ClickFix attackers using new tactic to evade detection, says Microsoft

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.
PCQuest on MSN

Copy-paste this command and you’re hacked: New Windows Terminal attack spreads Lumma Stealer

A recent malware campaign is using a trusted Windows application to launch attacks for stealing credentials via social engineering with the exploitation of the Windows Terminal with the use of Lumma ...
Cybernews

Hackers target Mac users with fake CleanMyMac, empty crypto wallets

Hackers have launched a convincing, fraudulent CleanMyMac website to trick Mac users into installing SHub Stealer, a malware that drains cryptocurrency wallets, steals data, and leaves a backdoor.
The Hacker News

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
PCMag

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.