advanced threats and malicious activity.
  • Artificial Intelligence: Uses AI-powered analysis to identify and stop known and emerging cyber threats more effectively.
  • ESET SysInspector: Provides a detailed system analysis tool for identifying suspicious files, processes, and system changes.
  • Multithread Scanning: Utilizes multiple processor cores to perform faster scans while maintaining efficient system performance.

Protection, Convenience and Uninterrupted Gaming​

  • Anti-Phishing: Blocks fraudulent websites and phishing attempts designed to steal passwords, financial data and personal information.
  • ESET HOME Security Management: Lets you manage, monitor and secure your devices and subscriptions from a centralized online dashboard.
  • Gamer Mode: Minimizes notifications and background activity to provide uninterrupted gaming, streaming and full-screen experiences.

Upgrade from Windows 11 to Ubuntu while keeping the NTFS hard disk ??

Hi everybody,

i have old laptopn whicl contain two built-in hard disks

1.Windows hard disk >> Volume C >> SSD 128 GB >> Containing operating system
2. Volume D >> NTFS HDD 1TB hard disk containing my file

i plan to upgrade from Windows 11 to Ubuntu by formatting the hard disk containing Windows and installing Ubuntu LTS 24 while keeping the other hard disk untouched. My question is: will I be able to access my files in Ubuntu without any issues, like in Windows, or will I need to reformat? Is there any special tool required so that the FHS file system sees NTFS volumes? i need to access files as directories from this NTFS without having to format and transfer files to an external hard disk and transfer them again

Writing a single 100-word email with ChatGPT consumes approximately the volume of a standard bottle of water

Good Free Antivirus of Ubuntu Linux

Hi dears
I am planning to upgrade the OS laptop for my old laptop (HP ProBook 4540s) from windows 11 24 H2 to Ubunto LTSC 24 and i an thinking for good free AI for it . What is your recommendation for Good clean and free Antivirus ??

Dell BIOS Flaw Lets Attackers Recover Admin Passwords From SPI Flash in Milliseconds

A critical flaw in how Dell stores BIOS administrator and user passwords allows full password recovery from a flash dump in milliseconds, with no brute force required.

Dell stores BIOS passwords in the DVAR (Dell Variable) region of the SPI flash chip, encrypted using a repeating 20-byte XOR key applied to a 32-byte field. The first character of the password is stored completely unencrypted.

For any password of 12 characters or fewer, the unused, null-padded tail of the 32-byte field ends up XORed against zero, which simply reveals raw key bytes. Since the key is only 20 bytes but the field is 32, this mismatch leaks the entire key directly from the record, letting attackers reverse the password instantly.

Longer passwords leave a small blind zone, but the researchers found a way around it: Dell’s key derivation uses only a fixed per-device seed, a GUID, and the single unencrypted first character of the password.

Opera One gets a new and faster native ad blocker

We were the first to bake a native ad blocker directly into the browser, and today we’re able to say that we’ve been cooking! By overhauling the ad blocking engine and adding compatibility with uBlock lists and filters, we’ve created our fastest and most efficient ad blocker yet. For you, this ensures a better browsing experience in today’s increasingly chaotic web.

Aerie from Hawk Eye: Tools for Malware Testers

As promised earlier on today, the platform that I use for testing is now live.

Meet Aerie - I am hoping it will help malware testers be more productive.

After creating an account with very few details, this is your dashboard.

1783711082658.png


Phishing list
1783711109301.png


Malware URL list
1783711164766.png


Plus custom additions

Everything can be checked against sandboxes and threat sources
1783711259355.png

1783711299428.png

1783711342471.png


And last but not least - collaborative testing.
1783711722235.png


Everyone can start a campaign and add the threat set. Other users then request to join the testing subject to approval, and report their results

1783711787673.png


The platform is enriched with my signature OrbitUX.


Unfortunately, due to licensing and payment per request, I am unable to include all sources that the original platform uses.

Enjoy!

Shadowra PC Config 2026/2027

Hello :)

My new setup for the past 3 months!

I switched to Linux because I got sick of Microsoft and their forced AI...
For gaming, I use ProtonGE and Nvidia GeForce Now

As for the router: I have a TP-Link GE230 Gaming router with Wi-Fi 7 capable of delivering 2.5 Gbps (but my fiber connection is currently at 1 Gbps—we’ll see if I switch back to 2 Gbps someday)

Firefox release cadence experiment: moving to 2 weeks starting in September

APIVoid SFTP Terminal - Free SSH, SFTP, FTP, WebDAV and S3 client

We've released a new free software for Windows:

APIVoid SFTP Terminal is a fast Windows client for SSH, SFTP, FTP/FTPS, WebDAV, and Amazon S3. Its key features include tabbed sessions in a dual-pane interface, a built-in text editor (with the option to convert files to Unix LF line endings), split view with SSH terminals, and an optional broadcast mode for sending keystrokes to all connected servers simultaneously. Configure and manage SSH keys, jump hosts, proxies, and known hosts, then easily assign them to saved sessions. Protect your credentials with Windows DPAPI and an optional master password. Generate RSA, Ed25519, and ECDSA SSH keys, and export them in OpenSSH or PPK format. The SSH terminal includes a feature-rich right-click menu for copy/paste, uploading files, editing files with the built-in text editor, downloading files, and running quick commands (snippets). You can also execute commands and bash scripts on multiple servers with a single click.

You can find more details, FAQs, and the full list of features on the product page:

Here is a screenshot of the main program window with some options in the context menu:

image1.png


Some other screenshots:

image6-rmb-saved-sessions.png image4-split-view.png image3-dual-panel.png image2-ssh-terminal.png

pytroman86 setup configuration

Hello


This is my setup configuration security

Google Gemini Top-Up > AI Pro > 18 Months for 6€

Meet Gemini, Google's AI assistant. Get help with writing, planning, brainstorming, and more. Experience the power of generative AI.

Patch for Windows Defender 0-day could allow attackers to fill hard disk

A patch Microsoft released on Wednesday to fix a zero-day vulnerability in its Defender security engine may cause Windows machines to write files large enough to completely consume available disk space, the researcher who discovered the flaw said.

RoguePlanet, tracked as CVE-2026-50656, came to public notice in June when NightmareEclipse, the pseudonymous name used by a researcher, disclosed it along with code for exploiting it. The vulnerability allows remote attackers to gain administrative control of Windows 10 and Windows 11 machines, even when real-time protection has been disabled. Over the past few months, the anonymous researcher has published a handful of other zero-days that have sent Microsoft scrambling to develop patches.

Writing files of unlimited size​

Microsoft said Wednesday that it patched RoguePlanet with an update to the Microsoft Malware Protection Engine, which is used by the Defender antivirus app. The fix will automatically be downloaded and installed without users having to take any action. Wednesday’s update also includes “defense-in-depth updates to help improve security-related features.”

In a post on Thursday, NightmareEclipse said the defense-in-depth additions produce behavior that may allow attackers to exhaust all available space on a hard drive by writing massive amounts of data to it. The newly introduced mitigations create a problem in mpengine.dll, the driver associated with the Microsoft Malware Protection Engine, that in some cases causes it to leak 8 bytes of data when trying to open a file. New functionality in SpyNet, a cloud service that allows Microsoft Security Essentials or Forefront Endpoint Protection to send reports about suspicious software and programs to Microsoft, also plays a role in the potential mass file-writing behavior.

Defender normally places hard limits on how big a file can be written to disk when scanning and quarantining a machine.

