Dark Reading

FileFix Attack Chain Enables Malicious Script Execution

A security researcher has discovered a FileFix attack chain that allows a threat actor to execute malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows. ClickFix is a ...
Dark Reading

ClickFix Spin-Off Attack Bypasses Key Browser Safeguards

A newly discovered attack vector puts a spin on the ClickFix technique by exploiting how modern browsers save HTML files and bypassing a key security mechanism to trick users into participating in the ...
Bleeping Computer

6 browser-based attacks all security teams should be ready for in 2025

What security teams need to know about the browser-based attack techniques that are the leading cause of breaches in 2025. “The browser is the new battleground.” “The browser is the new endpoint”.
Bleeping Computer

New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim’s system and bypassing security software. The new phishing and ...