PRNG is only pseudo-random and doesn't use any 'real' source of entropy;
It does use "real" source of entropy, or to formulate more properly: It does use events happening outside the machine, such as environmental noises:
The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The generator also keeps an estimate of the number of bits of noise in the entropy pool. From this entropy pool random numbers are created.
That's interesting; I suppose though that the quality of randomness (entropy) will vary by the type of device in question. Some may have more 'sensors' or other ways to acquire external noise. It should also be kept in mind that a big challenge of hardware entropy is digitizing an analog entropy source without 'moulding' it in a certain way that introduces a bias, which would detrimentally affect the entropy.
Sure, they're well researched and gradually improved in decades of research, but they remain 'pseudo'-random.
Does this make them more susceptible to a brute-force attack? I'm trying to understand what's the weakness of pseudo-randomness, but I feel like beating a dead horse.
To be honest, I don't think a state-of-the-art PRNG (especially if it does use external sources of entropy as you described) will be
realistically easier to attack. Even though it might be off by magnitudes from a true randomness source, today's software randomness is usually
good enough for all practical scenarios.