News

State-sponsored hackers embrace ClickFix social engineering tactic
ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced ...
Interlock ransomware gang pushes fake IT tools in ClickFix attacks
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy ...
State-sponsored actors spotted using ClickFix hacking tool developed by criminals
Iranians, Russians, and North Koreans have been observed trying to trick their targets into running shady commands on their ...
The Hacker News3d
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
ClickFix malware tactic used by Iran, Russia, and North Korea from Nov 2024–Feb 2025 replaces payload delivery in major ...
SecurityWeek5d
Microsoft Warns of Node.js Abuse for Malware Delivery
The open source cross-platform runtime environment Node.js is popular among developers, allowing them to execute JavaScript ...
it-daily.net10d
ClickFix strikes again – The return of an insidious key combination
Despite its age, the ClickFix method remains a popular tool in the arsenal of cybercriminals. Security researchers from ...
The Hacker News13d
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More
This week, we trace how simple oversights turn into major breaches — and the silent threats most companies still ...
it-daily.net14d
Warning about ClickFix social engineering campaign
The following tips are intended to help those responsible for security to recognize and rectify the problem: ...
Hosted on MSN17d
Watch out! Don’t fall victim to these fake CAPTCHA scams on the web
That’s why you should be extra suspicious of any CAPTCHA request that asks you to do anything unusual. These types of attacks are called ClickFix CAPTCHA attacks because they use social engineering to ...
SecurityWeek19d
Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks
North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The North Korea-linked APT tracked as Lazarus has been ...