Tag: captcha
-
New ClickFix attacks use fake Windows Update screens to fool employees
Run dialog box, Windows Terminal, or Windows PowerShell. This leads to the downloading of scripts that launch malware.Two new tactics are used in the latest ClickFix campaign, says Huntress:the use since early October of a fake blue Windows Update splash page in full-screen, displaying realistic “Working on updates” animations that eventually conclude by prompting the user to…
-
Single Click on CAPTCHA Triggers Destructive Akira Ransomware Attack on Malicious Website
A sophisticated Akira ransomware attack orchestrated by the Howling Scorpius group recently left a global data storage and infrastructure company grappling with massive operational disruption all triggered by a single, seemingly innocent click on a website CAPTCHA. The compromise underscores a harsh reality: deploying advanced security tools does not guarantee security coverage or effective threat…
-
Single Click on CAPTCHA Triggers Destructive Akira Ransomware Attack on Malicious Website
A sophisticated Akira ransomware attack orchestrated by the Howling Scorpius group recently left a global data storage and infrastructure company grappling with massive operational disruption all triggered by a single, seemingly innocent click on a website CAPTCHA. The compromise underscores a harsh reality: deploying advanced security tools does not guarantee security coverage or effective threat…
-
Fake CAPTCHA Triggers 42-Day Akira Ransomware Attack
A fake CAPTCHA click led to a 42-day Akira ransomware breach that went largely undetected despite extensive security tooling. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fake-captcha-triggers-42-day-akira-ransomware-attack/
-
New npm Malware Campaign Redirects Victims to Crypto Sites
A new malware campaign has been observed built on seven npm packages and using cloaking techniques and fake CAPTCHAs, operated by threat actor dino_reborn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-malware-campaign-redirects/
-
SmartApeSG Uses ClickFix to Deploy NetSupport RAT
The SmartApeSG campaign, also known as ZPHP and HANEYMANEY, continues to evolve its infection tactics, pivoting to ClickFix-style attack vectors. Security researchers have documented the campaign’s latest methodology, which uses deceptive fake CAPTCHA pages to trick users into executing malicious commands that ultimately deploy NetSupport RAT a Remote Access Trojan capable of giving attackers complete…
-
Typo hackers sneak cross-platform credential stealer into 10 npm packages
Payload for IP fingerprinting and credential theft: Once the fake CAPTCHA interaction occurs, the installer sends the victim’s IP address to the attacker’s server, a step that allows tracking, geofencing, and exclusion of unwanted targets.It then downloads the payload from the same host, which is a 24 MB Pyinstaller-packed application that contains hundreds of thousands…
-
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems.”The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer that…
-
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems.”The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer that…
-
Rethinking Identity Security in the Age of AI
Tags: access, ai, api, attack, authentication, automation, awareness, best-practice, breach, business, captcha, ceo, container, control, credentials, cyber, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, endpoint, exploit, finance, fraud, Hardware, iam, identity, login, malware, mfa, monitoring, passkey, password, phishing, risk, risk-management, scam, threat, tool, vulnerabilityRethinking Identity Security in the Age of AI madhav Tue, 10/28/2025 – 06:35 Traditional identity protections were never designed for the age of AI. They can’t stop the lightning-fast, highly convincing identity attacks AI facilitates. There’s a reason that nearly 60% of businesses say compromised credentials are the leading cause of breaches. Data Security Marco…
-
Rethinking Identity Security in the Age of AI
Tags: access, ai, api, attack, authentication, automation, awareness, best-practice, breach, business, captcha, ceo, container, control, credentials, cyber, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, endpoint, exploit, finance, fraud, Hardware, iam, identity, login, malware, mfa, monitoring, passkey, password, phishing, risk, risk-management, scam, threat, tool, vulnerabilityRethinking Identity Security in the Age of AI madhav Tue, 10/28/2025 – 06:35 Traditional identity protections were never designed for the age of AI. They can’t stop the lightning-fast, highly convincing identity attacks AI facilitates. There’s a reason that nearly 60% of businesses say compromised credentials are the leading cause of breaches. Data Security Marco…
-
