#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

ClickFix | Breaking Cybersecurity News | The Hacker News

Category — ClickFix
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

Jun 26, 2025 Cyber Attack / Malware Analysis
The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET. "The list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even custom malware from nation-state-aligned threat actors," Jiří Kropáč, Director of Threat Prevention Labs at ESET, said . ClickFix has become a widely popular and deceptive method that employs bogus error messages or CAPTCHA verification checks to entice victims into copying and pasting a malicious script into either the Windows Run dialog or the Apple macOS Terminal app, and running it. The Slovak cybersecurity company said the highest volume of ClickFix detections are concentrated around Japan, Peru, Poland, Spain, and Slovakia. The prevalence and effectiveness of this attack meth...
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

Jun 06, 2025 Malware / Endpoint Security
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer ( AMOS ) on Apple macOS systems. The campaign, according to CloudSEK, has been found to leverage typosquat domains mimicking U.S.-based telecom provider Spectrum. "macOS users are served a malicious shell script designed to steal system passwords and download an AMOS variant for further exploitation," security researcher Koushik Pal said in a report published this week. "The script uses native macOS commands to harvest credentials, bypass security mechanisms, and execute malicious binaries." It's believed that the activity is the work of Russian-speaking cybercriminals owing to the presence of Russian language comments in the malware's source code. The starting point of the attack is a web page that impersonates Spectrum ("panel-spectrum[....
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns

Apr 17, 2025 Social Engineering / Malware
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater), UNK_RemoteRogue, and TA422 (aka APT28). ClickFix has been an initial access technique primarily affiliated with cybercrime groups, although the effectiveness of the approach has led to it also being adopted by nation-state groups. "The incorporation of ClickFix is not revolutionizing the campaigns carried out by TA427, TA450, UNK_RemoteRogue, and TA422 but instead is replacing the installation and execution stages in existing infection chains," enterprise security firm Proofpoint said in a report published today. ClickFix , in a nutshell, refers to a sneaky technique that tricks users int...
cyber security

How 100+ Security Leaders Are Tackling AI Risk

websiteWizAI Security / Cloud Security
AI adoption is accelerating— but most security programs are still working to catch up. See how real teams are securing AI in the cloud.
cyber security

Why organizations need to protect their Microsoft 365 data

websiteVeeamEnterprise Security / Data Protection
This 5-minute read will explain what your organization is responsible for within Microsoft 365 and how to identify security gaps.
Expert Insights Articles Videos
Cybersecurity Resources