ClickFix
-
New FileFix Variant Uses Cache Smuggling to Evade Security, Researchers Say
A new FileFix phishing variant uses cache smuggling to store a malicious ZIP in browser cache and run it via a hidden PowerShell command, letting it evade many security products, researchers said.
-
FileFix: New Facebook security alert spoof hijacks victims into downloading StealC infostealer, researchers warn
Security researchers have uncovered a campaign dubbed FileFix that masquerades as a Facebook security alert to trick users into executing a malicious payload, culminating in the StealC infostealer. The operation, a variant of the ClickFix social-engineering technique, shows global reach, steganography-based delivery, and a Go-based loader that drops StealC v2, with researchers noting evolving infrastructure…
-
VirusTotal flags 44 undetected SVGs in Colombian phishing campaign; hundreds of SVGs detected in the wild
VirusTotal has flagged a new malware campaign using 44 undetected SVG files to phish as Colombia’s Fiscalía General de la Nación, injecting a Base64-encoded HTML page and triggering a hidden ZIP download. Overall SVG detections in the wild have reached 523, with earliest samples dating to August 14, 2025.
-
New Malware Campaign Targets macOS Users with Social Engineering Tactics
A new malware campaign is targeting macOS users with deceptive tactics, employing fake Spectrum websites and the ClickFix method to deliver the Atomic macOS Stealer malware. Security experts warn of the evolving threat landscape for Apple users.
-
Russian Hackers Deploy New LOSTKEYS Malware Using ClickFix Tactics
The Russian hacking group COLDRIVER has introduced LOSTKEYS, a new malware targeting Western advisors, journalists, and NGOs through deceptive tactics resembling ClickFix methods.
