> I'm running a browser in a VM... What malware?
Your faith in the security of VM sandboxes is misplaced.
It is trivial to write a program which can detect if it is in a VM. And then, attack the hypervisor and escape the protected environment. As virtualization has become more common, such malware has gone from academic exercises to real-world exploits.
My favorite line:
Finally, the most interesting attack that malicious code can perform against a virtual machine emulator is to escape from its protected environment.
With virtualization becoming more and more common