While investigating suspect websites, our research team discovered the nomornaling[.]com rogue page. Upon examination, we determined that it promotes browser notification spam and generates redirects to different (likely unreliable/hazardous sites. Nomornaling[.]com and analogous webpages are mos
Our research team discovered comolononlanize[.]com during a routine inspection of suspicious sites. After investigating this rogue webpage, we learned that it promotes spam browser notifications and redirects users to other (likely untrustworthy/harmful) websites. Most visitors to comolononlanize
WebSocket is the name of a Remote Access Trojan (RAT). This malware allows attackers to access/control devices remotely. It was used in a highly targeted phishing campaign that involved six months of planning and was executed on the 8th of October, 2025. It was designed for maximum efficacy and th
Vidar 2.0 is a new release of the Vidar malware, rewritten in C programming language and capable of multi-threaded data stealing. It defeats Chrome's app-bound encryption and includes advanced evasion features. Stolen data is sent to delivery channels like Telegram bots and Steam profile URLs.
After inspecting "Your Email Has Stopped Working", we determined that this email is spam. It claims that the recipient can no longer send messages because their mailbox has exceeded its storage capacity. This spam campaign aims to trick recipients into revealing their email log-in credentials to a
After reviewing this "Routine Account Check" email, we determined that it is spam. It instructs the recipient to verify their account settings to avoid mail service interruptions. The purpose of this spam campaign is to lure recipients into disclosing their email account log-in credentials to a ph
Our analysis indicates that gravixluno.co[.]in is a malicious website designed to trick visitors into enabling its notifications. Allowing notifications from this site can result in persistent, misleading alerts that may lead to websites that can compromise security and privacy. Therefore, gravixl
We have analyzed the message and determined that it is a phishing email pretending to be a notification about an approved October salary. It includes a link to a deceptive website designed to extract personal information from visitors. This scam email should be ignored and deleted to avoid the ass
Our inspection has revealed that synicametion[.]com is an untrustworthy website created to lure visitors into accepting its notifications. If permitted, synicametion[.]com can flood users with annoying and misleading notifications that can expose them to security and privacy risks. Thus, synicamet
We have inspected jeiia.co[.]in and discovered that it is one of the numerous fraudulent websites designed to trick visitors into taking action that permits the page to show notifications. If permission is granted, jeiia.co[.]in can send deceptive notifications to promote other potentially malicio