We have inspected the website (power-protocol[.]org) and found that it promotes a fraudulent "Power Protocol ($POWER) airdrop". It is designed to appear as the original Power Protocol site (powerprotocol.xyz) to trick visitors. The goal is to empty cryptocurrency wallets. Victims of this scam may
Ultimate is malware designed to steal information from infected macOS systems. It maintains persistence, evades detection, and securely exfiltrates stolen data to a command-and-control (C2) server controlled by cybercriminals. If a device is infected with Ultimate, the malware should be removed
Our analysis shows that it is a deceptive email disguised as a security alert from the Chase Bank (a legitimate American national bank). It contains fake details to appear urgent and trick recipients into disclosing personal information on a fraudulent page. This scam email should be ignored to av
CrySome is a remote access Trojan (RAT) that lets cybercriminals take control of an infected device. This RAT can steal files and passwords, spy on activity, and run commands remotely. What makes CrySome even more serious threat is that it can hide itself, disable antivirus software, and stay on t
CrystalX is a remote access Trojan (RAT) offered as MaaS (malware‑as‑a‑service) and promoted through Telegram. It is mainly used to steal information from infected devices and to control devices remotely, and it also has a prankware capability. If detected on a device, CrystalX should be rem
The WebWebWeb.com browser hijacker infiltrates Internet browsers (Google Chrome and Mozilla Firefox) through free software downloads. At time of testing, this website was promoted via an application called 'video downloader professional'. Developers of this browser settings-changing adware (LINK6
Pulse is a Chromium-based browser. It is promoted as an Internet browser that integrates AI (Artificial Intelligence). Upon inspection, we determined that this rogue browser is a PUA (Potentially Unwanted Application). It produces redirects to several fake search engines that cannot generate searc
We have reviewed the email and determined that it is a scam disguised as a "Microsoft security update". It contains deceptive links (disguised as options) leading to malicious downloads. Recipients should ignore this fraudulent message to avoid computer infections and further issues. The e
We have discovered this scheme during an inspection of a PDF file hosted on a dubious page. This scam site is supposed to provide a tool (Hacking Panel V2) for hacking Instagram accounts. Ultimately, users are directed to another web page. It is highly advisable not to trust such schemes to avoid
XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling". In most cases, "bundling"
Iranian threat actors have increasingly adopted ransomware-like tactics. These are not purely criminal enterprises, but instruments of statecraft. Over the past several years, and especially amid escalating geopolitical tensions, these actors have refined a hybrid model, which blends cybercrime tech
Cyber and kinetic warfare have merged into a new phase. Internet-connected devices, especially IP cameras, are now both intelligence assets and strategic risks. Recent events in the 2026 Middle East conflict show how compromised surveillance, coordinated cyberattacks, and DDoS campaigns are changing
A supply chain attack campaign attributed to the TeamPCP threat group marks one of the most consequential and fast-moving compromises of modern software development infrastructure. The attackers targeted trusted developer tools and open-source ecosystems. This campaign showed how a single foot
The emergence of VoidStealer marks a significant evolution in the infostealer malware landscape. It demonstrates how quickly threat actors adapt to defensive innovations. By using a novel debugger-based technique to bypass Google Chrome's Application-Bound Encryption (ABE), VoidStealer highlights th
A newly uncovered iOS exploitation framework called DarkSword is reshaping the mobile threat landscape. It signals a shift from targeted espionage tools to scalable, multipurpose attack infrastructure. Joint research from Google Threat Intelligence Group (GTIG) and Lookout shows how advanced exploit
Combo Cleaner is an all-in-one solution developed by RCS LT, the company behind PCrisk.com. Making a powerful entrance as a comprehensive antivirus and system optimization solution, it's here to shield you from various threats on Windows, macOS, Android, and iOS.
When assessing the best way to reclaim your privacy, the personal data removal service Incogni is a popular option. It works by automatically sending requests to data brokers and people-search websites, erasing personal information from their databases.
Launched in 2010 by the privacy company Abine and based in the U.S., DeleteMe has over a decade of experience in cleaning up personal information from the web. This review examines DeleteMe's pricing, features, performance, and value.
Optery stands out as the most flexible personal data removal service. Optery may not be overflowing with the advanced features of more expensive services, but it's getting the results done, and lets you only pay for the level of security you require.
When it comes to Privacy Bee, a privacy protection service that scrubs your personal information from data broker databases and public listings, this review, written by the PCrisk team, will be a solid reference.