Advertisement
DriveSurge: Hijacking Thousands of Sites for ClickFix, FakeUpdate Malware
DriveSurge, a wide-scale IAB operation, hijacks thousands of trusted websites using a malicious TDS, redirecting users to sites distributing ClickFix and FakeUpdate
DriveSurge Campaigns: Detecting ClickFix and FakeUpdate Overlays
DriveSurge threat actors have hijacked thousands of sites to deploy ClickFix and FakeUpdate overlays, delivering info-stealers via deceptive browser alerts.
CVE-2026-26980: Ghost CMS SQL Injection Leads to ClickFix Attacks
Attackers exploit CVE-2026-26980 in Ghost CMS to compromise 700+ websites, deploying ClickFix malware that tricks users into executing malicious scripts.
CVE-2025-26980: Ghost CMS SQL Injection Exploited in ClickFix Campaign
A critical SQL injection vulnerability in Ghost CMS (CVE-2025-26980) is being exploited to deliver ClickFix malware through malicious JavaScript injections.
ClickFix Attacks Distribute Vidar Stealer: ACSC Warning & Mitigation
The ACSC warns Australian organizations of active ClickFix social engineering attacks deploying Vidar Stealer malware, risking data theft. Learn detection and mitigation.
Sapphire Sleet's ClickFix: North Korea Targets macOS Users
North Korea-backed Sapphire Sleet is deploying ClickFix malware via fake job offers and phony Zoom updates to steal macOS user credentials and data. Learn how to detect
DeepLoad Malware: Analysis of ClickFix Attacks and Mitigation
DeepLoad malware, observed in ClickFix attacks, steals credentials, installs malicious browser extensions, and propagates via USB drives. Learn TTPs and defense
DeepLoad Malware Leverages ClickFix, WMI for Browser Credential Theft
DeepLoad malware leverages ClickFix social engineering and WMI for persistence to steal browser credentials, employing AI-assisted obfuscation for evasion.
macOS Terminal ClickFix Protections: Blocking Malicious Shell Commands
Apple introduces Terminal warnings in macOS Sequoia 15.2 to combat ClickFix social engineering attacks that trick users into executing malicious shell scripts.
Infinity Stealer macOS Malware: Analyzing ClickFix Lures and Payloads
Infinity Stealer targets macOS via ClickFix social engineering. Learn how this Nuitka-compiled malware steals browser data, crypto wallets, and Keychain info.
ClickFix Social Engineering Drops Infiniti Stealer on macOS
Attackers use fake Cloudflare CAPTCHA pages and ClickFix tactics to deliver the Python-based Infiniti Stealer to macOS systems via terminal commands.
ClickFix Social Engineering Clusters Target Windows and macOS Systems
Insikt Group identifies five ClickFix clusters using obfuscated commands to exploit native system tools via fake browser error overlays on Windows and macOS.