ModeloRAT is a Remote Access Trojan (RAT) written using the Python programming language. The malicious program allows attackers to remotely access and control devices. This malware can cause chain infections. ModeloRAT has been proliferated using the CrashFix technique in January 2026. This campa
Pulse is a Chromium-based browser. It is promoted as an Internet browser that integrates AI (Artificial Intelligence). Upon inspection, we determined that this rogue browser is a PUA (Potentially Unwanted Application). It produces redirects to several fake search engines that cannot generate searc
Our investigation of news-kuluye[.]cc revealed that the website is designed to deceive visitors into allowing notifications. Websites that use deceptive methods typically deliver annoying and misleading notifications. Therefore, users should avoid visiting sites like news-kuluye[.]cc and never acc
We have reviewed the website (mega-early[.]com) and found that it is a scam website designed to steal cryptocurrency. It imitates the original MegaETH platform (megaeth.com) to appear trustworthy and offers rewards as a lure. This scam site should be avoided and closed if ever encountered. Falling
After reviewing this "Urgent Notice - Service Update Required" email, we determined that it is spam. This message urges recipients to update their accounts to ensure uninterrupted access. The purpose of this spam campaign is to lure victims into revealing their email account log-in credentials to
Covert is a remote access Trojan (RAT) developed in Rust and typically delivered via spear‑phishing emails. The RAT can perform various malicious tasks on infected devices, allowing cybercriminals to steal information, upload files, and more. If detected on the system, Covert should be removed as
While investigating dubious websites, our research team discovered this fake "Cupsey" airdrop. It is not associated with the Cupsey token or any other existing projects. The goal of this scam is to lure users into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We
Our team has examined the email and concluded that it contains a fake maintenance notice from the email service provider. It is designed to appear legitimate and urgent to trick recipients into opening the provided link. The ultimate goal of the scammers behind this email is to steal personal info
During our analysis of news-kotuvu[.]cc, we determined that the site is used to trick visitors into enabling its notifications. Sites that obtain notification permission through misleading tactics often send unwanted, annoying notifications. For this reason, users are strongly advised not to allow
While inspecting news-kojeka[.]com, we found that it is designed to lure visitors into agreeing to receive its notifications. Usually, notifications from websites that use deceptive methods to obtain permission to show them include fake alerts, offers, and similar content. It is advisable to avoid