Yahoo

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

The ClickFix attack technique has gotten so popular that even state-sponsored threat actors are using it, research from Proofpoint claims, having observed at least three groups leveraging the method ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...
CSO Online

Meet ConsentFix, a new twist on the ClickFix phishing attack

What’s new in a ConsentFix attack is that the attack happens entirely inside a browser, say the researchers, which removes one of the key detection opportunities because the attack doesn’t touch an ...
Forbes

Do Not Download These Windows Security Updates, Experts Warn

ClickFix attack employs fake Windows security udpates. Updated November 27 with another Windows update warning, along with threat intelligence from the Acronis Threat Research Unit regarding the use ...
Krebs on Security

ClickFix: How to Infect Your PC in Three Easy Steps

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed “ClickFix,” the visitor to a hacked or malicious website is asked to ...
Lifehacker

This Windows Update Pop-Up Is a Scam

December 4, 2025 Add as a preferred source on Google Add as a preferred source on Google The update screen is a normal occurrence on Windows machines, so of course hackers are now manipulating it to ...
Forbes

Alarming Rise In ClickFix Attacks Targets PC Users

Forbes contributors publish independent expert analyses and insights. Zak Doffman writes about security, surveillance and privacy. There’s a new type of attack targeting Windows PCs. Such is its power ...
Infosecurity-magazine.com

‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise

Threat actors are ramping up the use of ‘ClickFix’ social engineering attacks, with this tactic likely proving highly effective for malware deployment. A new analysis by Proofpoint highlighted ...
Infosecurity-magazine.com

ClickFix Attacks Surge 517% in 2025

ClickFix social engineering attacks have surged by 517% in the past six months, becoming the second most common vector behind only phishing, according to new ESET data. The report, published on June ...
Bleeping Computer

From ClickFix to MetaStealer: Dissecting Evolving Threat Actor Techniques

During the past fifteen business days, Huntress analysts have observed increased threat activity involving several notable techniques. One case involved a malicious AnyDesk installer, which initially ...
ZDNet

This new cyberattack tricks you into hacking yourself. Here's how to spot it

The ClickFix social engineering tactic is rising in popularity. Microsoft said this initial access method was recorded in 47% of attacks. Traditional phishing protections won't work. Changing your ...