“This implementation make [sic] sense, because quarantining a huge file will cause Defender to completely exhaust the available disk space,” the researcher wrote. “I found a small exception to this rule, apparently the spynet functions in mpengine.dll really wants [sic] to keep a local copy of Zone.Identifier ADS file and it does not matter how big this file is, Windows Defender will cache it locally anyways.”

A Zone.Identifier is a hidden metadata file, sometimes called an alternative data stream, that Windows automatically associates with files downloaded from the Internet or received in email or other external sources. The data stream allows Windows to mark the file’s origin and the security zone it should receive.

NightmareEclipse said that a malicious actor could trigger this behavior using Server Message Block, a communications protocol for sharing files over a local Windows network. The researcher explained:

You will need a special setup to exploit this, a custom SMB server that will be handling requests from Windows Defender is needed, the SMB server should serve a malicious file (a good example is mimikatz executable) followed by a massive ADS file (a good example is mimikatz.exe:Zone.Identifier), in the process of replying to the read requests, at some point the SMB server should never respond to the read request but keep the connection alive. This will cause Defender to hang and keep a lock on the offending files that holds the entire disk space.

Obviously this won’t crash the machine but windows won’t behave properly with a full disk, multiple apps and services crash randomly.
Microsoft didn’t immediately answer questions asking if it could confirm the described behavior existed.

NightmareEclipse and Microsoft have been locked in a heated dispute since at least May, when the researcher said Microsoft silently patched a vulnerability the researcher had privately reported. In the weeks following, the researcher released details and exploit code for a handful of vulnerabilities before Microsoft had a chance to patch them. Microsoft, in turn, has publicly railed against the researcher for “not responsibly” disclosing the vulnerabilities and made a veiled reference to the possibility of pursuing legal action. After a public backlash, Microsoft relented and vowed no such legal action would occur.

Forg365 PhaaS Uses Telegram and AI Lures to Hijack Microsoft 365 Accounts

Forg365 is a commercial phishing-as-a-service (PhaaS) platform specifically targeting Microsoft 365 users. It employs methods such as device-code phishing, adversary-in-the-middle (AiTM) workflows, AI-assisted lure generation, and token persistence tools.

The platform’s onboarding process through Telegram, subscription model, and post-compromise features highlight how identity attacks on Microsoft 365 are becoming increasingly commercialized.

Researchers from ZeroBEC have assessed Forg365 as a “Kali365-class” platform because it integrates Telegram distribution, Microsoft 365 OAuth abuse, token capture, phishing templates, and persistent access capabilities. However, there is no conclusive evidence establishing a shared ownership with Kali365 or the Sneaky 2FA operation.

Forg365 PhaaS Hijack Microsoft 365 Accounts
Read more:

Microsoft Warns of GigaWiper Backdoor Built to Destroy Windows PCs

Microsoft has discovered a destructive Windows backdoor called GigaWiper that gives its operators remote control over infected computers before allowing them to trigger several forms of permanent system damage.

Malware Families
Researchers first identified the malware during destructive attacks in October 2025. Their analysis found that GigaWiper was not developed as one dedicated wiping tool. Its operators combined code from at least three older malware families and placed their destructive functions inside a single backdoor.

Once installed, GigaWiper can maintain access through a scheduled task disguised as “OneDrive Update.” The task runs at startup and every minute, allowing the malware to remain active while receiving commands through RabbitMQ servers and returning results through Redis.

According to Microsoft, operators can choose between several destructive actions depending on their objective. One command removes partition information, overwrites physical drives, and forces the computer to restart. Another targets only the Windows installation drive and overwrites its contents several times.
Full Story;

Tipard Screen Capture - 1 year for free

Features of the Screen Capture program:

  • Screen Capture:Easily capture your screen with various options.
    • Customizable Area Size: Define the specific screen area you want to capture.
    • Full Screen Recording: Capture your entire screen with a single click.
    • Custom Area Selection: Select a specific portion of the screen for recording.
  • Video Recording:Record high-quality videos of your screen activities.
    • Output Format Options: Save your recordings as MP4 or WMV for easy playback.
    • Flexible Area Size: Choose between predefined screen sizes or customize your dimensions.
    • Mouse Drag Selection: Drag your mouse to determine the recording area.
  • Audio Recording:Capture audio files with simplicity.
    • Audio Source Selection: Choose between system audio and microphone voice.
    • Various Audio Formats: Save audio files as MP3, AAC, M4A, or WMA.
  • Phone Screen Recording:Record your iPhone and Android screens with ease.
    • Output Format Control: Choose the desired output format for your phone recordings.
    • Enhanced Visuals: Enjoy a larger monitor screen for superior visual effect.
  • Additional Features:Enhance your screen capture experience.
    • Set Recording Time: Automatically stop capturing at your specified end time.
    • Cursor Effects: Customize the appearance and behavior of the cursor.
    • Video Preview: Review your recordings immediately after capture.
  • Explore More Tools:Discover additional features within Tipard Screen Capture.
    • Webcam Recording: Capture webcam content during video calls.
    • Game Recording: Record your gameplay on your computer.
    • Snapshot Capture: Take screenshots of specific screen regions.
    • Drawing on Screen: Annotate and insert images into your recordings.
    • Selective Window Recording: Choose specific windows to include or exclude.
    • Editing Tools: Trim, compress, combine, and convert recorded videos.
Download:

Tenorshare AI Diagrimo - 6 months for free

Features​

  • AI Visualization:Automatically converts highlighted text into diagrams, charts, or infographics with a single click of the AI Visualize icon.
    • Smart Diagram Selection: Analyzes the content’s structure and relationships to choose the most suitable diagram type, such as a flowchart, fishbone, or pyramid, without requiring manual input.
    • One-click generation: Produces a first draft diagram directly from a typed topic or pasted paragraph, removing the blank-page problem.
  • AI Writing Assistant:Helps draft, refine, simplify, and translate text before it becomes a visual, keeping content clear and grammatically correct.
    • Grammar and spelling correction: Reviews text for errors so diagrams are built from clean, accurate content.
    • Tone and formality adjustment: Shifts writing between casual and formal registers to match a presentation, report, or social post.
    • Translation support: Converts text into other languages, useful for teams and classrooms working across multiple regions.
  • Block-Based Editor:Uses slash commands to insert titles, lists, images, or tables directly inside the writing page, keeping content organized as it grows.
    • Flexible content blocks: Lets users mix text, images, and tables on the same page without switching tools.
    • Structured drafting: Supports building a full document first, then selecting sections to visualize individually.
  • Customizable Visuals:Provides control over colors, text, shapes, lines, and layouts once a diagram is generated.
    • Style matching: Adjusts visuals to match brand colors or a presentation’s tone.
    • Element-level editing: Allows users to move, resize, or restyle individual shapes and connectors after generation.
  • Sharing and Export:Supports multiple output formats so finished diagrams move easily into other workflows.
    • Multi-format export: Downloads diagrams as PDF, PNG, JPG, or SVG files for presentations or printing.
    • Link-based sharing: Shares a live page by link or email for team review and collaboration without exporting a file first.
  • Document Management:Organizes diagrams and pages within projects for easier access and reuse over time.
    • Page history: Keeps a version history so earlier drafts can be reviewed or restored.
    • Project grouping: Groups related pages together, which helps when managing multiple reports or lessons at once.
  • Wide Use-Case Templates:Offers fresh templates suited to presentations, blogs, education, social media, and reports.
    • Scenario-based layouts: Provides starting points tailored to specific formats like customer journeys, SWOT analysis, or lesson outlines.
    • Regularly refreshed library: Adds new templates over time to keep options current with common use cases.

MD Defender and slow loading of installers ans icons

Hello,

On my Thinkpad X13 Gen 3, I decided to run MD. Performance wise, everything is running like a charm, but there is only one hiccup.

