A new campaign utilizing ClickFix attacks is now targeting both Windows and Linux systems, with the threat group APT36 adapting social engineering tactics to trick users into executing malicious commands. The Linux variant involves redirecting victims to a CAPTCHA page that prompts them to run a benign command, potentially paving the way for future attacks. Users are advised to avoid executing unknown commands to mitigate the risk of malware infections.

A new Linux malware named Koske uses seemingly harmless panda JPEG images to deploy sophisticated malware directly into system memory, leveraging vulnerabilities in exposed JupyterLab instances. The malware, believed to be developed with AI assistance, deploys cryptocurrency miners and employs advanced tactics to maintain persistence and evade detection. Researchers warn that the adaptability of Koske could lead to even more dangerous variants in the future.