Our analysis has revealed that clicksafetychallenge.co[.]in is a rogue page designed to trick visitors into granting it permission to send browser notifications. The site uses a fake CAPTCHA widget as bait. If allowed, it delivers misleading security alerts that can expose users to scams and other
Our analysis has revealed that chonateciae[.]com is a rogue page built to deceive visitors into enabling browser notifications. The site uses a fake robot verification prompt as its lure. Once permission is granted, it delivers misleading alerts and other unwanted notifications that can expose use
After inspecting this email, we determined that it is a phishing scam. It poses as an automated notification from a mailbox service provider, falsely claiming the recipient's account is due for an upgrade. The scammers want users to click through to a fraudulent website and hand over their email l
We have examined this email and determined it is a phishing scam. It is designed to look like an automated delivery failure notice, claiming the recipient's outgoing message exceeded the server's size limit. The real goal is to lure the recipient into entering their email credentials on a fake log
RemotePE is a Remote Access Trojan (RAT) attributed to the Lazarus Group, a North Korean state-sponsored hacking collective. According to research by Fox-IT, RemotePE runs entirely in memory and never writes itself to disk, making it extremely difficult to detect with conventional security softwar
After examining this email, we determined that it is a phishing scam. The message poses as an automated alert from a mail security service, claiming the recipient's email deliverability settings need immediate attention. It tricks recipients into clicking a link that leads to a fake website design
We have examined this email and determined it is a phishing scam. It impersonates cPanel Webmail with a false claim that the recipient's mailbox is pending deletion. The scammers behind it seek to steal email login credentials, and the message should be ignored to avoid account compromise.
During our investigation of dubious websites, our team examined tokendisbursement[.]xyz and found that it promotes a fake cryptocurrency airdrop for Red Kitten Crew ($RKC) tokens. The site claims to offer an official distribution of $RKC on the Solana ecosystem. In reality, it is a fraudulent page
During our examination of dubious websites, our researchers came across opneclawai[.]top - a fraudulent page mimicking the legitimate OpenClaw AI platform (openclaw.ai). The site poses as an AI-powered trading analyst for Solana tokens and prompts visitors to connect their cryptocurrency wallets.
While inspecting suspicious pages, our researchers came across nearprotocol-checker[.]xyz, a website pretending to be tied to the NEAR Protocol. It promotes a fake "$NEAR Points Allocation Checker" and is built to drain cryptocurrency from wallets that connect to it. IMPORTANT NOTE: We do no