I do use my external HDD a lot and I have stored tens of exectuables as backup (installers of programmes to save internet bandwidth).

Here it takes up to 1 min for the installers icons to appear. I am planning to configure MD from GP later today, but is there a solution for this behaviour?

I have noticed sth weird, the icons appear instantly if I use Xyplorer instead of opening the folder from explorer.exe

what cybersecurity skills should every beginner learn in 2026

Hello everyone,

I'm interested in learning more about cybersecurity. If you were starting today, which skills would you recommend learning first? Are there any free courses, tools, or certifications that helped you get started? I'd appreciate your advice and recommendations.

Thank you!

JOPDF (100% Free) Receives Latest Update!

Hey everyone,

I'm happy to announce that JOPDF has just received a significant update!

Key New Features:
  • Page Extraction – Easily extract any pages from your PDFs
  • Header/Footer & Page Numbers – Insert custom headers, footers, and automatic page numbering
  • Form Support – Standard form recognition and filling capability
  • Custom Hotkeys – Personalize shortcuts for faster workflow
  • Font Improvements – Set default fonts and import your own fonts
  • New Languages Added – Now supports Turkish, Dutch, Arabic, Hebrew, Greek, and Vietnamese
This update makes JOPDF even more powerful while keeping it completely free with no watermarks, no registration, and no hidden limits.

If you're looking for a lightweight, fully free PDF editor with these useful tools, JOPDF is definitely worth trying.

Download Link: JOPDF

Supported Systems:
  • Windows
  • macOS
  • Linux
Would love to hear your feedback after you test the new features.

Let me know how it works for you!

Thanks!

Proper malware testing methodology

I asked Gemini to build a scientific, proper methodology for testing security product and here is its answer.

Transitioning from chaotic "sandbox theater" to a scientifically sound, reputable methodology is the best move you can make for the community. If you want to run tests on MalwareTips (MT) that actually command respect from enterprise-grade analysts and seasoned forum veterans, you don’t need a multi-million dollar lab infrastructure—you just need a **hygienic, sequential lifecycle testing framework**.
By adopting a stripped-down version of the methodologies used by AMTSO-compliant labs like AV-Comparatives and AVLab, you can publish simple but highly accurate tests.
Here is a proper, highly reputable, but completely achievable methodology for a forum reviewer.
## The Clean-State Sequential Methodology
### 1. Environment Hygiene (The One-and-Done Baseline)
The number one rule of scientific testing is isolating your variables. You must eliminate resource contention and cross-contamination.
* **The Blueprint:** Set up a clean Virtual Machine with standard user configurations (or a debloated target environment if testing specific hardening profiles). Install **only one** security suite.
* **The Snapshot Rule:** Ensure the OS, browser, and security software are fully updated, then take a pristine snapshot.
* **The Purge:** After testing **one single threat**, record the result, discard the machine's state, and roll back to the clean snapshot. Never feed a second sample into a machine that has just processed or been altered by a previous threat.
### 2. Sequential Delivery (Mimicking the Threat Lifecycle)
To test a product fairly, you must allow it to defend the system tier-by-tier, exactly how a real user encounters a threat. **Never dump multiple files into a folder or execute them simultaneously.**
* **The Execution Flow:** Run your samples one by one, moving through the four definitive defensive gates:
1. **Gate 1: Web-Layer / Initial Access:** Input a fresh, live malicious URL directly into the browser. Does the network filter intercept it? If yes \rightarrow **Blocked (Web Layer)**. Reset snapshot.
2. **Gate 2: Pre-Launch / Static Disk Write:** If the web layer misses it and the file lands on the disk, trigger a manual scan or wait for the real-time protection to intercept the file on write. If yes \rightarrow **Blocked (Pre-Launch)**. Reset snapshot.
3. **Gate 3: Runtime Execution / Behavioral Heuristics:** If it's not caught on disk, double-click to execute the sample. Give the behavioral loops, cloud sandboxes, and memory hooks a clean window of 3 to 5 minutes to intercept the active process. If yes \rightarrow **Blocked (Runtime)**. Reset snapshot.
4. **Gate 4: Remediation & Rollback:** If the malware successfully executes changes (e.g., drops a registry key or begins a file-encryption routine), check if the product cleanly kills the parent tree and restores the modified files. If it fails entirely \rightarrow **System Compromised**.
### 3. Hygienic Sample Selection (Quality Over Quantity)
A reputable test uses a small pool of high-quality, fully vetted samples rather than an un-audited "zoo pack."
* **The Golden Rule:** 10 fresh, confirmed, active in-the-wild threat binaries (like a newly compiled Infostealer, a fresh Ransomware variant, or a live MSHTML exploit) will yield a vastly more accurate assessment than 150 dead, corrupt, or duplicated legacy samples.
* **The Verification Pass:** Before utilizing a sample in your actual test, run it on a separate, completely unprotected VM baseline to ensure the binary is active, reaches out to its Command and Control (C2) server, or successfully performs its payload delivery. If the sample crashes on a clean OS, throw it out—it's a dud.
### 4. Balanced Reporting (The False Positive Control)
A security engine can easily achieve a 100% block rate if its heuristics are turned up to a purely paranoid state that treats every unknown binary as malicious.
* To make your methodology truly reputable, always include a **False Positive Control Phase**. Run a sequence of 5 entirely legitimate, niche open-source utilities or developer tools. If a product blocks clean software or throws critical warnings on safe files, its high detection score is artificial and degrades system usability.
## Example Test Reporting Template
When you post your results, avoid flat binary values like "Passed / Failed." Present your data using a clear, multi-tiered scorecard:
| Sample ID | Threat Type | Access Vector | Block Stage | Outcome | Notes / Behavioral Observations |
|---|---|---|---|---|---|
| **#01** | RedLine Stealer | Live URL | Web Layer | **Clean Block** | Intercepted via network reputation layer. |
| **#02** | LockBit v4 | Local Archive | Runtime | **Clean Block** | Allowed launch, journaled execution, killed & rolled back encryption loop. |
| **#03** | Custom LPE Exploit | Dropped Script | Execution | **Compromised** | Bypassed behavioral hooks; successfully spawned SYSTEM shell. |


What do you think? Any suggestions? Any member has the time and capacity to start working on this?

6.9 million driver’s license numbers stolen from AssuranceAmerica

Insurance provider AssuranceAmerica has confirmed a data breach affecting the personal information and driver’s license numbers of up to 6.9 million people.

AssuranceAmerica provides car and rental insurance to customers across 14 US states through a network of over 9,500 independent agents.

TechCrunch reports:
“AssuranceAmerica said it discovered hackers in its computer systems on March 17. The company concluded its investigation on June 15, finding that the hackers had stolen customers’ names, contact information, and driver’s license numbers.“

The breach notice letter also mentions information about customers’ auto insurance policies and accounts, their drivers and vehicles, and details about customer claims.

AssuranceAmerica has not yet released a public statement about the data breach. However, public breach notices and independent reporting indicate that the incident began with a targeted phishing attack against a single employee. An unauthorized third party accessed parts of the insurer’s IT systems and copied files containing customer policy information and driver’s license numbers. So far, no law‑enforcement or vendor report has publicly linked this activity to a specific threat group, ransomware operation, or nation‑state actor.

No public source has reported a ransom demand, negotiations, or payment, and AssuranceAmerica’s public filings are quiet about any contact with the attackers.

