Attackers abuse Google Ads, GitLab, and Claude to deliver malware (opens in new tab)

Threat actors are abusing trusted platforms, including Google Ads, GitLab pages, and Claude’s shared chat feature, to trick users into executing malicious commands on their systems. Disguised as popular AI developer tools, the threat actors used ClickFix social engineering attacks, where victims were tricked into manually executing malicious commands. Typically, this involved copying and pasting PowerShell or terminal commands, noted researchers at TrendAI. The campaign funnelled more than 2,...