ClickFix Archives

Malware & Threats

New DeepLoad Malware Dropped in ClickFix Attacks

The malware steals credentials, installs a malicious browser extension, and can spread via USB drives.

Ionut ArghireApril 1, 2026

Malware & Threats

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer.

Ionut ArghireMarch 28, 2026

Malware & Threats

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

Threat actors replace legitimate commands on the cloned installation webpages with malicious commands.

Ionut ArghireMarch 9, 2026

Malware & Threats

Microsoft Warns of ClickFix Attack Abusing DNS Lookups

Attackers are using DNS requests to deliver a RAT named ModeloRAT to targeted users.

Eduard KovacsFebruary 16, 2026

Malware & Threats

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

Posing as an ad blocker, the malicious extension crashes the browser to lure victims into installing malware.

Ionut ArghireJanuary 19, 2026

Malware & Threats

Sophisticated ClickFix Campaign Targeting Hospitality Sector

Fake Booking reservation cancellations and fake BSODs trick victims into executing malicious code leading to RAT infections.

Ionut ArghireJanuary 6, 2026

Malware & Threats

ClickFix Attacks Against macOS Users Evolving

ClickFix prompts typically contain instructions for Windows users, but now they are tailored for macOS and they are getting increasingly convincing.

Eduard KovacsNovember 7, 2025

Malware & Threats

New Interlock RAT Variant Distributed via FileFix Attacks

The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks.

Ionut ArghireJuly 14, 2025

Malware & Threats

New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack

Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site.

Kevin TownsendJune 17, 2025

Malware & Threats

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.

Kevin TownsendJune 5, 2025

Nation-State

Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks

North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem.

Ionut ArghireApril 2, 2025

Malware & Threats

100 Car Dealerships Hit by Supply Chain Attack

The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise.

Ionut ArghireMarch 17, 2025

Malware & Threats

ClickFix Widely Adopted by Cybercriminals, APT Groups

The ClickFix technique has been employed by cybercrime and APT groups for information stealer and other malware deployment.

Ionut ArghireMarch 14, 2025

Phishing

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering.

Eduard KovacsMarch 13, 2025

SECURITYWEEK NETWORK:

ICS:

All posts tagged "ClickFix"

Malware & Threats

New DeepLoad Malware Dropped in ClickFix Attacks

Malware & Threats

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

Malware & Threats

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

Malware & Threats

Microsoft Warns of ClickFix Attack Abusing DNS Lookups

Malware & Threats

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

Malware & Threats

Sophisticated ClickFix Campaign Targeting Hospitality Sector

Malware & Threats

ClickFix Attacks Against macOS Users Evolving

Malware & Threats

New Interlock RAT Variant Distributed via FileFix Attacks

Malware & Threats

New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack

Malware & Threats

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

Nation-State

Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks

Malware & Threats

100 Car Dealerships Hit by Supply Chain Attack

Malware & Threats

ClickFix Widely Adopted by Cybercriminals, APT Groups

Phishing

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

Featured

Artificial Intelligence

Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed

Network Security

Hackers Exploiting Cisco Unified CM Vulnerability

Artificial Intelligence

Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says

Artificial Intelligence

OpenAI Refocuses Cybersecurity Efforts on Patching Over Discovery

Data Protection

Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration

Data Protection

Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data

Mobile & Wireless

New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones

Latest News

Endpoint Security

macOS Weaknesses Chained to Silently Disable Endpoint Security Agents

Cybercrime

Third DraftKings Hacker Sentenced to 18 Months in Prison

Vulnerabilities

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

Malware & Threats

New ‘Mistic’ RAT Opens Door to Several Ransomware Families

Application Security

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Data Breaches

BeyondTrust, LastPass Impacted by Klue-Salesforce Incident

Vulnerabilities

Webinar Today: Modern Exposure Validation in the AI Era

Daily Briefing Newsletter