Our analysis has revealed that growthzonelabs[.]com is designed to trick visitors into allowing browser notifications. The site uses a fake CAPTCHA as a lure. Once permitted, it can deliver fake security warnings and other misleading alerts that expose users to various online threats. Grow
While investigating suspicious websites, our research team identified sessionactivex[.]com as a rogue page that tricks visitors into granting browser notification permissions. It uses a fake CAPTCHA prompt as the lure. Once permission is granted, the site delivers fake security alerts and other mi
Mirax RAT is a Remote Access Trojan targeting Android devices. First analyzed by the Cleafy Threat Intelligence Team in March 2026, it primarily focuses on Spanish-speaking users and is designed to spy on victims, steal sensitive data, and silently route internet traffic through infected phones.
Beagle is a backdoor - a type of malware that gives attackers a hidden, persistent channel into an infected computer. According to research by Sophos X-Ops, it was distributed through a fake website designed to impersonate the legitimate Claude AI platform. Visitors were tricked into downloading
We have examined this email and determined it to be a scam. The message falsely claims the recipient has been selected to receive a large charitable donation from a famous person's foundation. It is a classic advance-fee fraud designed to extract money and personal information from unsuspecting re
We have examined this email and determined it is a phishing scam. Disguised as a security notice from corporate IT, the message falsely claims the recipient's password has expired and urges them to click a "Review" link. That link leads to a fake login page designed to steal email credentials. Thi
QUIC RAT is a Remote Access Trojan (RAT) that lets attackers secretly control infected Windows computers. Kaspersky researchers documented its use during a supply chain attack on Daemon Tools, a widely used Windows disc-imaging utility, in which trojanized installers signed with valid certificates
CallPhantom is a cluster of fraudulent Android applications distributed through the official Google Play Store. These apps falsely promised to retrieve call logs, SMS records, and WhatsApp history for any phone number. According to ESET researchers, the 28 apps in this campaign amassed over 7.3 mi
After inspecting this email, we determined that it is a phishing scam. The message is disguised as a business invitation to review a Request for Quotation (RFQ), but its real purpose is to send recipients to a fake email login page that steals account credentials. The email should be ignored to av
Our researchers investigated Search Control for Chrome and found it to be a browser hijacker. This extension changes the browser's default search engine to search.capredirectapp.com - a fake search engine that cannot generate its own results. Users who have Search Control for Chrome installed are