Protecting yourself after a data breach
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened and follow any specific advice they offer.
Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose and store one for you.
Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop, or phone as your second factor. Some forms of 2FA can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
Watch out for impersonation scams. Criminals may contact you pretending to be the company. Check the company’s website to see how it is contacting affected customers, and verify anyone who contacts you using a different communication channel.
Take your time. Phishing attacks often impersonate people or brands you know, and create a false sense of urgency with messages about missed deliveries, suspended accounts, or security alerts.
Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online and helps you recover if your identity is stolen.
Check your personal data exposure
Full Story:

Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images

Meta has announced that its new artificial intelligence (AI) model Muse Image lets people use public Instagram posts and reels to generate AI content, and it's enabled by default.

"You can also @-mention Instagram accounts in the Meta AI app to bring specific Instagram profiles right into your images," the social media giant said in a post.

"Whether you want to design a custom event invitation, mock up a collaborative creative concept, or generate a personalized graphic, tagging a username lets Meta AI use public photos to build a visual that's ready to post"

Muse Image is Meta's inaugural image-focused AI model from its Superintelligence Labs, which the company said uses advanced reasoning to better understand complex prompts and blend multiple photos into high-quality creations for sharing across its platforms and elsewhere.

It's also being embedded into WhatsApp and Instagram to facilitate AI-powered effects for Instagram Stories and image generation in direct chats with Meta AI on WhatsApp. These features are rolling out in limited countries to start with.

Users have the option to tag another public Instagram account on the Meta AI app to create new reels, posts, or stories that can reuse "part or all of your published photos, videos or reels," automatically turning public content into fodder for AI-generated images.
Read more:

Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk

Have you received an email from a recruiter at Adobe, Netflix, or OpenAI offering you an exciting new marketing role? Well, before you start brushing up your interview technique, take a closer look at who is really behind it.

Security experts have uncovered a phishing campaign which impersonates over 30 well-known brands in fake job interviews designed to steal Google account passwords.

Will Thomas, a threat intelligence researcher Team Cymru, identified malicious domains that spoof household names including Adidas, Adobe, American Airlines, Aquent, Booking.com, Coca-Cola, Delta Air Lines, FIFA, Levis, Louis Vuitton, ManpowerGroup, Marriott, McKinsey & Company, Netflix, Omnicom Group, OpenAI, PepsiCo, Red Bull, Sephora, and United Airlines.

What makes the campaign more dangerous is its attention to detail. Rather than using a generic "Dear Job Candidate" email, the attackers appear to have done their homework (most likely via via LinkedIn) addressing recipients by name and targeting people who work in the relevant field.
Read the full Story:

BootRacer Premium - Free Lifetime License

Features​

  • Boot Time Monitoring: Tracks your PC’s boot time, excluding password delays, to identify performance changes.
  • Startup Program Management: Shows which programs launch at startup and their impact on boot speed. You can then disable or delay non-essential programs.
  • Safe Modifications: Provides a rollback feature for any changes made, ensuring you can undo modifications if needed.
  • Quick Tweak: Offers pre-configured settings adjustments to optimize privacy and PC performance with a single click.
  • Stop Malware at Startup: Utilizes a malware database to identify and block malicious programs from launching automatically at startup.
  • Dark Mode Support: Allows for a visually comfortable experience by switching the software’s interface to a dark theme (if applicable).

Aiseesoft WhatsSync - 1 year for free

Features of Aiseesoft WhatsSync

  • Transfer WhatsApp from Android to iPhone and Across Different OS: Seamlessly move WhatsApp data between different devices and operating systems.
  • One-Click Transfer: Easily transfer WhatsApp chats with a single click from Android to iPhone, iPhone to Android, Android to Android, or iPhone to iPhone.
  • Full Data Transfer: Move all WhatsApp data including chats, documents, videos, audio, and more.
  • Backup WhatsApp to Google Drive: Securely backup your WhatsApp data to Google Drive for later restoration.
  • Restore WhatsApp Backup: Restore WhatsApp backup from Google Drive to either Android or iPhone.
  • Secure Backup: Ensure safe and private backup of all your WhatsApp data.
  • Wireless Transfer: Transfer WhatsApp data via Wi-Fi without the need for USB cables.
  • Wide Compatibility: Supports the latest iOS 18, Android 15, and a wide range of other Apple and Android devices.
  • Fast Speed: Experience quick transfer speeds to minimize downtime during migration.
  • Full Data Integrity: Guarantee that all transferred data remains intact and complete.
Download:

SoftOrbits Photo Retoucher PRO 13 - Free lifetime license

If you are not a professional photographer (or even if you are), it is not always possible to take a clean picture. People or unwanted objects are the things that can spoil a really good shot, but don’t hurry and delete it. SoftOrbits Photo Retoucher PRO is also designed to work with other tasks: removing skin imperfection, cleaning up film grain and digital noise, removing scratches and spots, reconstructing damages images, etc.

Wise Duplicate Finder Pro 2.1.9 - Free lifetime license

Features
  • Find duplicate files in different ways: it can compare files by file name, file size, or file content to help you locate duplicate items more accurately.
  • Support many file types: it can help you find duplicate photos, videos, documents, music files, and more on your Windows PC.
  • Find empty files too: besides duplicate files, it can also detect empty or 0-byte files so you can clean them up easily.
  • Manual and automatic deletion: you can review duplicate groups and remove files yourself, or use the automatic option to keep one copy and delete the rest.
  • Grouped results for easy review: after scanning, the program organizes duplicate files into groups, which makes them easier to check before deleting.
  • Backup and restore support: if you delete the wrong file by mistake, you can restore it from the Recycle Bin or the built-in Restore Center, depending on the backup option used.
  • Free up disk space: the program is made to help remove unwanted duplicate files and recover storage space on your hard drive.

Roboman's 2026 Gaming PC

Hello y'all! Hope you're doing great :)

I've just bought my first ever desktop gaming PC, I'm really excited. I'm selling my previous laptop (Showcase - RoboMan's Gaming Laptop 2022).

1783602287420.png


It's not a high-end PC, but it's an upgrade from my previous laptop.

What do you think?

20 Remote Code Execution Vulnerabilities Patched in Foxit PDF Reader and Editor

The fixes arrive in the July 8, 2026 security release and cover multiple Windows and macOS versions, with several flaws rated Important and capable of arbitrary code execution.


Many of the flaws can be triggered by specially crafted PDF files, including those containing embedded JavaScript, abnormal annotations, malformed page trees, corrupted signature fields, or deceptive XDP content.

Foxit also patched a local privilege escalation issue in the update mechanism, in which the service could load malicious DLLs or executables with elevated privileges during update checks.

3P-Matrix-lite version 2 available in the webstore (easy to use uMatrix like security using Mv3 DNR rules)

Hi open source 3P-Matrix-lite: version 2 has arrived in the webstore 3P-Matrix-lite - Chrome Web Store

What it does: offers 5 levels of protection with build-in whitelists to prevent website breakage.

3P-Matrix is very user friendly with presets and build-in whitelists which can be changed on the fly using a slider.
It has two smart extra features original uMatrix did not had:
- startup mode (default on 1), can be changed using drop down option to 2 to 5, but best practice is keep it at 1)
- lock website mode: protection level can be locked for a website, next time you visit this website the protection level will be set to the locked value.
this is very useful for adult websites, most work perfectly on level 4, locking it at 4, makes browsing dodgy websites a lot safer.

