SantaStealer is malicious software used to collect sensitive data from compromised systems. It is sold as a Malware-as-a-Service through Telegram channels and underground forums. Research suggests it was previously known as BluelineStealer. The malware avoids detection by running in memory and tra
While investigating suspect websites, our researchers discovered the news-jafexe[.]cc rogue page. It operates by promoting browser notification spam and generating redirects to different (likely unreliable/harmful) sites. Most users enter webpages like news-jafexe[.]cc via redirects produced by we
While investigating suspicious websites, our researchers discovered this fake "Hypurr Fun ($HFUN) Allocation" page. It is not associated with the actual Hypurr Fun platform. This scam aims to deceive victims into exposing their cryptowallets to a cryptocurrency drainer. IMPORTANT NOTE: We do
After examining this "DHL Express - Incomplete Address Information" email, we determined that it is fake. This spam message urges the recipient to update their shipping information to complete the delivery. The purpose of this phishing campaign is to deceive recipients into disclosing their email
Our inspection has shown that it is a fake email claiming to be regarding a payment receipt. It is designed to deceive unsuspecting recipients into opening the provided website and entering personal information. Victims of this scam may be unable to access their accounts and encounter further issu
The WebWebWeb.com browser hijacker infiltrates Internet browsers (Google Chrome and Mozilla Firefox) through free software downloads. At time of testing, this website was promoted via an application called 'video downloader professional'. Developers of this browser settings-changing adware (LINK6
"Instagram Password Hacker" is a scam run on various deceptive websites. This scheme is presented as a hacking service allowing users to steal Instagram social media accounts by entering their usernames. The aim of "Instagram Password Hacker" is to promote untrustworthy and malicious sites, namel
We have reviewed the email and determined that it is a phishing message disguised as a security notification from American Express. It is created to appear urgent and important to trick recipients into opening a fake website and entering personal information. This and similar scams should be ignor
While investigating dubious websites, our researchers discovered the "Android Has Detected A Wiretap On Your Phone" scam. It claims that the user's smartphone has been wiretapped. Typically, scams of this kind aim to trick users into downloading/installing or purchasing (likely suspicious/harmful)
Search1.me is the address of a fake search engine. Typically, such web searchers are promoted by PUAs (Potentially Unwanted Applications) classified as browser hijackers. Search1.me has been observed being pushed by the Better Search browser hijacker. Browser hijackers promote fraudulent w
In early December 2025, the cybersecurity community was rocked by the public disclosure of a critical, easily exploitable vulnerability in React Server Components (RSC). RSC is the backbone of many modern web applications. Assigned CVE-2025-55182, and quickly nicknamed React2Shell, this vulnerabilit
Over the past year, security researchers have spotlighted a growing menace in the ransomware ecosystem: a packer-as-a-service known as Shanya. The rise of Shanya shows how modern attackers outsource core workflow parts. They now rely on services for obfuscation and endpoint detection and response (E
The discovery of a malware campaign called Shai-Hulud 2.0 has drawn widespread attention across the cybersecurity world, not only because it affected a large number of people, but also due to its unusual spread. Although the name sounds like something from science fiction, the threat remains very r
Glassworm has reappeared in a third wave. Researchers have spotted dozens of newly published Visual Studio Code–compatible extensions. These extensions again carry a suite of clandestine, developer-focused malware behaviors. The most recent activity was discovered in late November and reported on
The recent cyberattack on the OnSolve CodeRED system has shocked public safety agencies across the United States, revealing the deep vulnerability of critical emergency-alert infrastructure. The incident was claimed by the INC Ransomware gang, a relatively new, but increasingly active, ransomware-as
Combo Cleaner is an all-in-one solution developed by RCS LT, the company behind PCrisk.com. Making a powerful entrance as a comprehensive antivirus and system optimization solution, it's here to shield you from various threats on Windows, macOS, Android, and iOS.
For VPNs, NordVPN stands out as a top contender. Its global reputation is partly due to its speed, security, and ability to unblock streaming services. We put this to the test, performing a comprehensive hands-on evaluation across different platforms to see how well it works.
ExpressVPN is a well-known premium VPN service with a strong reputation for security, speed, and reliability. Founded in 2009 and headquartered in the British Virgin Islands, it has long been a top choice for users seeking online privacy and the ability to bypass internet restrictions.
Proton VPN is a popular VPN service developed by the Swiss company Proton AG (the team behind ProtonMail). It's known for its strong focus on privacy, offering advanced security features and an unlimited free plan - something rare among VPNs.
Surfshark launched in 2018 and quickly grew into a popular VPN choice known for its unlimited device policy and budget-friendly pricing. In recent years, Surfshark has expanded beyond a basic VPN into a comprehensive security suite.