SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.
GitHub

Eclipse LSP4J

The p2 Update sites listed above (since 0.13.0) contain a japicmp report against the last released version to make it easier to identify API changes. The Eclipse LSP4J project uses Semantic Versioning ...
PCMag on MSN

Phony Claude code install guides trick Vibe coders into installing malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install ...