Fake Browser Updates Used in Malware Distribution

Proofpoint cybersecurity researchers have identified a growing trend of malware dissemination via fake browser update notifications. At least four distinct threat clusters utilise this tactic, including TA569, which has been delivering SocGholish malware using this method for over five years. The rogue updates infiltrate websites using JavaScript or HTML-injected code, directing traffic to malicious domains and bypassing security awareness training.