clickfix

Security researchers have identified a clever new variation of ClickFix social‑engineering attacks that abuses the decades‑old Windows utility finger.exe and the Finger protocol (TCP port 79) as a covert delivery channel, letting attacker‑controlled servers return encoded PowerShell and script...

A high-fidelity fake Windows 11 update screen has been weaponized in a new ClickFix campaign to trick victims into executing commands that load in-memory steganographic payloads, ultimately delivering the LummaC2/Lumma stealer and the Rhadamanthys infostealer to compromised machines. Background...

A convincing fake Windows Update screen is the latest disguise in the evolving ClickFix campaign, and the attack chain’s new tricks — automatic clipboard poisoning, PNG steganography and a .NET “Stego Loader” — show a clear shift from simple social engineering to multi-stage, fileless delivery...

Microsoft 365 credentials are now squarely in the crosshairs of a new, sophisticated cyberattack. In a campaign dubbed the ClickFix attack—as first reported by SC Media and detailed by BleepingComputer—the threat actors are using fake OAuth apps to pilfer sensitive credentials from government...

The recent advisory from Microsoft Threat Intelligence has sounded a clear alarm for the hospitality sector and all Windows users alike: a sophisticated phishing campaign impersonating Booking.com is actively targeting organizations with a suite of credential-stealing malware. In this evolving...