There is a live Google search #malvertising campaign targeting #KeePass users. The malicious domain name uses Punycode to trick victims.
Clever malvertising attack uses Punycode to look like KeePass's official website
Threat actors are doubling down on brand impersonation by using lookalike domain names./blog/authors/jeromesegura (Malwarebytes)