Labs

Guardio Labs

Where research meets innovation: Uncovering threats first to protect everyone online.
Featured in Top Security and News Outlets
April 9, 2025
20
min read

VibeScamming — From Prompt to Phish: Benchmarking Popular AI Agents’ Resistance to the Dark Side

Learn More
-->
December 16, 2024
17
min read

“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising

Learn More
-->
October 30, 2024
14
min read

“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack

Learn More
-->
July 29, 2024
17
min read

“EchoSpoofing” — A Massive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed Emails

Learn More
-->
March 27, 2024
10
min read

“CVE-2024-21388” – Microsoft Edge’s Marketing API Exploited for Covert Extension Installation

Learn More
-->
February 26, 2024
14
min read

“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails

Learn More
-->
January 29, 2024
15
min read

“Scammers Paradise” — Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing Operations

Learn More
-->
January 15, 2024
13
min read

“MyFlaw” — Cross Platform 0-Day RCE Vulnerability Discovered in Opera’s Browser

Learn More
-->
October 13, 2023
9
min read

“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts

Learn More
-->
September 10, 2023
10
min read

“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts

Learn More
-->
August 2, 2023
10
min read

“PhishForce” — Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing Facebook Accounts In-The-Wild

Learn More
-->
April 26, 2023
11
min read

“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer Campaign

Learn More
-->
March 22, 2023
7
min read

“FakeGPT” #2: Open-Source Turned Malicious in Another Variant of the Facebook Account-Stealer Chrome Extension

Learn More
-->
March 8, 2023
8
min read

“FakeGPT”: New Variant of Fake-ChatGPT Chrome Extension Stealing Facebook Ad Accounts with Thousands of Daily Installs

Learn More
-->
January 27, 2023
12
min read

“StreamJacking” – Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams

Learn More
-->
December 28, 2022
9
min read

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets

Learn More
-->
November 23, 2022
8
min read

XSS Vulnerability Found in ConnectWise Remote Access Platform With Great Potential For Misuse by Scammers

Learn More
-->
October 23, 2022
10
min read

“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed

Learn More
-->
October 3, 2022
8
min read

ZipB — The All You Can Infect Buffet

Learn More
-->
September 22, 2022
10
min read

ISOTonic Part 2: The Army of Bots

Learn More
-->
September 22, 2022
10
min read

ISOTonic Part 1: Malvertising at its Best (Worst!)

Learn More
-->
August 31, 2022
8
min read

BadEx Part I: The Dynamic Search Hijackers

Learn More
-->
July 6, 2022
13
min read

Oh RATs! - How Guardio found a way to detect the nastiest of scams

Learn More
-->
March 1, 2022
7
min read

How to lose all your money in the Metaverse (before even getting started)

Learn More
-->
March 1, 2022
5
min read

Critical Vulnerability Discovered in Evernote’s Chrome Extension

Learn More
-->