🚨 AS IF you need one more BIG headache~ BEWARE OF ‘CLICKFIX’ Fake Human Verification Scam! 🚨 Picture this: You’re scrolling peacefully when a sleek pop-up screams “Prove you’re human to continue!” 😱 It politely instructs you to hit Windows R, open Command Prompt, and paste a shady command. “Just a quick verification,” it claims. 👀 The second you hit Enter… files start downloading, your mouse moves by itself, and your device is compromised!! 💻💥🦠 This is the sneaky ClickFix scam — a rising cyber threat that tricks users into handing over full control of their computers under the fake guise of a CAPTCHA or human check. ⚡️ 😮 Real websites NEVER ask you to run terminal commands, PowerShell scripts, download .exe files, or execute anything in cmd just to prove you’re not a robot. ✅ That’s a massive 🚩 RED FLAG! 👀 If any site, pop-up, or “support” chat demands system access like this — CLOSE IT IMMEDIATELY. These scammers are installing remote access trojans, keyloggers, ransomware, and stealing your passwords, banking info, and personal data. 🛑💰 Protect yourself: 
✅ Use strong ad blockers 
✅ Keep antivirus & OS updated 
✅ Enable 2FA everywhere 
✅ Teach friends & family: If it asks for commands, it’s a scam! Stay vigilant, stay skeptical, and spread the word so others don’t fall victim! Knowledge is your best defense in the digital wild west. 💪🔒🌐 Had you already heard of this? 👀 #ClickFixScam #ScamAlert #CyberSecurity #StaySafeOnline

I just pwned a ClickFix C2 server. Turns out the malware had worm-like behavior: it used stolen credentials from infected hosts to inject malicious web content into other compromised sites.

【被害拡大】Windows Updateの罠！見慣れた画面でPCを乗っ取る詐欺を徹底解説【ClickFix】 youtu.be/aZfMGWsDNDI?si=p3LC… @YouTubeより

ClickFix攻撃ですね。 何も知らないユーザーを誘導して悪意あるコードを直接コマンド実行させるからセキュリティを突破しやすい。 digitalsales.alsok.co.jp/col…

ClickFixですね。 x.com/i/web/status/206559431…

> "hey bro i found malware" > sends link > "its clickfix" > look inside > nothing > ??? > realize uBlock origin blocked it is this slop clickfix?

🔒 CYBERSECURITY, PRIVACY & OPEN SOURCE ROUNDUP — June 13, 2026 1️⃣ OPEN-SOURCE TOOL PRESERVES HUMAN RIGHTS EVIDENCE The Tor Project highlights OpenArchive's free open-source Save app and DWeb Storage, tools designed to help communities securely archive, verify, and encrypt mobile media documenting human rights violations. These tools empower whistleblowers and journalists to preserve evidence without putting themselves or the records at risk, combining on-device encryption with decentralized storage to ensure data sovereignty. @torproject 2️⃣ MACOS MALWARE CAMPAIGN EXPLOITS FAKE HOMEBREW ADS The Atomic macOS Stealer (AMOS) campaign is using fake Homebrew package manager advertisements to deploy persistent malware on macOS systems. Malware Traffic Analysis published the complete infection chain with network captures and extracted samples. Attackers disguise malicious payloads as legitimate Homebrew packages, tricking developers into installing stealers that persist across system restarts and exfiltrate credentials, tokens, and sensitive files. @DFIR_Radar 3️⃣ SERVICENOW BREACH EXPOSES CUSTOMER DATA VIA UNAUTHENTICATED API A ServiceNow breach exploited an unauthenticated API endpoint that exposed customer instance data, including support tickets and employee records. The vulnerability allowed unrestricted access to `/api/now/related_list_edit/create`, enabling attackers to extract sensitive organizational information. Security teams are advised to review logs for requests originating from the identified attacker IP range and restrict API endpoint access. @DFIR_Radar 4️⃣ CLICKFIX PHISHING CAMPAIGN DELIVERS CUSTOM RAT A new Amazon-themed ClickFix campaign is delivering HarborWatch Agent, a custom monitoring Remote Access Trojan. The multi-stage attack begins with a phishing email that leads to a fake CAPTCHA verification page, which then tricks victims into downloading the malware. The social engineering component turns victims into their own infection vector by convincing them they need to verify their security status. @DFIR_Radar 5️⃣ SPLITUN ENTERPRISE ZERO-DAY RCE WITH CVSS 9.8 Splunk Enterprise has a critical pre-authentication remote code execution vulnerability (CVE-2026-20253, CVSS 9.8) exploitable via a PostgreSQL sidecar bypass. AWS deployments are affected by default, and the flaw allows unauthenticated attackers to write arbitrary files, leading to full code execution with Splunk-level privileges. The vulnerable endpoint bypasses application-level authentication entirely, highlighting the risks of exposing database services. @DFIR_Radar 6️⃣ CONTI RANSOMWARE OPERATIVE PLEADS GUILTY IN US COURT Ukrainian national Oleksii Lytvynenko has pleaded guilty in the United States to wire fraud conspiracy linked to the Conti ransomware group. The operation attacked more than 1,000 victims and generated at least $150 million in ransom payments. The conviction is part of ongoing international efforts to dismantle ransomware infrastructure and hold individual operators accountable for cybercrimes. @HackRead 7️⃣ ORACLE PEOPLESOFT ZERO-DAY ACTIVELY EXPLOITED A critical Oracle PeopleSoft vulnerability has been actively exploited as a zero-day attack targeting organizational data. Google confirmed exploitation activity, and reports link the attacks to a threat actor group known as Shiny Hunters. Oracle has issued mitigation guidance, but the widespread deployment of PeopleSoft in enterprise environments means organizations face significant risk until patches are applied. @SecWeekly 💭 The threat landscape continues to evolve with sophisticated supply-chain attacks targeting developers and critical enterprise software under constant pressure. From macOS malware disguised as package manager updates to zero-days in monitoring platforms like Splunk, the message is clear: every component in your stack is a potential entry point. Meanwhile, open-source tools like OpenArchive remind us that transparency and community-driven security remain essential defenses against both cyber threats and authoritarian surveillance. Which of these vulnerabilities keeps you up at night — or which one are you patching first? 👇 #Cybersecurity #OpenSource #Privacy #CVE #Ransomware #InfoSec #ZeroDay

x.com/Garnet3106/status/2065… 「AdGuard最強ｗ」 とか言ってる人居るけどこの系統のclickfix攻撃は「過去に」「AdGuard」を「貫通」してきてるのでそもそもリキャプチャ認証自体信用してないｗおいスクエニお前も同罪だぞリキャプチャさせる為の画像を高頻度で変えまくりやがってからにｗｗｗ

Clickfix… be careful

気をつけましょう。 【超危険】「更新作業中」の罠！見慣れた画面でPCを乗っ取る最新詐欺『ClickFix』の仕組みと防御策 youtu.be/QSdXojhMnYI?si=vNz3… @YouTubeより

Clickfix. We’ve seen a few real world cases at work where users have gone through the whole process and entered credentials. Did a phishing simulation with it and “caught” 13 people and full creds.

ターミナル開かせてコマンド打たせてる ClickFixってやつ