Level 1: allow all

Level 2: easy mode with enhanced security:
  • Build in whitelists to prevent website breakage
  • IP-address only third-party is blocked
  • HTTP third-party is blocked
  • Non-standard ports are blocked (only default port 443 is allowed)
  • Blocks all 3P-frames (except whitelisted)
  • Optionally blocks 3P-scripts on blacklisted Top Level Domains
    using a slider with 4 presets: none - user - generic - generic + country code's which are on the much abused TLD list
  • Optionally allows user to add domains to the whitelist using the tab or the show-blocks panel

Level 3: easy medium mode (as often explained by @Jan Willy with static AG Mv3 rules).
  • Same protection IP-address, HTTP, non-standard port protection and build-in whitelists as level 2, with one difference
  • In stead of blocking all 3P-frames and blacklisted 3P-scripts it blocks all 3P-frames and 3P-scripts with option to whitelist TLD's
    using a slider with 4 presets: none - browser - continent - world:
    - none (meaning no additional country codes) = only common general TLD's (which user can add or remove)
    - browser = adds the country code's of the languages enabled in the browser (some browser prevent fingerprinting)
    - continent = adds the country code's of other countries speaking the same language on the continent:
    e.g. when language is German, Austria and Zwitserland will be added
    - world = same mechanism applies, when language is Portuguese, country code Brazil will be added also
    note these advanced functions only work for extented EU-zone and 5 Eyes countries.
  • Optionally allows user to add domains to the whitelist using the tab or the show-blocks panel

Level 4: medium mode trusting domains with CDN in URL
  • Same protection IP-address, HTTP, non-standard port protection and build-in whitelists as level 2 and 3
  • Blocks 3P-scripts and 3P-frames except on the internal whitelist and URL's containing CDN
  • Optionally allows user to add domains to the whitelist using the tab or the show-blocks panel
Level 5: medium mode (everyone every used dynamic filtering with uBo or uMatrix is familiar with this mode)
  • Same protection IP-address, HTTP, non-standard port protection and build-in whitelists as level 2 and 3
  • Blocks 3P-scripts and 3P-frames
  • Optionally allows user to add domains to the whitelist using the tab or the show-blocks panel

This is an open source project with very privacy friendly usage policy.

The readme explains above with pictures: GitHub - Kees1958/3P-Matrix-lite: uMatrix-style third-party traffic control via Declarative Net Request
Privacy policy: 3P-Matrix-lite/privacy.md at main · Kees1958/3P-Matrix-lite


As posted I am nearly 68, was a developer some 45 years ago, so still learning. I noticed one quirk in the show blocks. It also shows the domains blocked by other extensions. I have to dive into it. It is a bug which is also a feature :-)

1783592256213.png

DuckDuckGo browser now blocks YouTube video ads

DuckDuckGo announced that its browser can now block most video ads on YouTube, including those shown before the video starts playing and during playback.

The feature is enabled by default in the latest versions of DuckDuckGo for iOS, Mac, and Windows, while Android users can enable it manually by going to Settings > Ad Blocking.

DuckDuckGo's new ad-blocking mechanism is separate from 'Duck Player,' an embedded YouTube player in the browser that uses YouTube's strictest privacy settings to prevent tracking cookies and personalized ads.

Instead, the new ad-blocking system relies on community-maintained filter lists from uBlock Origin to detect and block YouTube ads. It is supplemented by its own compatibility rules to further strengthen its effectiveness.

DuckDuckGo says users can enable both features simultaneously, allowing them to use Duck Player's enhanced privacy protections while also using YouTube Ad Blocking when browsing the standard YouTube website.

Xyplorer Updates Thread

Brave Browser reveals how (some) Manifest V2 extensions continue to work

With Google terminating support for Manifest V2 extensions in Chromium and thus most Chromium-based browsers, only some companies have announced solutions to keep support for select extensions.

The latest version of Brave Browser addresses one of the main problems with the migration from MV2 to MV3: the removal of MV2 extensions from the Chrome Store.

What happens when you need to install a classic extension on a new PC or new browser profile? Unless you happen to have a local copy or know how to download it from GitHub or other repositories — if it is provided there — you may be out of options.

Brave Software implemented an option in the browser to replace “known Web Store MV2 extensions with Brave-hosted equivalents”. Up until that point, users had to walk through the process manually. This also meant that settings were not carried over.

With the new process, at least for “known extensions”, Brave is automating things for the user. A benefit of this is that Settings are carried over, which means that you do not have to reconfigure the entire extensions.

There does not seem to be a list of extensions that get the treatment, but a screenshot highlights uBlock Origin, NoScript, uMatrix and AdGuard.

Anyone ever had comodo use 13GB of memory?

Today I noticed my 48gb of ram had high usage when I had nothing running and saw it was comodo. I do leave codex running all day performing tasks. I had codex investigate and it seems to think its the script analysis. I didn't see any way to whitelist codex from the script analysis. Python.exe and powershell.exe were already turned off from script analysis. Only rebooting the pc gets comodo to release all that memory. At this point I'm about to just disable this feature or move to another firewall solution.

1783526498395.png


From codex
COMODO cmdagent.exe is still sitting around 30 GB private memory / 13 GB working set.

S-IT SSD-Check

Freeware · Portable · Windows
How healthy is your SSD?
Check quickly – without manufacturer tools
S-IT SSD-Check shows you the health of your SSD in seconds – whether it’s in your own PC, laptop or a second-hand SSD you’re considering buying. A traffic-light rating, SMART details and a print-ready customer report at the touch of a button. Now also available with HDD Check.

WinXDVD 2026 Mid-Year SALE Enjoy Up to 60% OFF

Get your special discount before it ends!

Linux Mint’s Cinnamon 6.8 Desktop Environment Will Fully Support Wayland

Linux Mint project Clement Lefebvre revealed today in the monthly newsletter some of the new features and improvements coming to the next major version of the Cinnamon desktop environment, version 6.8, such as full Wayland support.

The Linux Mint devs have been working hard on making Cinnamon’s Wayland session as stable as possible, and it looks like Cinnamon 6.8 will finally remove the “experimental” status of the Wayland session and fully support Wayland. Here are some of the features they’ve implemented so far:

Some of the Wayland improvements and features they managed to implement include proper mapping (sizing and positioning) for new windows, applet popup menus and context menus, proper focus stealing prevention, and improved support for multiple monitors and KVM switches.

There’s also full HiDPI support for crisp icons, smoother mouse cursor, and better handling of Chromium apps, as well as support for running root apps as Wayland clients, window progress to see, for example, Firefox download progress in the panel app button.

On top of that, the devs fixed multiple Wayland crash scenarios and significantly improved hardware acceleration throughout the compositor, desktop session, and both Wayland and Xwayland clients.

In addition to these Wayland improvements, Cinnamon 6.8 will feature a cinnamon-list-windows command to make it easy to list all open windows and to quickly see their position, size, HiDPI, app, and backend info, as well as support for systemd’s graphical-session to boost compatibility with many upstream projects.

Cinnamon’s Muffin window and composite manager also received some improvements, such as the ability to round coordinates and dimensions for all Clutter actors. According to the devs, this guarantees crisp and precise rendering and also fixes blur issues when applets or desktop components forget to do so themselves.

Cinnamon 6.8 will be the default desktop environment of Linux Mint 23, which will be released later this year. Linux Mint 23 will also feature improved SSH keyring support, LightDM configuration improvements, and fingerprint authentication improvements in Slick Greeter.

First-Ever 1- Click Android 17 Exploit Allows Attackers to Gain Full Control Over Your Android Phone

A full-chain exploit dubbed “IonStack” demonstrates how a single malicious URL click can hand attackers complete control over an Android device.

The proof-of-concept by Nebula Security, described as the world’s first public Android 17 root demo, chains two zero-day vulnerabilities spanning Firefox and the Linux kernel to achieve remote code execution and privilege escalation without further user interaction.

