PRNG is only pseudo-random and doesn't use any 'real' source of entropy;
It does use "real" source of entropy, or to formulate more properly: It does use events happening outside the machine, such as environmental noises:
The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The generator also keeps an estimate of the number of bits of noise in the entropy pool. From this entropy pool random numbers are created.
Sure, they're well researched and gradually improved in decades of research, but they remain 'pseudo'-random.
Does this make them more susceptible to a brute-force attack? I'm trying to understand what's the weakness of pseudo-randomness, but I feel like beating a dead horse.