A single click and Ctrl+V combo now compromises endpoints with zero file downloads.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Cybercriminals are using fake CAPTCHA interfaces that mimic Cloudflare Turnstile to trick users into executing malicious PowerShell commands. The attack exploits 'verification fatigue' by presenting legitimate-looking security checks that guide users through key combinations (Win+R, Ctrl+V, Enter) to unknowingly run malware. This ClickFix technique delivers information stealers like Lumma and Stealc, as well as remote access trojans, without requiring file downloads. The campaign succeeds by leveraging trusted branding and users' conditioned response to quickly bypass security prompts.

New phishing campaign hijacks clipboard via fake CAPTCHA for malware delivery