CyberSecurityBoard
Sponsor Register Login

Microsoft Warns of Hackers Using ClickFix Technique to Bypass Security

Microsoft has issued a warning about a new hacking technique called 'ClickFix' that cybercriminals are using to bypass security measures. This method involves manipulating user interactions to execute malicious actions without detection. The ClickFix technique exploits vulnerabilities in web browsers and software interfaces, allowing attackers to perform unauthorized clicks and commands. Organizations are urged to update their security protocols and educate users about this emerging threat. The article details how ClickFix works, its potential impact on cybersecurity defenses, and recommended mitigation strategies. It highlights the importance of patching software vulnerabilities and adopting multi-layered security approaches to prevent exploitation. This development underscores the evolving tactics of threat actors and the need for continuous vigilance in cybersecurity practices.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 22 Aug 2025 09:10:19 +0000


Cyber News related to Microsoft Warns of Hackers Using ClickFix Technique to Bypass Security

ClickFix Attack Emerges by Over 500% - Hackers Actively Using This Technique to Trick Users - The attack presents victims with fake error messages or verification prompts that appear legitimate, instructing them to copy and paste seemingly harmless commands to resolve fictitious technical issues. Unlike traditional attack methods, ClickFix ...
3 months ago Cybersecuritynews.com Kimsuky Lazarus Group MuddyWater APT3
State Sponsored Hackers Now Widely Using ClickFix Attack Technique in Espionage Campaigns - While currently limited to experimental usage by these state-sponsored groups, the increasing popularity of ClickFix in both cybercrime and espionage campaigns suggests the technique will likely become more widely adopted as threat actors continue to ...
5 months ago Cybersecuritynews.com Kimsuky MuddyWater
Hackers Employ New ClickFix Captcha Technique to Deliver Ransomware - The integration of Qakbot with the ClickFix technique allows attackers to bypass traditional security measures by leveraging user interaction to execute malicious commands. A sophisticated social engineering technique known as ClickFix has emerged, ...
6 months ago Cybersecuritynews.com
Kimsuky Hackers Using ClickFix Technique to Execute Malicious Scripts on Victim Machines - Cyber Security News - The attackers impersonate legitimate entities, including government officials, news correspondents, and security personnel, to establish trust before delivering malicious payloads through encrypted archives or deceptive websites designed to mimic ...
3 months ago Cybersecuritynews.com Kimsuky
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
3 months ago Cybersecuritynews.com
Microsoft Warns of Hackers Using ClickFix Technique to Bypass Security - Microsoft has issued a warning about a new hacking technique called 'ClickFix' that cybercriminals are using to bypass security measures. This method involves manipulating user interactions to execute malicious actions without detection. The ClickFix ...
1 month ago Cybersecuritynews.com
Interlock ransomware gang pushes fake IT tools in ClickFix attacks - The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. Though this isn't the first time ClickFix has been linked to ransomware infections, ...
5 months ago Bleepingcomputer.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
Lazarus APT Hackers Using ClickFix Technique to Evade Detection - The Lazarus Group, a notorious North Korean state-sponsored hacking collective, has been observed employing a novel attack method known as the ClickFix technique. This approach allows them to bypass traditional security measures by exploiting user ...
1 month ago Cybersecuritynews.com Lazarus Group
State-sponsored hackers embrace ClickFix social engineering tactic - Proofpoint reports that APT28, a GRU unit, also used ClickFix as early as October 2024, using phishing emails mimicking a Google Spreadsheet, a reCAPTCHA step, and PowerShell execution instructions conveyed via a pop-up. ClickFix attacks are gaining ...
5 months ago Bleepingcomputer.com APT28 Kimsuky MuddyWater
Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds - Coined initially as “ClickFix” because the social engineering prompts were telling the user they ought to “fix” a problem with their browser and required the user to click an element, this term is now ascribed to any similar ...
2 months ago Bleepingcomputer.com
ClickFix Captcha - A Creative Technique That Allow Attackers Deliver Malware and Ransomware on Windows - This technique, known as ClickFix Captcha, exploits users’ trust in familiar web elements to bypass traditional security measures and deliver malicious payloads to Windows systems. The researchers noted the commands typically invoke PowerShell ...
6 months ago Cybersecuritynews.com
New LUMMAC.V2 Stealer Using ClickFix Technique to Trick Users in Execute Malicious Commands - Cyber Security News - The LUMMAC.V2 campaign represents a significant threat not only due to its extensive data theft capabilities but also because it exploits human behavior rather than technical vulnerabilities, making traditional security measures less effective at ...
5 months ago Cybersecuritynews.com
Interlock ransomware adopts FileFix method to deliver malware - In the FileFix variation, the attacker weaponizes trusted Windows UI elements, such as File Explorer and HTML Applications (.HTA), to trick users into executing malicious PowerShell or JavaScript code without displaying any security warnings. This ...
2 months ago Bleepingcomputer.com
New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint - A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. Threat actors have also begun to evolve the ...
7 months ago Bleepingcomputer.com
Microsoft reveals how hackers breached its Exchange Online accounts - Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. On January 12, 2024, Microsoft ...
1 year ago Bleepingcomputer.com APT29
​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
1 year ago Techcommunity.microsoft.com
ClickFix attack delivers infostealers, RATs in fake Booking.com emails - Microsoft is warning that an ongoing phishing campaign impersonating Booking.com is using ClickFix social engineering attacks to infect hospitality workers with various malware, including infostealers and RATs. In the phishing campaign discovered by ...
6 months ago Bleepingcomputer.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
1 year ago Securityboulevard.com APT29
Hackers now testing ClickFix attacks against Linux targets - A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. However, it is possible that APT36 is currently experimenting to ...
4 months ago Bleepingcomputer.com Transparent Tribe APT3
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
1 year ago Bleepingcomputer.com APT29
Weekly Cybersecurity Recap : Sharepoint 0-day, Vmware Exploitation, Threats and Cyber Attacks - Tracked as CVE-2025-12345, this flaw allows remote code execution (RCE) without authentication, potentially enabling attackers to compromise sensitive data or deploy malware on affected servers. The U.S. Cybersecurity and Infrastructure Security ...
2 months ago Cybersecuritynews.com CVE-2025-12345 APT41
"Microsoft’s Secure Future Initiative" Biggest cybersecurity Project in Its History - Led by Charlie Bell, Executive Vice President of Microsoft Security, the initiative has mobilized the equivalent of 34,000 engineers working full-time for 11 months to bolster security for Microsoft, its customers, and the broader industry. Following ...
5 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)