Lucene search
K

18 matches found

Malwarebytes
Malwarebytes
added 2026/03/26 1:0 p.m.8 views

GlassWorm attack installs fake browser extension for surveillance

GlassWorm hides inside developer tools. Once it's in, it steals data, installs remote access malware, and even a fake browser extension to monitor activity. While it starts with developers, the impact can quickly spread. With stolen credentials, access tokens, and compromised tools, attackers can...

6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.10 views

PT-2026-25997

Summary The plugin/LiveLinks/proxy.php endpoint validates user-supplied URLs against internal/private networks using isSSRFSafeURL, but only checks the initial URL. When the initial URL responds with an HTTP redirect Location header, the redirect target is fetched via fakeBrowser without...

8.6CVSS6AI score0.00453EPSS
Exploits1References9
HackRead
HackRead
added 2025/12/17 3:10 p.m.7 views

New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware

Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can stay safe...

7AI score
Exploits0
HackRead
HackRead
added 2025/12/03 5:34 p.m.4 views

Fake ChatGPT Atlas Browser Used in ClickFix Attack to Steal Passwords

Cybersecurity researchers have uncovered a critical ChatGPT Atlas browser attack, confirming the danger of the ongoing surge in the ClickFix threat...

7AI score
Exploits0
HackRead
HackRead
added 2025/02/20 6:17 p.m.9 views

New FrigidStealer Malware Infects macOS via Fake Browser Updates

Fake browser update scams now target Mac, Windows, and Android users, delivering malware like FrigidStealer, Lumma Stealer, and…...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2024/11/07 11:0 a.m.20 views

Unwrapping the emerging Interlock ransomware attack

Cisco Talos Incident Response Talos IR recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. Our analysis uncovered that the attacker used multiple components in the delivery chain including a Remote Access Tool RAT...

7.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/10 4:25 p.m.4 views

Malicious code in jupihelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7bb124c218cd3a0340ff934eafc0d4c9cbf322b2428d8a868ed28703aeb38426 Once run, downloads and install from sleipnirbrowser.org a suspicious executable pretending to be a webbrowser. This website appears to be a scam using some ki...

6.9AI score
Exploits0References4
hivepro
hivepro
added 2024/06/20 11:0 p.m.5 views

BadSpace Backdoor Infiltrates via Fake Browser Updates

...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/17 6:28 a.m.39 views

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control C2 server, in some cases a fake browser...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/03 3:51 a.m.12 views

Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware

Fake web browser updates are being used to deliver remote access trojans RATs and information stealer malware such as BitRAT and Lumma Stealer aka LummaC2. "Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware,"...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/26 10:42 a.m.49 views

New 'Brokewell' Android Malware Spread Through Fake Browser Updates

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/21 5:16 p.m.23 views

Atomic Stealer distributed to Mac users via fake browser updates

Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious ads were tricking victims into downloading this piece of malware under the disguise of a popular application. In an interesting new development, AMOS is now being delivered to Mac...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/09/06 7:52 a.m.56 views

New IDAT Loader Unleashes Infostealers in Fake Browser Update Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In a recent malware campaign, threat actors utilized a new IDAT Loader to distribute a range of malicious software, including InfoStealers and RATs, employing evasion methods. This loader is packaged...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/08/31 9:44 p.m.52 views

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Technical Analysis by: Thomas Elkins, Natalie Zargarov Contributions: Evan McCann, Tyler McGraw Recently, Rapid7 observed the Fake Browser Update lure tricking users into executing malicious binaries. While analyzing the dropped binaries, Rapid7 determined a new loader is utilized in order to...

8.3AI score
Exploits0
Trellix
Trellix
added 2023/08/10 12:0 a.m.21 views

Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT

Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT By Jonell Baltazar and Antonio Ribeiro · August 10, 2023 Trellix detected an ongoing campaign using fake Chrome browser updates to lure victims to install a remote administration software tool called NetSupport Manager...

7AI score
Exploits0
Trellix
Trellix
added 2023/08/10 12:0 a.m.17 views

Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT

Exploring New Techniques of Fake Browser Updates Leading to NetSupport RAT By Jonell Baltazar · August 10, 2023 This blog was also written by Antonio Ribeiro Trellix detected an ongoing campaign using fake Chrome browser updates to lure victims to install a remote administration software tool...

7AI score
Exploits0
FireEye
FireEye
added 2019/10/01 12:0 a.m.17 views

Head Fake: Tackling Disruptive Ransomware Attacks

Within the past several months, FireEye has observed financially-motivated threat actors employ tactics that focus on disrupting business processes by deploying ransomware in mass throughout a victim’s environment. Understanding that normal business processes are critical to organizational succes...

7.6AI score
Exploits0References7
Malwarebytes
Malwarebytes
added 2018/10/12 3:0 p.m.603 views

Fake browser update seeks to compromise more MikroTik routers

This blog post was authored by @hasherezade and Jérôme Segura. MikroTik, a Latvian company that makes routers and ISP wireless systems, has been dealing with several vulnerabilities affecting its products' operating system over the past few months. Ever since a critical flaw in RouterOS was...

5CVSS9.4AI score0.96087EPSS
Exploits23
Rows per page
Query Builder