Microsoft identified an updated ClickFix campaign that disrupts users' browsers and tricks them into executing harmful commands. This variant uses social engineering and exploits native Windows utilities to deliver a Python RAT payload while evading traditional detection methods.

A new campaign utilizing ClickFix attacks is now targeting both Windows and Linux systems, with the threat group APT36 adapting social engineering tactics to trick users into executing malicious commands. The Linux variant involves redirecting victims to a CAPTCHA page that prompts them to run a benign command, potentially paving the way for future attacks. Users are advised to avoid executing unknown commands to mitigate the risk of malware infections.