ClickFix Archives • Daily CyberSecurity

DriveSurge Threat Cluster Exploits Thousands of Websites Globally DriveSurge threat cluster Traffic Distribution System

DriveSurge Threat Cluster Exploits Thousands of Websites Globally

Do Son June 4, 2026

A sophisticated digital campaign is currently compromising thousands of web ecosystems across the internet. Specifically, defensive intelligence...

Global Ghost CMS Poisoning Campaign Exploits Enterprise Blogs

Do Son May 27, 2026

Security researchers have discovered a massive cyber assault infecting hundreds of web servers worldwide. Specifically, a newly...

New “ClickFix” Campaign Bypasses Gatekeeper to Hijack macOS Devices macOS ClickFix Campaign Terminal Infostealer

New “ClickFix” Campaign Bypasses Gatekeeper to Hijack macOS Devices

Do Son May 9, 2026

For years, macOS users have relied on community forums, Medium articles, and tech blogs to solve everyday...

The InstallFix Trap: Fake Claude AI Google Ads Drop Fileless RedLine Malware on Developers InstallFix Malware Claude AI Phishing

The InstallFix Trap: Fake Claude AI Google Ads Drop Fileless RedLine Malware on Developers

Do Son May 8, 2026

A sophisticated new campaign, dubbed InstallFix, is currently targeting professionals searching for Anthropic’s Claude AI tools. By...

Inside BlueNoroff’s “Self-Reinforcing” Deepfake Meeting Trap BlueNoroff Deepfakes Crypto Deepfake Phishing

Inside BlueNoroff’s “Self-Reinforcing” Deepfake Meeting Trap

Do Son April 28, 2026

Cybersecurity researchers at Arctic Wolf have uncovered a sophisticated, globally distributed campaign by the North Korean state-sponsored...

Inside the Stealthy Evolution of Vidar Infostealer Vidar Infostealer Stealth Attack Framework

Inside the Stealthy Evolution of Vidar Infostealer

Do Son April 28, 2026

Vidar, once a straightforward credential stealer, has officially completed its transformation into a “multi-stage, stealth-driven attack framework”....

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords ClickFix macOS Terminal Infostealer

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords

Do Son April 23, 2026

A sophisticated cross-platform social engineering campaign, dubbed ClickFix, has evolved to target macOS users with a relentless...

AI Hype Hijacked: How a Fake Claude Installer Blinds Windows Security Claude AI Phishing MSIX Malware

AI Hype Hijacked: How a Fake Claude Installer Blinds Windows Security

Do Son April 21, 2026

According to a new technical analysis from Rapid7, a sophisticated ClickFix campaign has been discovered masquerading as...

North Korea’s UNC1069 Uses Fake Video Calls to Hijack Crypto UNC1069 Fake Meetings ClickFix Malware

North Korea’s UNC1069 Uses Fake Video Calls to Hijack Crypto

Do Son April 19, 2026

In a sophisticated escalation of cyber-enabled financial theft, security researchers from Validin have unmasked a sprawling campaign...

The Script Editor Shift: How ClickFix Evades macOS 26.4 Security to Deliver Atomic Stealer ClickFix macOS Script Editor Attack

The Script Editor Shift: How ClickFix Evades macOS 26.4 Security to Deliver Atomic Stealer

Do Son April 13, 2026

In the ever-evolving game of digital cat-and-mouse, Jamf Threat Labs has identified a clever adaptation of the...

New ClickFix Campaign Unveiled: Modular NodeJS Malware Targets Windows Users Node.js Infostealer ClickFix Campaign

New ClickFix Campaign Unveiled: Modular NodeJS Malware Targets Windows Users

Do Son April 10, 2026

Netskope Threat Labs has uncovered a sophisticated new ClickFix campaign targeting Windows users with a high-quality, custom-built...

Venom Stealer Bypasses Chrome and “Auto-Cracks” Tonkeeper Wallets Venom Stealer Crypto Drainer MaaS

Venom Stealer Bypasses Chrome and “Auto-Cracks” Tonkeeper Wallets

Do Son April 8, 2026

A new Malware-as-a-Service (MaaS) platform is making waves in the cybercrime underground, promising operators an automated pipeline...

Takedown-Proof: Inside the Ethereum-Powered “EtherRAT” and North Korea’s New Blockchain Backdoor

Do Son April 1, 2026

In a sophisticated blend of social engineering and decentralized technology, eSentire’s Threat Response Unit (TRU) recently detected...

ClickFix: The High-ROI “Living-off-the-Land” Trap Sweeping Windows and macOS ClickFix Social Engineering Living-off-the-Land (LotL) Attacks

ClickFix: The High-ROI “Living-off-the-Land” Trap Sweeping Windows and macOS

Do Son March 30, 2026

A sophisticated social engineering technique known as ClickFix has transitioned from a niche tactic into a standardized,...

The Claude Code Trap: Bitdefender Unmasks Fake Google Ads Hijacking Developer Terminals Claude Code Malvertising ClickFix Campaign

The Claude Code Trap: Bitdefender Unmasks Fake Google Ads Hijacking Developer Terminals

Do Son March 16, 2026

Cybersecurity researchers at Bitdefender have uncovered a high-stakes “maladvertisement” campaign specifically designed to ensnare developers and AI...

The “CrashFix” Evolution: KongTuke’s New Playbook for Enterprise Infiltration UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

The “CrashFix” Evolution: KongTuke’s New Playbook for Enterprise Infiltration

Do Son March 13, 2026

A recent deep-dive investigation from Trend Micro Managed Detection and Response (MDR) has unmasked the evolving tactics...

Fake CleanMyMac Site Unleashes SHub Stealer to Drain macOS Crypto Wallets SHub Stealer Mac Malware

Fake CleanMyMac Site Unleashes SHub Stealer to Drain macOS Crypto Wallets

Do Son March 10, 2026

Mac users are the target of a convincing new “brand impersonation” campaign that turns the popular utility...

Dust Specter: Iran-Linked Hackers Weaponize Iraqi Government Sites in New Cyber Espionage Campaign Zyxel security - Mitel MiCollab Vulnerability

Zyxel security - Mitel MiCollab Vulnerability

Dust Specter: Iran-Linked Hackers Weaponize Iraqi Government Sites in New Cyber Espionage Campaign

Do Son March 9, 2026

Cybersecurity researchers at Zscaler ThreatLabz have uncovered a persistent espionage campaign targeting government officials in Iraq. Attributed...

Unmasking OCRFix: The New Russian Botnet Hiding its C2 Infrastructure in the Blockchain OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

Unmasking OCRFix: The New Russian Botnet Hiding its C2 Infrastructure in the Blockchain

Do Son March 6, 2026

Cybersecurity researchers have uncovered a sophisticated new threat dubbed OCRFix, a three-stage botnet that utilizes an innovative...

ClickFix Alert: Fake Venture Capitalists Target Web3 Pros with “Terminal” Phishing ClickFix Malware Crypto VC Scam

ClickFix Alert: Fake Venture Capitalists Target Web3 Pros with “Terminal” Phishing

Do Son March 4, 2026

Cybersecurity researchers at Moonlock Lab have unmasked a coordinated malware operation targeting cryptocurrency and Web3 professionals. The...

Critical Alert 1 Active Exploit Detected Today