State-sponsored hacking groups from Iran, North Korea, and Russia have been leveraging the ClickFix technique to deploy malware since late 2024. ClickFix is a tactic that encourages users to infect their own machines by following malicious commands disguised as solutions to issues. Detected by enterprise security firm Proofpoint, the tactic is used in phishing campaigns targeting various sectors including finance, government, health, education, and transportation, particularly in Middle Eastern countries, as well as the United States, Canada, Germany, and Switzerland.
Hackers Actively Exploiting Critical Exchange & SharePoint Server Vulnerabilities
Microsoft has warned that cybercriminals are increasingly exploiting critical vulnerabilities in on-premises Exchange and SharePoint Servers. New techniques like NTLM relay and credential leakage enable