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025, specifically targeted individual members of the International Committee of the Red Cross, United Nations Children’s Fund (UNICEF) Ukraine…
-
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025, specifically targeted individual members of the International Committee of the Red Cross, United Nations Children’s Fund (UNICEF) Ukraine…
-
‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools
Tags: access, attack, authentication, awareness, captcha, ceo, communications, control, credentials, cyber, cybersecurity, data, defense, detection, edr, email, endpoint, espionage, exploit, group, hacker, incident response, least-privilege, login, malicious, malware, mfa, monitoring, network, phishing, powershell, russia, strategy, tactics, theft, threat, tool, training, update, vulnerability, vulnerability-management, zero-trustEvolving tactics and strategies: Analysts said ColdRiver, which for years focused on credential theft and email account compromise, is shifting toward multi-stage intrusions that rely on users to execute malicious code.By using ClickFix pages that mimic CAPTCHA verification screens, the group can bypass email security filters and deliver malware directly to victims’ devices, increasing the…
-
Russia’s Coldriver Revamps Malware to Evade Detection
Russian Intel Hackers Flexible in Face of Detection. Russia-linked threat group COLDRIVER rapidly replaced its exposed malware with a stealthier PowerShell variant, using fake CAPTCHA prompts and cryptographic key-splitting to evade detection and escalate surveillance on NGOs, dissidents and policy experts, according to new research. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russias-coldriver-revamps-malware-to-evade-detection-a-29776
-
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
ClickFix, FileFix, fake CAPTCHA, whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches. ClickFix attacks prompt the user to solve some kind of problem or challenge in the browser, most commonly a CAPTCHA, but also things like fixing an error on a…
-
Sicherheit statt Rätselbilder – So schützen moderne Bot-Management-Systeme ohne CAPTCHAs
Tags: captchaFirst seen on security-insider.de Jump to article: www.security-insider.de/bot-management-ohne-captchas-a-a7d5ced9f2189339338a79ec5ff51c34/
-
Phishers turn 1Password’s Watchtower into a blind spot
Vault keys at stake: Those who clicked on the phishing link earlier had too much to lose. The cloned landing page reportedly asked users for their 1Password login details, potentially giving attackers access to entire password vaults. With that single breach, everything from social accounts to banking credentials could be compromised.Malwarebytes urged users to remain…
-
Phishers turn 1Password’s Watchtower into a blind spot
Vault keys at stake: Those who clicked on the phishing link earlier had too much to lose. The cloned landing page reportedly asked users for their 1Password login details, potentially giving attackers access to entire password vaults. With that single breach, everything from social accounts to banking credentials could be compromised.Malwarebytes urged users to remain…
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
ChatGPT joins human league, now solves CAPTCHAs for the right prompt
Could this bot-prevention technique now be obsolete? First seen on theregister.com Jump to article: www.theregister.com/2025/09/19/how_to_trick_chatgpt_agents/
-
ChatGPT Tricked Into Solving CAPTCHAs: Security Risks for AI and Enterprise Systems
Researchers showed ChatGPT can bypass CAPTCHAs, exposing major AI security gaps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-tricked-into-solving-captchas-security-risks-for-ai-and-enterprise-systems/
-
AI-Driven Phishing Attacks: Deceptive Tactics to Bypass Security Systems
Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead to phishing websites. This ploy misleads users and evades security tools. Victims are first shown a captcha, lowering suspicion, while automated scanners only detect the challenge page, missing the hidden credential-harvesting…
-
Attackers Abuse AI Tools to Generate Fake CAPTCHAs in Phishing Attacks
Trend Micro said the use of AI platforms to create and host fake CAPTCHA pages helps attackers develop more sophisticated phishing campaigns at scale and speed First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/attackers-abuse-ai-fake-captchas/
-
From ClickFix to MetaStealer: Dissecting Evolving Threat Actor Techniques
ClickFix isn’t just back”, it’s mutating. New variants use fake CAPTCHAs, File Explorer tricks & MSI lures to drop MetaStealer. Stay ahead with Huntress’ Tradecraft Tuesday threat briefings. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/from-clickfix-to-metastealer-dissecting-evolving-threat-actor-techniques/