A newly discovered InstallFix campaign relies on malicious commands on cloned installation webpages to trick victims into installing malware.

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

Quick and efficient command-line alternatives to everyday GUI tasks.

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news. Regardless, they agree that infosec leaders need to educate employees about ...

LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.

A significant shift in attack methodology, moving away from conventional techniques to leverage legitimate system tools.

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.