We have inspected the email and found that it contains a fake notification about a SWIFT wire transfer confirmation copy supposedly attached for review. It is a phishing email designed to steal email account credentials from unsuspecting recipients through a fraudulent login page that imitates whi
FlutterShell is a backdoor targeting macOS users. It is delivered inside fake-but-working Mac apps (a podcast player and PDF viewers) and gives attackers remote control of an infected Mac through a hidden browser window. Researchers at Palo Alto Networks Unit 42 documented the malware as part of
We have inspected the website vote-ethfi[.]app and found that it imitates the official ether.fi platform, presenting a fake "$ETHFI Rewards Allocation Proposal" governance vote. The page is designed to trick visitors into connecting their cryptocurrency wallets, which can lead to the theft of digi
We have inspected the website reward-kinetiq[.]xyz and found that it impersonates Kinetiq, a liquid staking platform, by promoting a fake voting rewards proposal. It is designed to trick visitors into connecting their cryptocurrency wallets, which can result in financial losses. IMPORTANT NO
Our researchers discovered the Search Toggler browser hijacker while reviewing extensions promoted through their own dedicated websites. Despite its description promising an easier way to switch between search engines, Search Toggler quietly reassigns the browser's search settings to searchtoggler
.Xyz is a new variant of Jigsaw ransomware. Following infiltration, this ransomware encrypts various files stored on victims' computers. This is achieved using asymmetric cryptography. During encryption, this ransomware appends the name of each encrypted file with a ".xyz" extension and, thus, it
We have examined the site and found that it is a scam that offers visitors a "bonus" as a lure. Its goal is to trick visitors into taking steps that could result in financial loss and possibly other issues, such as information theft. Thus, it is highly advisable not to trust the sites involved in
Pulse is a Chromium-based browser. It is promoted as an Internet browser that integrates AI (Artificial Intelligence). Upon inspection, we determined that this rogue browser is a PUA (Potentially Unwanted Application). It produces redirects to several fake search engines that cannot generate searc
After reviewing this email, it has become evident that it is a fraudulent message impersonating PayPal and sent by malicious actors. The intention behind this email is to trick recipients into divulging sensitive data and potentially initiating financial transfers. Thus, recipients are strongly ad
Search1.me is the address of a fake search engine. Typically, such web searchers are promoted by PUAs (Potentially Unwanted Applications) classified as browser hijackers. Search1.me has been observed being pushed by the Better Search browser hijacker. Browser hijackers promote fraudulent w
The recent surge in supply chain-focused attacks and leaked malware tooling has underscored a structural shift in modern cybercrime: attackers are no longer relying solely on isolated exploits but are increasingly industrializing malware development and distribution through developer ecosystems. Ac
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly exploited SolarWinds Serv-U vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active targeting of organizations running vulnerable versions of the managed file transfer platform. The
The cybersecurity community has spent years warning that operational technology (OT) systems are among the most attractive targets for state-sponsored threat actors. Recent incidents involving fuel tank monitoring systems across the United States show that these concerns are no longer theoretical.
Cybercriminals have spent years refining techniques that exploit trust. They impersonate brands, abuse legitimate services, and manipulate search engines to display malicious content to unsuspecting users. The emergence of generative AI platforms has introduced another powerful trust mechanism into
The operators behind the SHub macOS infostealer have introduced a more sophisticated variant called "Reaper." This shows how macOS-focused malware keeps evolving, moving beyond basic credential theft into persistent, multi-stage compromise operations. The latest campaign blends social engineering,
Combo Cleaner is an all-in-one solution developed by RCS LT, the company behind PCrisk.com. Making a powerful entrance as a comprehensive antivirus and system optimization solution, it's here to shield you from various threats on Windows, macOS, Android, and iOS.
When assessing the best way to reclaim your privacy, the personal data removal service Incogni is a popular option. It works by automatically sending requests to data brokers and people-search websites, erasing personal information from their databases.
Launched in 2010 by the privacy company Abine and based in the U.S., DeleteMe has over a decade of experience in cleaning up personal information from the web. This review examines DeleteMe's pricing, features, performance, and value.
Optery stands out as the most flexible personal data removal service. Optery may not be overflowing with the advanced features of more expensive services, but it's getting the results done, and lets you only pay for the level of security you require.
When it comes to Privacy Bee, a privacy protection service that scrubs your personal information from data broker databases and public listings, this review, written by the PCrisk team, will be a solid reference.