• Stronger detection: brand names disguised with look-alike characters are now also caught when combined with phishing words (paypa1-login.com), and on free hosting platforms (secure-paypal.vercel.app).
• New: addresses that mix letters from different alphabets (e.g. Latin + Cyrillic) are flagged even for sites not on the list.
• Catches server-side redirects to look-alike sites more reliably.
• Fewer false alarms on legitimate international domains (mañana.com, café.fr).

• Accurate domain handling worldwide: PatchPulse now embeds the full Public Suffix List, so sites on endings like .co.za, .com.tr or .co.kr are protected correctly — including the ones you add yourself.
• Deceptive-character detection expanded (Cyrillic, Greek, Armenian, dotless ı), and brand look-alikes are now caught on any domain ending (paypa1.co.za).
• New welcome page on install: add your own bank and services right away.
• The popup now shows the latest blocked threats, with reason and date. Everything stays local — no data ever leaves your browser.

• The warning page now highlights exactly which letters make the address deceptive, shows the extension version, and includes a "report a false alarm" link that pre-fills an email — nothing is ever sent automatically.
• Much smarter detection of scam wording: ~140 phishing words in English and Italian (refund, tracking, premium, gift card, rimborso, spedizione, conto...) combined with brand names, plus brand detection on abuse-prone domain endings (fortnite-skins.tk).
• PosteItaliane.it added to the protected list (173 domains) and fewer false alarms on real brand products like AppleCare, Apple TV, Microsoft Rewards and Zoho Mail.

• PostePay, Google Pay, Google Play, Amazon Pay and Apple Pay are now fully protected domains: look-alikes and combinations such as postepay-login.com are detected — 172 domains protected out of the box.
• Existing custom lists are kept: the new defaults are merged in automatically, and sites you add yourself get the exact same protection as the built-in ones.

• Fixed false alarms on legitimate sites: mail.com, postepay.it, googlepay.com, amazonpay.com, applepay.com.
• 8 new protected domains requested by users, including Hotmail, Minecraft, Mojang, Fortnite and Steam Community — 167 domains protected out of the box.
• Existing custom lists are kept: new defaults are merged in automatically.

• Protected list expanded from 18 to 158 well-known domains (banks, payments, email, crypto, shopping, shipping, institutions). If you already customised your list, your domains are kept — the new defaults are simply merged in.
• New detections: brand + phishing words (paypal-login.com), brand used as a sub-domain (paypal.secure-verify.ru), official names on abuse-prone domain endings (paypal.tk, paypal.co), hyphen tricks (pay-pal.com, paypal.com-secure.ru) and swapped-letter typos (googel.com).
• Fewer false alarms: country versions of official sites (e.g. amazon.de) are no longer flagged, and the list of known legitimate look-alikes has grown.