Quote:Here is what we found:

Stalkerware detection is still a mixed bag. Notably, Malwarebytes detected 100% of the stalkerware products we tested for. ESET, Bitdefender, McAfee, and Kaspersky detected all but one sample. This is a marked improvement over the 2021 test, which also found only one app with a 100% detection rate (G Data), but the next-best performing products had detect rates of 80-85%. Google Play Protect and Trend Micro had the lowest detection rates in the 2025 test, at 53% and 59% respectively. The poor performance of Google Play Protect is unsurprising: because it is the anti-virus solution on so many Android phones by default, some stalkerware includes specific instructions to disable detection by Google Play Protect as part of the installation process.

There are fewer stalkerware products out there. In 2020 and 2021, AV Comparatives tested 20 unique stalkerware products from different vendors. In 2025, we tested 17. We found that many stalkerware apps are essentially variations on the same underlying product and that the number of unique underlying products appears to have decreased in recent years. We cannot be certain about the cause of this decline, but we speculate that increased attention from regulators may be a factor. The popularity of small, cheap, Bluetooth-enabled physical trackers such as Apple AirTags and Tiles as an alternative method of location-tracking may also be undercutting the stalkerware market.

You can find the full results of the test here (PDF).

EFF Teams Up With AV Comparatives to Test Android Stalkerware Detection by Major Anti

Quote:You’ve received a threatening email. What’s your next move?
 
“We’ve hacked your computer! Send money to the specified account, or all your photos will be posted online”. You or someone you know has probably encountered an email with this kind of alarming message.

We’re here to offer some reassurance: nearly every blackmail email we’ve ever seen has been a run-of-the-mill scam. Such messages, often using identical text, are sent out to a massive number of recipients. The threats described in them typically have absolutely no basis in reality. The attackers send these emails out in a “spray and pray” fashion to leaked email addresses, simply hoping that at least a few recipients will find the threats convincing enough to pay the “ransom”.

This article covers which types of spam emails are currently prevalent in various countries, and explains how to defend yourself against email blackmailers.

Classic scams: hacks, sextortion, and “your money or your life”

Classic scam emails may vary in their content, but their essence always remains the same: the blackmailer plays the role of a noble villain, allowing the victim to walk away unharmed if they transfer money (usually cryptocurrency). To make the threat more believable, attackers sometimes include some of the victim’s personal data in the email, such as their full name, tax ID, phone number, or even their physical address. This doesn’t mean you’ve actually been hacked — more often than not, this information is sourced from leaked databases widely available on the dark web.
The most popular theme among email blackmailers is a “hack” where they claim to have gained full access to your devices and data. Within this theme, there are three common scenarios:

1. The attacker is concise and gets straight to the point: they state the exact amount of money you need to transfer to prevent your private information from becoming public.
   
2. Detailed and dramatic emails: these elaborate spam emails contain a wealth of detail about the malware the attacker allegedly used to infect the recipient’s device, and the types of data they’ve accessed. This usually includes everything at once: the PC itself, the mouse, the webcam, and the keyboard. Sometimes, the scammers even graciously advise you to change your passwords regularly and avoid clicking on unknown links in the future to prevent unpleasant situations. On this point we actually agree with their recommendations.
   
3. The specific details of the “hacker attack” and the attacker’s demands are omitted from the email body. Instead, the recipient is prompted to find this information by clicking a link to a website. Scammers use this tactic to bypass email spam filters.
   

Continue Reading...

Quote:Microsoft released the feature update of 2025 for Windows 11 recently. The new update did not include many new features compared to its direct predecessor Windows 11, version 24H2. However, Microsoft continues to release new features gradually to Windows throughout the year.

One of these changes is a revamped start menu that, Microsoft promises, makes things a lot better for users of the operating system and introduces some new features on top of that.

The big features are an all-application listing on the first Start menu screen, new category options, and a responsive layout that adjusts to the size of the screen.

The main requirement for the new start menu is that your PC runs Windows 11, version 25H2. While the feature update has reached a broader distribution, it is still not offered on all devices.

Side note: if you installed Windows 11 on a PC that does not meet the system requirements, you won't get the update via Windows Update. You can use a tool like FlyOOBE to upgrade these systems. While primarily designed for upgrading Windows 10 PCs to Windows 11, it can also be used to upgrade Windows 11 PCs to a newer version.

Tip: Open the Start menu, type winver, and press the Enter-key to display the current version of the Windows 11 operating system.

Continue Reading...

Quote:Security researchers have revealed that the Google Play Store had played host to malicious apps. The malware were downloaded over 40 million times.

Welcome to the safest mobile app marketplace, people!

A report published by Zscaler ThreatLabz (via Bleeping Computer) reveals how hackers are using malware to target users on mobile devices. It says that based on Telemetry data that it analyzed, Android Malware has jumped by 67% year-over-year.

For those curious, last year Zscaler had discovered over 200 fake apps on the Play Store. During June 2024 and May 2025, this number rose to 239 malicious apps.

Many of these malware apps were distributed under the Tools category, masquerading as productivity and workflow tools. This resulted in the apps being downloaded 42 million times. The report points out that threat actors are now targeting mobile payments instead of credit card-focused fraud, with the help of spyware, banking malware, phishing trojans to steal financial information and login credentials which are used for malicious transactions.

