ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to ...

The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a ...

Let me tell you how I came within steps of becoming a victim in an elaborate social engineering scheme designed to exploit ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic ...

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign ...