VVS is a Python‑based information‑stealing malware. It primarily targets Discord data and information saved in web browsers. The VVS stealer utilizes PyArmor to obfuscate its code, making analysis more difficult and enabling it to evade detection by security tools. If VVS is noticed on a devic
We have reviewed cikadron.co[.]in and determined that it uses a deceptive tactic to get users to enable browser notifications. Once accepted, these notifications can be used to promote potentially malicious content. Thus, users are strongly advised to avoid granting notification permissions to cik
Our team has inspected the website (claim-lobster[.]xyz) and determined that it is a cryptocurrency scam. The site offers visitors free tokens (to participate in a crypto airdrop) as a lure. However, victims would never receive any tokens and may have their wallets emptied. Thus, this page should
We have analysed the website (claim-fish[.]xyz) and discovered that it promotes a fraudulent airdrop. The site imitates the original rainbowfish platform (rainbowfish.vip) to trick visitors into interacting with it. The goal is to steal cryptocurrency from unsuspecting individuals. IMPORTANT
Our research shows that timesearches.com is a fake search engine. It is distributed through the Time Search browser extension, which is a browser hijacker. Typically, browser hijacking involves changing browser settings. Using timesearches.com can lead to redirects to potentially harmful pages, so
The WebWebWeb.com browser hijacker infiltrates Internet browsers (Google Chrome and Mozilla Firefox) through free software downloads. At time of testing, this website was promoted via an application called 'video downloader professional'. Developers of this browser settings-changing adware (LINK6
We have reviewed the email and determined that it is a phishing message disguised as a security notification from American Express. It is created to appear urgent and important to trick recipients into opening a fake website and entering personal information. This and similar scams should be ignor
Search1.me is the address of a fake search engine. Typically, such web searchers are promoted by PUAs (Potentially Unwanted Applications) classified as browser hijackers. Search1.me has been observed being pushed by the Better Search browser hijacker. Browser hijackers promote fraudulent w
While investigating dubious websites, our researchers discovered the "Android Has Detected A Wiretap On Your Phone" scam. It claims that the user's smartphone has been wiretapped. Typically, scams of this kind aim to trick users into downloading/installing or purchasing (likely suspicious/harmful)
PC App Store is a legitimate application that allows easy access to various software vendors. However, while this is a genuine piece of software – there are no guarantees that the content advertised through it will not have undesirable features, such as data tracking. Furthermore, PC App Store
In late 2025 and early 2026, Trust Wallet confirmed that its Chrome browser extension played a central role in a devastating series of supply chain attacks. Trust Wallet is one of the world's most widely used noncustodial cryptocurrency wallets. These attacks were tied to Shai-Hulud, a sophisticated
In December 2025, cybersecurity researchers observed a significant increase in the RansomHouse ransomware-as-a-service (RaaS) toolset. This signals a concerning trend in adversary capabilities. RansomHouse operators enhanced their encryption engine with a new variant called "Mario." It replaced an
A new account takeover method called GhostPairing is now targeting WhatsApp. This exploitation doesn't use stolen passwords, SIM swapping, or zero-day vulnerabilities; instead, it manipulates WhatsApp's device linking feature through advanced social engineering, covertly granting attackers persisten
In early December 2025, the cybersecurity community was rocked by the public disclosure of a critical, easily exploitable vulnerability in React Server Components (RSC). RSC is the backbone of many modern web applications. Assigned CVE-2025-55182, and quickly nicknamed React2Shell, this vulnerabilit
Over the past year, security researchers have spotlighted a growing menace in the ransomware ecosystem: a packer-as-a-service known as Shanya. The rise of Shanya shows how modern attackers outsource core workflow parts. They now rely on services for obfuscation and endpoint detection and response (E
Combo Cleaner is an all-in-one solution developed by RCS LT, the company behind PCrisk.com. Making a powerful entrance as a comprehensive antivirus and system optimization solution, it's here to shield you from various threats on Windows, macOS, Android, and iOS.
For VPNs, NordVPN stands out as a top contender. Its global reputation is partly due to its speed, security, and ability to unblock streaming services. We put this to the test, performing a comprehensive hands-on evaluation across different platforms to see how well it works.
ExpressVPN is a well-known premium VPN service with a strong reputation for security, speed, and reliability. Founded in 2009 and headquartered in the British Virgin Islands, it has long been a top choice for users seeking online privacy and the ability to bypass internet restrictions.
Proton VPN is a popular VPN service developed by the Swiss company Proton AG (the team behind ProtonMail). It's known for its strong focus on privacy, offering advanced security features and an unlimited free plan - something rare among VPNs.
Surfshark launched in 2018 and quickly grew into a popular VPN choice known for its unlimited device policy and budget-friendly pricing. In recent years, Surfshark has expanded beyond a basic VPN into a comprehensive security suite.