ClickFix social engineering

From The Hacker News – ⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day. Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week,

shaikh Saqib April 7, 2025

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: April 4, 2025

In brief: New Ivanti zero-day exploited by Chinese hackers, police shut down the Kidflix CSAM platform, and more. Read More

Samir K April 4, 2025

News

From The Hacker News – Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by

shaikh Saqib April 3, 2025

News

From Cyber Security News – Hackers Employ New ClickFix Captcha Technique to Deliver Ransomware

A sophisticated social engineering technique known as ClickFix has emerged, leveraging fake CAPTCHA verification processes to deceive users into executing malicious commands. This method exploits the trust users have in…

shaikh Saqib March 30, 2025

News

From Security Week – 100 Car Dealerships Hit by Supply Chain Attack

[[{"value":"The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise. The post 100 Car Dealerships Hit by Supply Chain Attack appeared first…

shaikh Saqib March 17, 2025

News

From Dark Reading – Threat Actor Impersonates Booking.com in Phishing Scheme

Microsoft detailed a sophisticated campaign that relies on a social engineering technique, "ClickFix," in which a phisher uses security verification like captcha to give the target a false sense of…

shaikh Saqib March 15, 2025

News

From Security Week – Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

[[{"value":"A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering. The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared…

shaikh Saqib March 13, 2025

News

From Cyber Security News – Beware of Fake CAPTCHA Prompts That May Silently Install LummaStealer on Your Device

Cybersecurity researchers at G DATA have uncovered a sophisticated malware campaign using fake CAPTCHA prompts to deliver LummaStealer, a dangerous information-stealing malware. This emerging threat, first discovered in January 2025,…

shaikh Saqib March 7, 2025