Our researchers discovered the Fusebase Search browser hijacker while inspecting extensions distributed through dedicated download pages. Fusebase Search modifies browser settings so that searches and new tabs are handled by s.fusebase-search.com. This extension is also considered a privacy threa
We inspected Video Search Extension and found that it is a browser hijacker. Once added to a web browser, this extension changes the default search engine to myvideolibrary.info, a fake search engine. Myvideolibrary.info is promoted by multiple hijacker extensions, with Video Library Search being
Easy Login is a browser extension for Google Chrome and other Chromium-based browsers. Our team inspected it after noticing that it is promoted through the loginonlineapp.com website. Based on our findings, Easy Login behaves as a browser hijacker. Although its Chrome Web Store page describes Eas
We have examined the email and concluded that it is a scam. The message is designed to appear as an automated storage warning from an email service provider. The scammers behind it seek to trick unsuspecting recipients into entering their email login credentials on a fraudulent website. This scam
We examined this email and determined that it is a phishing scam. It is disguised as a routine security notice from an email account's IT support team, urging recipients to re-verify their account to avoid losing mailbox access. In reality, the message is designed to steal email login credentials.
We have inspected the email and found that it contains a fake notification claiming the recipient's mailbox has incoming messages stuck in quarantine due to oversized attachments. It is a phishing email designed to steal email account login credentials from unsuspecting individuals. This message s
We have inspected the email and found that it contains a fake notification claiming that the recipient's mailbox has not been validated and could be suspended. It is a phishing email designed to steal email account login credentials from unsuspecting recipients. It should be ignored to avoid havin
We have inspected the email and found that it contains a fake notification about a SWIFT wire transfer confirmation copy supposedly attached for review. It is a phishing email designed to steal email account credentials from unsuspecting recipients through a fraudulent login page that imitates whi
FlutterShell is a backdoor targeting macOS users. It is delivered inside fake-but-working Mac apps (a podcast player and PDF viewers) and gives attackers remote control of an infected Mac through a hidden browser window. Researchers at Palo Alto Networks Unit 42 documented the malware as part of
We have inspected the website vote-ethfi[.]app and found that it imitates the official ether.fi platform, presenting a fake "$ETHFI Rewards Allocation Proposal" governance vote. The page is designed to trick visitors into connecting their cryptocurrency wallets, which can lead to the theft of digi