<ul><li>ClickFix, a malware attack that tricks users into running console commands, has now been observed targeting Linux devices by cybersecurity researchers.</li><li>The attack involves showing popups on compromised websites instructing users to update their browsers or complete CAPTCHA tests, leading them to run malicious commands.</li><li>The particular attack linked to a Pakistani threat actor named APT36 redirects Linux victims to a CAPTCHA page that prompts them to run a shell command, posing as an innocuous process so far.</li><li>The attack, still in its experimental phase, has not caused significant harm yet. It downloads only a harmless JPEG file, but the potential risks remain concerning.</li></ul>

New ClickFix campaign spotted hitting both Windows and Linux machines

Discover more