The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
Dark Reading

'Lorem Ipsum' Malware Pivots to ClickFix Delivery

New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...
Forbes

Do Not Download These Windows Security Updates, Experts Warn

ClickFix attack employs fake Windows security udpates. Updated November 27 with another Windows update warning, along with threat intelligence from the Acronis Threat Research Unit regarding the use ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
TechRadar

Devious new ClickFix malware variant targets macOS, Android, and iOS using browser-based redirections

Security researchers found ClickFix attacks evolving to target other operating systems On Android and iOS, the attack is particularly worrisome, as it transforms into a drive-by attack The malware is ...
CSO Online

Attackers abuse Google Ads, GitLab, and Claude to deliver malware

Researchers tracked a seven-week campaign that leveraged trusted platforms and AI-generated trust to trick users into ...
Dark Reading

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward

ClickFix campaigns are gaining steam according to various security researchers, with recent campaigns spotted across the globe from a wide swath of cyberattackers. The increasingly popular tactic ...
Money.ca on MSN

Scammers are hijacking the ‘I’m not a robot’ check to steal your money. Here’s what Canadians must never do online

A routine security step has become a doorway for cybercriminals. Here’s how the fake-CAPTCHA scam works, why it catches ...
CSOonline

ClickFix finds a backup plan in PySoxy proxy chains

ReliaQuest observed attackers pairing ClickFix with the PySoxy proxy tool to establish redundant encrypted access paths and persistence on compromised systems. ClickFix, a one-shot social engineering ...