Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...

Hack Your Own Password — Windows Users Urged To Take Action Now

Windows users can protect themselves from falling victim to ongoing “hack your own password” attacks by doing these three ...

Shut Down And Restart—New Microsoft Attack Beats Passwords, 2FA And Passkeys

Check Point explains that this new technique “tricks people into giving attackers access to their Microsoft accounts. The ...
Computer Weekly

ClickFix attacks that bypass cyber controls on the rise

So-called ClickFix or ClearFake attacks that bypass security controls and use unwitting victims to execute a cyber attack of their own accord are surging at the end of 2025, even outpacing phishing or ...
Yahoo

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

The ClickFix attack technique has gotten so popular that even state-sponsored threat actors are using it, research from Proofpoint claims, having observed at least three groups leveraging the method ...

New MacSync malware dropper evades macOS Gatekeeper checks

The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application.

This Windows update pop-up is a scam

ClickFix is a social engineering ploy that uses tactics like fake error messages, CAPTCHA forms, and command prompts to ...

Beware of the ‘ClickFix’ scam: Hackers trick Mac users to download infostealer tools

Hackers have launched a new malware campaign that uses paid Google search ads and shared conversations on the official ...
CSO Online

Meet ConsentFix, a new twist on the ClickFix phishing attack

What’s new in a ConsentFix attack is that the attack happens entirely inside a browser, say the researchers, which removes one of the key detection opportunities because the attack doesn’t touch an ...