Comment by algorithmsRcool
6 months ago
Did anyone else's antivirus complain about an exploit on this page?
---EDIT---
I'm about 98% sure this blog has a browser hijack embedded in it targeted at windows+MSEDGE browsers that attempted to launch a malicious powershell script to covertly screen record the target machine
That's a major claim. The only thing different in this blog post from my others is that I've embedded an executable python notebook in an iframe. It's a marimo notebook that runs code using WASM in your browser. That project is open source too, with no exploit as far as I know.
The code for my blog is here : https://github.com/RohanGautam/rohangautam.github.io
If you could point to anything specific to support that claim, would be nice.
I would be happy to be wrong on this one. But I've gotten two pretty convincing threat notifications when visiting the page from the Sentinel One antivirus platform saying that my msedge process had been compromised by a known exploit.
I'll try to get more details.
I should note, I do not believe the site is malicious, but i am worried about 3rd party compromise of the site without the owner's knowledge
I see, that's strange. Yeah, feel free to share the details/logs with me - you can open an issue on my blog's repo with the relevant details and system info.
However, I'm still suspecting it's something specific to your antivirus not knowing what to do with WASM code(which is used on this page). I found something similar on Reddit: https://www.reddit.com/r/eaglercraft/s/heVtPy60lG. I wonder if that's the issue.
You should not be using antivirus browser plugins anyway.
This was not from a browser plugin, this was from my system antivirus