Our research team found the fynexnero.co[.]in rogue webpage while inspecting untrustworthy sites. After examining this page, we learned that it promotes browser notification spam and generates redirects to different (likely unreliable/harmful) websites. Users primarily access webpages like fynexne
We have examined pallairrate[.]com and concluded that it uses clickbait to trick visitors into consenting to receive notifications. Once permission is granted, pallairrate[.]com can send misleading offers and other unreliable notifications. Thus, pallairrate[.]com and similar pages should be avoid
We found that news-direpu[.]com is a deceptive website attempting to convince visitors to enable notifications. If granted permission, it may send intrusive and misleading messages that could lead to other shady pages. Allowing news-direpu[.]com to show notifications can expose users to scams and
Terstiveloa.co[.]in is a rogue page that promotes browser notification spam and generates redirects to different (likely unreliable/malicious) websites. Most visitors to terstiveloa.co[.]in and similar webpages access them via redirects produced by sites using rogue advertising networks. In fact,
While investigating suspect websites, our research team discovered the nomornaling[.]com rogue page. Upon examination, we determined that it promotes browser notification spam and generates redirects to different (likely unreliable/hazardous sites. Nomornaling[.]com and analogous webpages are mos
Our research team discovered comolononlanize[.]com during a routine inspection of suspicious sites. After investigating this rogue webpage, we learned that it promotes spam browser notifications and redirects users to other (likely untrustworthy/harmful) websites. Most visitors to comolononlanize
WebSocket is the name of a Remote Access Trojan (RAT). This malware allows attackers to access/control devices remotely. It was used in a highly targeted phishing campaign that involved six months of planning and was executed on the 8th of October, 2025. It was designed for maximum efficacy and th
Vidar 2.0 is a new release of the Vidar malware, rewritten in C programming language and capable of multi-threaded data stealing. It defeats Chrome's app-bound encryption and includes advanced evasion features. Stolen data is sent to delivery channels like Telegram bots and Steam profile URLs.
After inspecting "Your Email Has Stopped Working", we determined that this email is spam. It claims that the recipient can no longer send messages because their mailbox has exceeded its storage capacity. This spam campaign aims to trick recipients into revealing their email log-in credentials to a
After reviewing this "Routine Account Check" email, we determined that it is spam. It instructs the recipient to verify their account settings to avoid mail service interruptions. The purpose of this spam campaign is to lure recipients into disclosing their email account log-in credentials to a ph