IonStack exploits two previously unknown vulnerabilities:

  • Firefox 0-day: Affects all versions prior to v151.0.2, serving as the initial browser-based entry point when a victim visits or clicks a crafted URL.
  • Linux kernel 0-day: A vulnerability present across mainstream Linux distributions for approximately 15 years, enabling the attacker to escalate from browser sandbox to full kernel-level control.
The exploit chain works by first compromising the Firefox renderer process through the browser flaw, then pivoting to the underlying Linux kernel (which powers Android) to break out of sandbox restrictions entirely.
Read more here:

New Ghost Phishing Wave Is Breaking Traditional Email Security

A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it decrypts and comes to life inside the victim’s browser.

For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft 365 access, sensitive data, and response time are already at stake.

The Email Looks Safe. The Browser Tells a Different Story
A recent EvilTokens attack shows how a phishing link can appear harmless during initial inspection while still leading to Microsoft 365 account takeover.

The kit uses Microsoft Device Code Phishing to convince victims to complete a legitimate Microsoft login flow and unknowingly authorize access to their accounts. It does not need to steal the password directly.

The real attack remains hidden until the page opens in the browser. Its HTML is encrypted with AES-GCM and becomes visible only after the browser decrypts it and renders the phishing content in the DOM.

As a result, static URL checks and network-level controls may capture the initial response without seeing what the employee actually sees. This visibility gap can lead to:

Longer exposure to the Microsoft 365 account takeover
Delayed containment and response decisions
Unauthorized access to corporate email, files, and cloud services
More uncertain alerts escalated to senior analysts
Higher investigation workload and operational costs
Incomplete evidence for blocking related infrastructure
The complete attack flow, however, was uncovered inside ANY.RUN’s Interactive Sandbox. Explore the analysis session to see what the browser revealed and how teams can use this evidence to respond faster.
Full Story:

Phishing poses as big-brand job interview to steal Google accounts

A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing professionals.

The operation is abusing the legitimate cloud-based PeopleForce human resources platform and a domain associated with the Salesforce Marketing Cloud service before redirecting the recipient to a malicious landing page.

To further instill trust and increase the chances of success, the threat actor is using the names and pictures of real recruiters at impersonated companies.

Will Thomas, senior advisor at cybersecurity intelligence and threat hunting company Team Cymru, analyzed the campaign and discovered that the phishing email pretends to be from “a recruiter looking to hire people for marketing roles.”

The researcher uncovered that the threat actor is using at least 34 domains impersonating high-value companies in the following sectors:

Airlines and travel: American Airlines, Booking.com, Delta Air Lines, United Airlines
Food and beverage: Coca-Cola, PepsiCo, Red Bull
Apparel and luxury goods: Adidas, Louis Vuitton, Sephora, Levis
Staffing, consulting, and tech: Adobe, Aquent, ManpowerGroup, McKinsey & Company, OpenAI
Hospitality and marketing: Marriott, Omnicom Group
Entertainment and sports: FIFA, Netflix
Thomas found that the campaign relies on nested redirects, a technique that routes visitors through multiple legitimate services before reaching the malicious landing page.
Read more:

Uninstalr 3.1 released - Now also shows which installed apps automatically start with Windows

I’m happy to announce the release of Uninstalr 3.1.

Uninstalr is a free Windows app uninstaller that contains many unique features the standard Windows installed apps listing or other third party uninstallers do not have.

For example, Uninstalr shows from which country your installed apps originate from, in case you want to avoid, say, Ruzzian apps for example. Uninstalr also can do an unattended batch uninstallation of multiple apps better than most other uninstallers. And thirdly, it can also detect portable apps and leftovers from previously partially uninstalled apps.

This is how it looks like:

uninstalr_main.png


The key changes in version 3.1:

  • Uninstalr now starts and shows the list of installed apps faster after the initial scan has been completed, and with much smaller memory usage. It takes longer to start than other similar apps, because it does a deeper analysis of the system. But it is now faster.
  • Uninstalr now detects and highlights apps that automatically start with Windows. Automatically starting apps are probably the number one reason slowing your system down. If you want to easily see which ones they are, now you can.
  • Greatly improved the detection of portable apps. Most other uninstallers cannot even detect portable apps at all, Uninstalr now contains multiple dedicated analyses for different types of portable apps.
The full Changelog is available here: Uninstalr Changelog

Uninstalr is freeware, comes with a builtin support for 29 languages and is available as a single file portable version as well as the normal setup version. For more information, please see: Uninstalr

If you like to read more about the new version, I also wrote a blog post about it: Uninstalr 3.1 Released - Uninstalr Blog

I’m the developer. Feel free to ask me anything about it, or if you have any suggestions on how to make it better for your use case, please let me know. Thank you!

Ivara's Windows 11

The Windows counterpart to my Fedora install. Only kept for a few programs that won't run through Steam's Proton (such as Star Citizen).

Unit 42 Researchers exposed a new Vidar campaign using a loader-as-a-service framework, DLL sideloading with a Go-compiled fake MpClient.dll.

Executive Summary​

1783484058146.png

In April 2026, Unit 42 researchers identified a financially motivated campaign delivering Vidar stealer and the XMRig cryptocurrency miner to consumer and small- and medium-sized business victims worldwide.

Attackers lure victims via malvertising to pages for downloading files that impersonate cracked versions of copyright-protected software. Upon execution, the loader drops and runs both Vidar stealer and XMRig. Vidar stealer targets information like browser credentials, cookies and crypto wallets. XMRig mines Monero cryptocurrency.

We assess the operator of the campaign to be a Vidar stealer malware-as-a-service (MaaS) affiliate involved in operations targeting victims in the U.S. and European Union. This article provides a technical analysis of the campaign.

Fake Webroot Website

I was looking for Webroot Release notes and I stumbled upon this fake website

http:// webboot . org/release-notes.html

It was detected by Webroot's Active Shield extension and on Virustotal it is only detected by Webroot.

The funny thing is the links in the website takes you to official Webroot store.

Forum Additive

Password Boss WebApp Release Notes

improved
fixed
PasswordBoss Webapp

Fixes and improvements
  • Resolved visual issues reported in the previous Web App release to improve overall usability and consistency.
  • Added browser extension support for AutoLogin when using the Open Link feature.
  • Fixed issues when moving items between Vaults and Emergency Access.
  • Improved session management to ensure users remain signed in appropriately when managing devices.
  • Enhanced reliability of bulk updates so individual errors no longer interrupt entire operations.
  • Improved encryption key recovery and authentication token refresh handling for a more reliable sign-in experience.
  • Updated synchronization processes to reduce disruptions caused by lost connections.
  • Delivered additional stability, performance, and diagnostic improvements across the Web App.

Hi, I'm Ivara

Hi all, been lurking for a few years now but decided to finally make a post.
Cybersecurity is a hobby of mine, though I'm not a professional by any means. I just find it interesting and I love to learn more about it :)

Happy to meet you all!

Ivara's Fedora COSMIC

My Fedora COSMIC install. Currently dual-booted with Windows 11, but I try to use Fedora as much as possible and avoid using Windows when I can.
Running Bitdefender GravityZone on all my machines.

Windows 11 is getting a fully cloud-based reinstallation option

When things go wrong, Windows administrators have a few options at their disposal to fix problems. From built-in repair tools and restore options to backups and setting up the PC anew.

Nothing beats system backups in my opinion, but some problems can also be dealt with using built-in tools, such as the option to reset the PC.

Cloud rebuild is a new feature that Microsoft announced in the most recent test build of the Windows operating system this week. It can be run from the Windows Recovery Environment and will download everything it needs from the cloud. That is a big difference to the “Reset this PC” option, as it will also download drivers and such from the cloud.

