top | item 44224976

(no title)

Did anyone else's antivirus complain about an exploit on this page?

---EDIT---

I'm about 98% sure this blog has a browser hijack embedded in it targeted at windows+MSEDGE browsers that attempted to launch a malicious powershell script to covertly screen record the target machine

discuss

beansbeansbeans|8 months ago

That's a major claim. The only thing different in this blog post from my others is that I've embedded an executable python notebook in an iframe. It's a marimo notebook that runs code using WASM in your browser. That project is open source too, with no exploit as far as I know.

The code for my blog is here : https://github.com/RohanGautam/rohangautam.github.io

If you could point to anything specific to support that claim, would be nice.

algorithmsRcool|8 months ago

I would be happy to be wrong on this one. But I've gotten two pretty convincing threat notifications when visiting the page from the Sentinel One antivirus platform saying that my msedge process had been compromised by a known exploit.

I'll try to get more details.

I should note, I do not believe the site is malicious, but i am worried about 3rd party compromise of the site without the owner's knowledge

BLanen|8 months ago

You should not be using antivirus browser plugins anyway.

algorithmsRcool|8 months ago

This was not from a browser plugin, this was from my system antivirus