News
-
Fake 7-Zip and WireVPN Installers Can Add Proxyware
Infoblox says a proxyware actor it tracks as Lurking Lizard used fake software installers and lookalike domains to turn victim…
Read More » -
SCMBANKER Uses Fake CAPTCHA Pages to Hijack Bank Transfers
Elastic Security Labs says REF6045 uses fake CAPTCHA pages to push SCMBANKER, a PowerShell toolkit that can watch banking sessions…
Read More » -
Fake CAPTCHA Pages Use JokerStat and Blockchain C2
Palo Alto Networks Unit 42 published a July 2, 2026 threat-intel note on an active ClickFix campaign that hides behind…
Read More » -
Verified X Ad Pushes Fake DynamicLake Mac Stealer
A verified X sponsored ad impersonated DynamicLake and sent Mac users to a lookalike site that pushed Terminal commands for…
Read More » -
Fake Google and Cloudflare Checks Push ResiLoader and Stealers
Fake human-verification pages are again being used as a malware delivery shortcut, but the newest campaign has a few concrete…
Read More » -
Clipboard-Stealing Browser Extensions Can Swap Wallet Addresses
Two fresh reports show why browser extensions deserve the same suspicion as unknown desktop apps. McAfee Labs described a campaign…
Read More » -
StegoAd Edge Extensions Hid Malware in Images and Fonts
Microsoft removed 119 Edge extensions tied to StegoAd, a campaign that hid malware in image and font files. Here is…
Read More » -
Fake Brand Extensions Push .shop Lures and Notification Permissions
Palo Alto Networks Unit 42 published a June 24, 2026 threat-intelligence note about 18 browser extensions that impersonated consumer brands…
Read More » -
Fake Node.js Ads Deliver OXLOADER and CastleStealer
Elastic Security Labs published a June 19, 2026 report on OXLOADER, a Windows loader delivered through malicious Google Ads that…
Read More » -
SocGholish Fake Browser Update Network Disrupted in Operation Endgame
International law enforcement and private-sector partners announced on June 18, 2026 that they disrupted part of the SocGholish malware network,…
Read More »