Tech News: Latest Updates from 2026-02-25
Tech roundup for 2026-02-25.
This report was automatically generated by AnishoAI. Automate your content production — visit us for more information and pricing.
Malicious Google Ads Tool 1Campaign Revealed
Security researchers at Varonis have exposed 1Campaign, a cloaking service that lets cybercriminals run malicious Google Ads targeted only at specific audiences. The tool shows phishing or scam content to real victims while displaying a blank page to ad reviewers, security scanners, and automated systems, allowing fraudulent campaigns to slip past initial checks and remain active longer.
1Campaign offers more than cloaking. It provides real‑time analytics, visitor profiling, fraud scoring, and the ability to block traffic from known security vendors, data centers, and VPNs. Each visitor receives a fraud score between 0 and 100; traffic from Microsoft Corporation, Google, Tencent Cloud Computing, OVH Hosting, and other cloud providers is automatically flagged with high scores and blocked. The system identifies security scanners by IP ranges, ISPs, and behavioral patterns, enabling attackers to precisely control who sees malicious content and who sees a blank page. Developed by the hacker alias “DuppyMeister,” the platform distributed traffic across the United States, Canada, the Netherlands, China, Germany, France, Japan, Hungary, and Albania. It also includes a Google Ads launcher that allows users to launch both malicious and benign campaigns, effectively letting attackers spoof any brand and bypass policy limitations.
| Feature | Details |
|---|---|
| Fraud Scoring | 0–100 per visitor |
| Blocked Sources | Microsoft, Google, Tencent Cloud, OVH Hosting, etc. |
| Geographic Reach | US, Canada, NL, CN, DE, FR, JP, HU, AL |
Varonis’ findings highlight how 1Campaign enables large‑scale ad fraud, allowing attackers to impersonate legitimate brands in Google Ads while evading automated policy enforcement.
Windscribe Launches Android Beta with AmneziaWG for Iran and Russia
Windscribe has rolled out a beta Android app specifically for users in Iran and Russia, adding native support for the AmneziaWG protocol to help bypass the growing internet censorship in those countries. The update follows the provider’s earlier announcement that its standard VPN connections were being aggressively targeted, and it promises to restore free web access for affected users.
Previously, users in restricted regions had to request a configuration file from support and use third‑party software to connect via AmneziaWG. The new beta app embeds this functionality directly, lowering the technical barrier and allowing mobile users to switch to the stealth protocol without complex setups. AmneziaWG modifies WireGuard packet signatures to resemble random or benign web traffic, making it harder for Deep Packet Inspection systems to detect VPN usage.
| Feature | Details |
|---|---|
| Target Regions | Iran, Russia |
| Protocol | AmneziaWG (stealth WireGuard) |
| Availability | Beta Android app via Play Store, App Store, or direct APK download from Telegram or website |
| Future Plans | Windows build in progress; all users will eventually have access, not just paid subscribers |
Windscribe’s internal data shows that nearly half of Iranian users and 52% of Russian users reported VPN failures in recent polls, prompting the focus on mobile solutions first. The company encourages users to sideload the APK to avoid app‑store restrictions, ensuring they can obtain the latest anti‑censorship tools even if official channels are blocked.
Patching Alone Fails to Stop Rapid Cyber Attacks on ERP Systems
Patching is a change‑management decision with financial, operational, and risk consequences, not a security strategy. CIOs know that today’s threats move quickly, and attackers now use automation and AI to validate new vulnerabilities against real software estates within days or even hours. This compresses the window for organizations to respond, even when they run disciplined patching processes. ERP platforms, however, evolve slowly because they sit at the center of financial, operational and supply‑chain processes. Even minor updates can affect integrations, reporting logic or custom extensions built up over many years, so these systems change only when it is safe to do so. The result is a widening gap between how risk is created and how it is mitigated. Attackers move against reachable weaknesses across identity, configuration and architecture, while patches only ever address a subset of known flaws in vendor code. That mismatch means exposure remains, no matter how fast updates are applied.
Patch‑centric security is a blunt and increasingly fragile tool for ERP environments. These systems are built from layers of custom code, older modules and tightly coupled integrations that no standard vendor model reflects, making updates inherently unpredictable. As pressure to patch faster has increased, many organizations have been forced to accept more operational risk in exchange for perceived security. Systems break, interfaces fail and critical workflows are disrupted, even while large parts of the environment remain unpatchable or unsupported. ERP platforms are not designed to move at the speed of modern vulnerability discovery, yet patch‑first security assumes that they must.
Many CIOs are revisiting defense‑in‑depth and re‑interpreting it for complex application environments rather than just networks or endpoints. This is not because they want to move away from patching, but because patching has become a high‑stakes liability decision. Defense‑in‑depth offers a way to spread that risk. Rather than depending on patches alone, it ensures the organization has more than one line of protection during the long periods in which updates cannot be applied, or do not yet exist. In practice, it is less about accumulating tools and more about shaping the environment so that no single control acts as a silver bullet. Zero Trust models assume breach, require continuous verification, and minimize blast radius. Patching plays a role, but its contribution is narrow: it addresses yesterday’s identified flaw, not today’s unknown or tomorrow’s zeroday; it does nothing to improve identity governance, segmentation, authentication strength, or detection capabilities; it requires dependence on a single vendor’s timelines and disclosure practices. Defense in Depth, by contrast, supports Zero Trust by adding compensating layers: hardened configurations, privilege reduction, lateral movement controls, monitoring, and rapid mitigations independent of vendor patch cycles.
Conclusion
Cybercriminals are increasingly using sophisticated cloaking tools like 1Campaign to evade detection, while VPN providers such as Windscribe are innovating with stealth protocols like AmneziaWG to counter censorship. Meanwhile, the rapid pace of automated attacks exposes the vulnerability of legacy ERP systems, highlighting the need for more proactive and adaptive security strategies.
FAQ
What features does 1Campaign provide to help malicious advertisers evade detection?
1Campaign offers cloaking, real‑time analytics, visitor profiling, fraud scoring, and the ability to block traffic from known security vendors, data centers, and VPNs.
How does Windscribe’s new Android beta help users in Iran and Russia bypass internet censorship?
The beta app embeds native support for the AmneziaWG protocol, allowing users to switch to a stealth VPN that modifies WireGuard packet signatures to resemble random or benign web traffic.
Why is patching alone insufficient to protect ERP systems from rapid cyber attacks?
ERP platforms evolve slowly and minor updates can disrupt integrations and custom extensions, creating a widening gap between the speed of threat exploitation and the ability to apply patches safely.