GigaTap articles tagged ClickFix.
- Ghost CMS flaw turns real sites into ClickFix traps - Attackers are abusing CVE-2026-26980 to steal Ghost Admin API keys, inject JavaScript into legitimate articles, and push fake CAPTCHA malware lures.
- ClickFix is back, and Vidar Stealer is the payload - Australia’s ACSC says an ongoing campaign is using ClickFix social engineering to spread Vidar Stealer. The main risk is not novelty. It is user-driven com