Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries.
GitHub

A collection from many different sources, for TrollStore!

Huge thanks to hieuddo for their effort to get this up and running. There are still a few issues I've noticed with how the repo is updated. While this is a good companion to have, following up with ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an ...
GitHub

[BUG] Scripts don't run when refreshing YouTube homepage

The scripts apply when loading YouTube for the first time, but after clicking the browser's reload button, Tampermonkey does not apply the scripts any longer. (They ...