According to the report, these Countries were most impacted by malware attacks: India (26%), United States (15%), Canada (14%), Mexico (5%) and South Africa (4%). Zscaler says that threat actors used an Android Void malware, to infect 1.6 million Android-based TV boxes, primarily in India and Brazil. A Remote Access Trojan (RAT), called Xnotice, was targeting jobseekers in the oil and gas industry, in the the Middle East and North African region. Adware is the number one threat with 69% of cases, while the Joker malware family dropped to 23% of cases from 38% last year.

Continue Reading...

Quote:F-Secure version 25.10 public release.

FSecure Knowledge  

Version 25.10​Released November 2025

VPN websites bypass​Specific websites or domains can be set to bypass VPN tunnel. This may be helpful in case some website blocks access over VPN and user wants to avoid turning off VPN to access such site.

Bug fixes:​

• Device Protection malfunction smart task shows proper details when the problem occurs because of disk space
  
• In some VPN location change scenarios VPN could connect to other location than shown in UI
  
• Family Protection cannot be set up when LanmanWorkstation service is not running
  
• Changing Windows user name crashes UIs before the computer is restarted
  
• Excluded paths were not handled correctly in Scam Protection
  
• User interface consistency improved in various interfaces
  

Quote:The next iteration of Linux Mint is going to make some interesting changes to the user experience, including a redesigned Start Menu for Cinnamon. Clement Lefebvre, aka Clem, the project and development team leader of the distro has published some details about the upcoming features.

This is what the Cinnamon Menu applet, or the Start Menu, looks like in its current style on Linux Mint 22.2.



It looks fine, and works perfectly. Notice how it blurs out the last item in the list?



Also, here are the current options for customizing the menu.



Well, here is a screenshot of the new Start Menu. It's detached from the bottom of the screen, and looks way better.

Continue Reading...

Quote:Researchers have discovered that 50% of data transmitted via satellites is unencrypted. This includes your mobile calls and texts, along with banking, military, government, and other sensitive information. How did this happen, and what can we do about it?
 
The year is 2024. A team of scientists from both the University of California San Diego and the University of Maryland, College Park, discovers an unimaginable danger looming over the world — its source hiding in space. They start sounding the alarm, but most people simply ignore them…

No, this isn’t the plot of the Netflix hit movie Don’t Look Up. This is the sudden reality in which we find ourselves following the publication of a study confirming that corporate VoIP conversations, military operation data, Mexican police records, private text messages and calls from mobile subscribers in both the U.S. and Mexico, and dozens of other types of confidential data are being broadcast unencrypted via satellites for thousands of miles. And to intercept it, all you need is equipment costing less than US$800: a simple satellite-TV receiver kit.

Today, we explore what might have caused this negligence, if it’s truly as easy to extract the data from the stream as described in a Wired article, why some data operators ignored the study and took no action, and, finally, what we can do to ensure our own data doesn’t end up on these vulnerable channels.

Continue Reading...

Quote:AMD preps yet another Ryzen AI MAX SKU: 388 with 40 RDNA3.5 Compute Units

The new chip would feature one CPU chiplet and full graphics.



While there are hardly any gaming handhelds or gaming-oriented Strix Halo products, users who are focused purely on gaming can save hundreds of dollars if they choose the lower-end SKU called Ryzen AI MAX 385. Unlike the flagship MAX+ 395, it has 8 instead of 16 cores, and it also has cut-down graphics from 40 RDNA 3.5 compute units to 32.

Still, for many this is a good balance for gaming. The good news is that this choice may soon have another option that would require no such sacrifices. The Ryzen AI MAX+ 388 was just spotted over at PassMark.

Initially it was not quite clear what the “+” means in MAX branding, but the explanation may be simpler than that. The + applies to all SKUs with full Radeon 8060S graphics featuring 40 CUs. For this reason, the new SKU, although it should sit below MAX 390, would still feature the plus branding. This matches what Intel is planning for the Core Ultra 300 series, where “X” variants would also feature full graphics.

Ryzen AI MAX+ 388 is an 8-core CPU that has been spotted over at PassMark. This does not mean the SKU is confirmed, but PassMark rarely lists SKUs that never reach the market. In fact, it is much more reliable than Geekbench, which might have such variants.

Continue Reading...

Quote:If you have worked on a PC with Microsoft's Windows 10 or Windows 11 operating system, you may have encountered a bug that could occur during system updates. Windows offers two main options when it comes to updating: "update and restart", or "update and shut down".

• The first installs the Windows update and will restart the PC so that you can continue working.
  
• The second installs the updates and shuts down the PC after the update has been installed.
  

The bug caused the system in the second case to restart instead of shutting down. This usually meant that you had to run the shutdown command again to shut down the PC, sometimes in the morning or at a later point in time, if you did not wait for the initial operation to complete. This could lead to some frustrating experience, especially if you did not wait for the operation to complete and got back hours later to the PC noticing that it never shut down.

Microsoft says it has fixed the issue, but does not provide an explanation

Microsoft claims now that it has identified the root cause of the bug and fixed it. The information is found in the preview update for Windows 11, version 25H2 and version 24H2 on the official Microsoft Support website.

There, Microsoft writes: "Improved: Addressed underlying issue which can cause “Update and shutdown” to not actually shut down your PC after updating."

Continue Reading...