Windows Drops Under 60% in Global Desktop OS Share for the First Time in Years

Windows’ long-standing dominance of the desktop operating system market has taken a noticeable hit, according to StatCounter’s latest worldwide desktop OS market-share data.

In June 2026, StatCounter reported that Windows made up 56.55% of global desktop OS usage, dropping Microsoft’s share below 60%. This is a big change for an operating system that has shaped desktop computing for decades and usually led its competitors by a wide margin.

Linux, meanwhile, continues its gradual rise. StatCounter’s June 2026 data puts Linux at 4.39% worldwide, one of its strongest recent showings in the company’s desktop OS statistics. While still far behind Windows, the figure keeps Linux firmly above the symbolic 4% line, which only a few years ago would have looked highly optimistic for the desktop.

StatCounter’s June 2026 data puts Windows at 56.55% worldwide, while Linux reaches 4.39%.
Apple’s desktop platforms also remain a major part of the picture. StatCounter lists OS X at 11.89% and macOS at 4.48% for June 2026, meaning Apple’s combined desktop presence remains comfortably ahead of Linux in the global chart. Chrome OS follows with 1.21%.

Of course, StatCounter’s numbers should be read for what they are: web usage statistics, not a direct count of installed operating systems.

If you have been a scam victim, you’re likely to be targeted again

‘Reloading’ is common among scammers who often target victims a second time
Scam victims are often targeted again. Fraud experts say "reloading"— where criminals repeatedly contact previous victims — is a well-established tactic.

Victim information is valuable. Scammers buy, sell, and share lists of people who have already fallen for fraud because they are viewed as more likely to respond again.

No one knows exactly how common it is. While researchers agree repeat victimization is widespread, there are no reliable national statistics measuring how many scam victims are targeted a second time.

Falling victim to a scam can be devastating, but for many consumers, the ordeal doesn't end with the first financial loss.

Consumer protection agencies, researchers, and law enforcement say many victims are targeted again in a practice known as "reloading." The tactic involves criminals returning to previous victims — or selling their contact information to other fraudsters — who then attempt to steal even more money.

One of the most common forms of reloading is the recovery scam. After someone loses money to an investment, romance, or cryptocurrency scam, they may receive a call, email, or social media message from someone claiming they can recover the lost funds. The catch is that the victim must first pay an upfront fee, taxes, or legal costs. Once that money is sent, the supposed recovery agent disappears.

Other victims are lured into new fake investment opportunities, additional sweepstakes or prize scams, or another version of the original fraud. In some cases, the same criminal organization contacts the victim again. In others, the victim's name and contact information have been shared with unrelated scam networks.

Fraud investigators say these so-called "sucker lists" have long been a staple of organized fraud operations. They contain names, phone numbers, and notes about previous victims, making them valuable commodities among criminals who believe someone who has been deceived once may be more likely to respond again.

Surprising lack of data
Although reloading is widely recognized, there is surprisingly little data showing exactly how often it occurs. Federal agencies such as the Federal Trade Commission (FTC) and the FBI track fraud complaints and financial losses, but they do not routinely publish statistics showing how many victims are later targeted again.

Researchers have reached a similar conclusion. Studies have identified a group of "chronic" fraud victims who suffer repeated financial losses over time, but experts caution that there is no reliable nationwide estimate of the percentage of scam victims who experience repeat targeting.

The lack of precise numbers reflects the difficulty of measuring the problem. Many victims never report fraud, subsequent scams may involve entirely different criminal groups, and victims often do not realize that a later solicitation is connected to the original scam.

Even without a definitive percentage, consumer advocates say the message is clear: anyone who has lost money to a scam should be especially wary of unsolicited offers to recover funds, make a new investment, or claim a prize. Rather than being left alone, previous victims often become some of the most attractive targets for the next scam.

Meta is facing $1.4 trillion in state lawsuits over social media addiction

Meta is facing penalties of up to a massive $1.4 trillion from four US states that sued the company over the addictive designs of Facebook and Instagram, Reuters reported. Those states — California, Colorado, Kentucky and New Jersey — also accused the company of misleading the public about the safety of those apps. The figure, not previously disclosed, is close to Meta's $1.5 trillion market capitalization.

At a court hearing last month, the states said they calculated the penalties by estimating the number of young users affected by Meta's platforms and multiplying that by fines set by state law. Meta revealed the figure in response to a request from the states' attorneys general on how penalties should be calculated, but said that the amount was unjustified. "A sanction of that size has no analog in the history of consumer protection enforcement," Meta's lawyers wrote in the court filing.

Mark Zuckerberg's company is facing additional lawsuits from 29 other states not part of the $1.4 trillion suits. Most of those allege that the company violated the federal Children's Online Privacy Protection Act (COPPA) by collecting data from kids without the required parental consent. US district judge Yvonne Gonzalez Rogers will address those claims, plus the four state lawsuits, at a trial in August. Another 14 states have brought claims based on local laws that will be heard at a separate trial in February 2027.

Meta has previously denied the allegations on the basis that "social media addiction" is not an established psychiatric condition. The company's Instagram head Adam Mosseri previously compared it to being "addicted" to a Netflix show. In response, the American Psychiatric Association said that "social media addiction is not currently listed as a diagnosis in the DSM-5-TR [diagnostic manual] — but that does not mean it doesn't exist."

Juries have found merit to states' claims, with one recently awarding New Mexico $375 million after finding the Meta had mislead consumers in the state. Meta and other social networks also recently paid $27 million to settle a Kentucky school district lawsuit over similar claims.

UltraPic Pro - 6 months for free

Features​

  • Quick Background Removal: Instantly erase backgrounds with one click, supporting transparent outputs or solid color swaps.
    • AI Edge Detection: Automatically identifies subjects with precision, capturing intricate details like fur or edges.
    • Color Replacement: Swap to white, black, or custom hues for instant clean visuals.
  • Adjust Image Geometry and Orientation: Crop, rotate, flip, and resize effortlessly for perfect framing.
    • Precise Cropping: Select areas manually or auto-suggest for optimal composition.
    • Batch Resizing: Scale multiple images to exact dimensions in one operation.
  • Adjust Image Brightness, Color, and Details: Fine-tune brightness, contrast, saturation for superior quality.
    • Detail Enhancement: Sharpen textures and reduce noise without over-processing.
    • Color Balance: Correct tones automatically for natural, vibrant results.
  • AI-Generated Backgrounds: Create natural or artistic scenes via AI to elevate product appeal.
    • Scene Variety: Options for studio, lifestyle, or creative styles tailored to products.
    • One-Click Application: Instantly apply to subjects post-removal for cohesive visuals.
  • Batch Processing: Edit multiple images simultaneously for efficiency.
    • Bulk Background Removal: Process dozens at once with uniform settings.
    • Unified Adjustments: Apply geometry, color, and resize across files seamlessly.
  • Platform-Ready Output: Generate compliant images for Amazon, Shopify, Etsy instantly.
    • Size Optimization: Auto-adjust to platform specs like 2000×2000 pixels.
    • Format Export: Save in PNG, JPG, WEBP for transparency or compression.
  • Remove Watermarks: Eliminate third-party marks cleanly without artifacts.
    • Smart Inpainting: Fill gaps naturally using surrounding pixels.
    • Non-Destructive Edits: Preserve original quality post-removal.
  • 200+ Magical Templates: Apply pre-designed layouts for quick pro looks.
    • Product-Focused: E-commerce scenes for fashion, tech, food.
    • Customizable: Tweak colors and elements to match branding.
  • Download:
  • Your Free Online AI Photo Editor, Background Remover & Generator | UltraPic

