Cyber Daily

Pressing matter: A global WordPress ClickFix malware campaign is targeting Australian websites

Rapid7 researchers spot a malicious campaign aimed at harvesting credentials and digital wallets from Windows machines.
The Register on MSN

Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts

Rapid7 says crims broke into more than 250 sites globally, including a US Senate candidate’s campaign page Cyber baddies quietly compromised legitimate WordPress websites, including the campaign site ...

Bad CAPTCHA in the wild tricks Mac users into installing malware through Terminal

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.
GitHub

JavaScript captcha solver (Node.js): Bypass reCAPTCHA, Cloudflare, GeeTest and more

Use the JavaScript captcha solver to automatically bypass any captcha - including reCAPTCHA v2, Invisible, v3, Enterprise, Cloudflare Turnstile, GeeTest sliders, Amazon WAF, FunCaptcha, and both image ...