TL;DR - Brave.com got spoofed and pushed malware through downloads using IDN Punycode exploitation.
Here is a demonstration (safe to click): https://www.аррӏе.com/
This issue affects Firefox only as it remains the only browser without a fix (by default).
Here's how to fix it:
In the Firefox address bar, type:
Find the following and toggle it to "TRUE"
You're done! You should be able to see the raw url now instead of the masked one in the address bar and also in the bottom left of the browser page while hovering on it.
@marcusquinn I think it was you who recommended Vivaldi on here so I had it replace Chrome for anything Google related. The cool thing is that the punycode site doesn't even load in Vivaldi! Thanks for the recommendation!