CyberLink MyEdit Creator Pro - 3 months for free

Features​

AI Image Tools — Generate, Edit & Perfect Every Visual
  • Photo Editor — A full-featured online editor for direct image manipulation, layering, and precise adjustments with an intuitive drag-and-drop interface.
  • Create from Scratch — Design original visuals from a blank canvas using built-in templates, shapes, and AI-powered creative assistance tools.
  • AI Replace— Replace unwanted objects, swap out text in images, or insert entirely new elements using simple natural language prompts; ideal for commercial product photography and creative photo edits.
    • Object Replacement — Identify and swap specific elements in a photo without affecting surrounding areas for clean, seamless results.
    • Text-in-Image Replacement — Detect and replace text embedded within images for quick localization or design updates.
  • AI Removal— Delete people, erase text, or remove unwanted objects from photos online with a single click, producing clean, professional-quality results in seconds.
    • People Removal — Cleanly erase individuals from backgrounds, perfect for real estate, travel, and event photography.
    • Object & Text Eraser — Remove distracting elements of any size with AI-powered content-aware fill.
  • Image Enhancer / Upscaler— Increase image resolution and boost photo quality using the most advanced AI upscaling algorithms, restoring sharpness and clarity to low-resolution images.
    • Deblur — Fix motion blur or out-of-focus images automatically with AI-powered sharpening.
    • Denoise — Remove digital noise and grain from photos taken in low-light conditions for cleaner, smoother results.
  • AI Art Generator — Generate original, stunning artwork from text prompts across 24+ artistic styles, from photorealism to abstract and anime aesthetics.
  • AI Face Swap — Seamlessly swap faces in images with natural-looking, AI-blended results for creative projects and entertainment content.
  • AI Hairstyle — Virtually try on different hairstyles and hair colors to preview looks before committing to a change.
  • AI Try On — Place clothing and fashion items onto model images for eCommerce product visualization and virtual styling.
  • AI Sketch — Convert photographs into hand-drawn sketch-style artwork with adjustable line weight and artistic detail.
  • AI Headshot — Generate polished, professional-quality headshot portraits from standard photos, ideal for LinkedIn profiles and business use.
  • Cartoonize Effect — Transform real photos into vibrant, stylized cartoon or comic-book artwork.
  • Background Removal — Automatically detect and remove image backgrounds with precise edge detection, producing clean cutouts instantly.
  • AI Shadow — Add realistic, natural-looking shadows to product images or cutout subjects for professional-quality compositing.
  • AI Product Background — Generate tailored, studio-quality background scenes specifically designed to showcase products for eCommerce listings.
  • AI People Background — Replace or generate contextually appropriate backgrounds behind people for portraits, social media, and marketing content.
  • General Image Tools — Includes Crop/Rotate/Flip, Resize Image, Convert to JPG, and Convert to PNG for everyday quick-edit operations.

AI Video Tools — Animate, Enhance & Create Dynamic Content
  • Video Editor — A full-featured timeline-based online editor for cutting, arranging, and producing polished video projects directly in the browser.
  • Image to Video — Animate any still image into high-quality, motion-rich video content using AI scene interpolation technology.
  • Text to Video — Generate cinematic video sequences directly from written text descriptions, turning ideas into visual stories without filming anything.
  • Character Motion Swap— Transfer motion and movement from one character or reference video to another for standout character animation content.
    • Animate Characters — Build memorable character animations using reference footage, ideal for content creators developing personal brands and animated series.
  • Video to Anime — Stylize live-action video footage into anime or animation-style visuals with an AI style transfer engine.
  • Video Sound Generator — Automatically generate contextually appropriate sound effects and ambient audio to match video content.
  • AI Model Lab — Test, compare, and benchmark multiple AI generation models side by side to find the best output for each specific creative task.
  • Video Enhancer — Upscale and sharpen video resolution for improved quality on modern high-definition displays.
  • Video Denoiser — Reduce grain and visual noise in video footage shot in low-light or suboptimal conditions.
  • HD Video Converter — Convert video files to HD formats quickly with quality preservation and format flexibility.
  • AI Frame Interpolation — Increase the frame rate of videos for smoother, more fluid motion playback.
  • Video Brightener — Automatically adjust exposure and brightness in dark or underexposed video clips for clear, well-lit results.
  • General Video Tools — Includes Video Trimmer and Video Merger for fast, essential editing operations without requiring a full editor setup.

AI Audio Tools — Record, Restore, Generate & Transform Sound

MyEdit’s audio AI suite covers the complete sound production pipeline, from noise removal and voice transformation to full song generation and precise transcription.

  • Audio Editor — A full-featured waveform editor for cutting, trimming, and arranging audio tracks with precise control.
  • Podcast Studio — A dedicated environment for recording, editing, and producing podcast-quality audio projects with built-in enhancement tools.
  • Speech to Text — Transcribe spoken audio into accurate written text, with the ability to export .SRT subtitle files complete with timestamps for seamless video captioning.
  • Text to Speech — Convert written text into natural-sounding AI-generated speech across multiple voices and languages.
  • Lyrics to Song (AI Song Generator) — Transform written lyrics and thematic prompts into original, fully produced music tracks tailored to your specified style and mood.
  • Sound FX Generator — Create custom, unique sound effects on demand using AI, eliminating the need for stock audio libraries.
  • Voice Changer — Instantly modify and transform voice recordings into a wide range of character voices, including male, female, robot, chipmunk, and more — perfect for gaming, streaming, YouTube, and Discord content.
  • Vocal Remover — Separate vocals from music tracks to produce clean instrumental backing tracks or high-quality karaoke versions.
  • Vocal Isolator — Extract and isolate lead vocals from a mixed audio track with precision, preserving voice quality while removing the music bed.
  • Audio Denoise — Remove background noise, hiss, hum, and ambient sound from recordings instantly using AI, delivering crisp and broadcast-ready audio for podcasts, narration, and dialogue.
  • Speech Enhancement — Regenerate and restore voice recordings with AI, ensuring pristine clarity even from audio captured outdoors or in noisy environments.
  • Voice Isolation — Extract clean, isolated voice tracks from complex audio environments for use in editing, dubbing, or production workflows.
  • Wind Remover — Detect and remove wind noise artifacts from outdoor recordings, restoring the clarity of speech and ambient sound.
  • General Audio Tools — Includes Audio Merger, Audio Trimmer, Pitch Changer, BPM Finder, and Noise Gate for fast and precise audio management tasks.

Vovsoft Serial Port Monitor v2.0 - Free lifetime license

Serial Port Monitor is an intuitive, user-friendly utility designed to track, analyze, and control data traffic across your computer’s COM ports. This software empowers you to effortlessly read incoming serial data from any RX pin and send outgoing commands to any TX pin. You have full control over your connection parameters, allowing you to easily adjust the baud rate, parity, data bits, and stop bits to suit your specific hardware. Whether you need to communicate in standard ASCII text or utilize hexadecimal, decimal, octal, and binary formats, the application fully supports your preferred encoding method for both sending and displaying received data.

Apeaksoft Data Recovery - 1 year for free

Features:

  • Wide format support: recovers media files (photos, videos, audio, documents, emails, and archives)
  • Broad Device Compatibility: Compatible with digital cameras, memory cards, USB flash drives, and internal and external hard drives.
  • Selective Recovery: You can preview the scan results before recovery begins, allowing you to select and choose the data you need.
  • Dual Scanning Modes: Quick and DeepTo optimize recovery chances, Apeaksoft automatically runs both Quick Scan and Deep Scan, making sure no file is left behind.
  • Handles Complex Data Loss ScenariosWhether it’s a RAW disk, a deleted partition, a system crash, or a virus assault, Apeaksoft can recover it all.
Download: