All CosmicBytez Labs articles tagged #ClickFix, across news, security advisories, how-to guides, and projects.
Group-IB researchers discovered ClickLock, a new macOS infostealer distributed via ClickFix lures that terminates all visible system processes in a loop until the victim surrenders their login password — with zero AV detections at discovery.
Group-IB researchers discovered ClickLock, a macOS infostealer that uses ClickFix social engineering to install a kill loop firing pkill every 210ms — trapping victims into surrendering their system password to restore their desktop.
A new banking fraud campaign tracked as REF6045 is deploying SCMBANKER malware through fake CAPTCHA ClickFix lures to steal credentials from customers of...
DragonForce hides C2 inside Microsoft Teams relay traffic; a SearchLeak attack weaponizes M365 Copilot for one-click data exfiltration; iRhythm confirms...
New analysis reveals the 'Lorem Ipsum' malware campaign has adopted ClickFix social engineering as its primary delivery mechanism, leveraging compromised...
The Axios HTTP client post-mortem reveals North Korean threat actors used a ClickFix-style fake Microsoft Teams error message to socially engineer a...
Researchers have identified DeepLoad, a previously undocumented malware loader that combines ClickFix social engineering with WMI-based persistence to...
A newly observed ClickFix campaign impersonates Cloudflare's CAPTCHA verification pages to deliver the Python-based Infiniti Stealer to macOS users via a...
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka...
The LeakNet ransomware gang is using ClickFix social engineering for initial access and a Deno-based malware loader to execute fileless payloads from...
Microsoft-tracked threat actor Velvet Tempest is deploying Termite ransomware via a ClickFix social-engineering chain that loads DonutLoader and installs...
Learn how to detect and prevent ClickFix social engineering attacks using EDR rules, network monitoring, YARA signatures, and endpoint hardening. Covers...
New IT offboarding checklist, endpoint security baseline, BGP monitoring guide, ClickFix detection guide, plus AI-powered attacks on FortiGate devices, a...
Microsoft discloses a new ClickFix variant that uses DNS nslookup commands to retrieve and execute malicious PowerShell payloads, marking the first known...
Threat actors are abusing publicly shared Claude AI artifacts and Google Ads to deliver the MacSync infostealer to macOS users through ClickFix social...
A sophisticated phishing campaign dubbed PHALT#BLYX is targeting European hospitality organizations with fake Booking.com cancellation emails that display...
North Korean threat actors are running sophisticated campaigns using AI-generated deepfake videos and the ClickFix social engineering technique to target...
UNC1069, a North Korean APT group, deployed a sophisticated ClickFix scam using a fake Zoom meeting to target a cryptocurrency executive in a social...