Technology
Fake Windows update pushes malware in new ClickFix attack
NEWYou can now listen to Fox News articles!
Cybercriminals keep getting better at blending into the software you use every day.
Over the past few years, we’ve seen phishing pages that copy banking portals, fake browser alerts that claim your device is infected and “human verification” screens that push you to run commands you should never touch. The latest twist comes from the ongoing ClickFix campaign.
Instead of asking you to prove you are human, attackers now disguise themselves as a Windows update. It looks convincing enough that you might follow the instructions without thinking, which is exactly what they want.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
NEW SCAM SENDS FAKE MICROSOFT 365 LOGIN PAGES
The malware hides inside seemingly normal image files, using steganography to slip past traditional security tools. (Microsoft)
How the fake update works
Researchers noticed that ClickFix has upgraded its old trick. The campaign used to rely on human verification pages, but now you get a full-screen Windows update screen that looks almost identical to the real thing. Joe Security showed how the page displays fake progress bars, familiar update messages and a prompt that tells you to complete a critical security update.
If you are on Windows, the site tells you to open the Run box, copy something from your clipboard and paste it in. That “something” is a command that silently downloads a malware dropper. The final payload is usually an infostealer, which steals passwords, cookies and other data from your machine.
NEW EMAIL SCAM USES HIDDEN CHARACTERS TO SLIP PAST FILTERS
Fake update screens are getting harder to spot as attackers mimic Windows with near-perfect precision. (Joe Security)
The moment you paste the command, the infection chain begins. First, a file called mshta.exe reaches out to a remote server and grabs a script. To avoid detection, these URLs often use hex encoding for parts of the address and rotate their paths. The script then runs obfuscated PowerShell code filled with junk instructions to throw researchers off. Once PowerShell does its work, it decrypts a hidden .NET assembly that functions as the loader.
Why is this attack so hard to detect?
The loader hides its next stage inside what looks like a regular PNG file. ClickFix uses custom steganography, which is a technique that hides secret data inside normal-looking content. In this case, the malware sits inside the image’s pixel data. The attackers tweak color values in certain pixels, especially in the red channel, to embed pieces of shellcode. When you view the image, everything appears normal.
The script knows exactly where the hidden data sits. It extracts the pixel values, decrypts them and rebuilds the malware directly in memory. That means nothing obvious is written to disk. Security tools that rely on file scanning miss it, since the shellcode never appears as a standalone file.
Once rebuilt, the shellcode is injected into a trusted Windows process like explorer.exe. The attack uses familiar in-memory techniques such as VirtualAllocEx, WriteProcessMemory and CreateRemoteThread. Recent ClickFix activity has delivered infostealers like LummaC2 and updated versions of Rhadamanthys. These tools are built to harvest credentials and send them back to the attacker with very little noise.
Once the hidden code loads into a trusted Windows process, infostealers quietly begin harvesting your data. (Kurt “CyberGuy” Knutsson)
7 steps you can take to protect yourself from the ClickFix campaign
The best way to stay protected is to slow down for a moment and follow a few steps that cut off these attacks before they start.
1) Never run commands you didn’t ask for
If any site tells you to paste a command into Run, PowerShell or Terminal, treat it as an immediate warning sign. Real operating system updates never require you to run commands from a webpage. When you run that command, you hand full control to the attacker. If something feels off, close the page and don’t interact further.
2) Keep Windows updates inside Windows
Updates should only come from the Windows Settings app or through official system notifications. A browser tab or pop-up pretending to be a Windows update is always fake. If you see anything outside the normal update flow asking for your action, ignore it and check the real Windows Update page yourself.
3) Use a reputable antivirus
Choose a security suite that can detect both file-based and in-memory threats. Stealthy attacks like ClickFix avoid leaving obvious files for scanners to pick up. Tools with behavioral detection, sandboxing and script monitoring give you a much better chance of spotting unusual activity early.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
4) Use a password manager
Password managers create strong, unique passwords for every account you use. They also autofill only on legitimate websites, which helps you catch fake login pages. If a manager refuses to fill out your credentials, take a second look at the URL before entering anything manually.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.
5) Use a personal data removal service
Many attacks start by targeting emails and personal details already exposed online. Data removal services help shrink your digital footprint by requesting takedowns from data broker sites that collect and sell your information. They can’t erase everything, but reducing your exposure means fewer attackers have easy access to your details.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Check URLs before trusting anything
A convincing layout doesn’t mean it is legitimate. Always look at the domain name first. If it doesn’t match the official site or uses odd spelling or extra characters, close it. Attackers rely on the fact that people recognize a page’s design but ignore the address bar.
7) Close suspicious full-screen pages
Fake update pages often run in full-screen mode to hide the browser interface and make the page look like part of your computer. If a site suddenly goes full screen without your permission, exit with Esc or Alt+Tab. Once you’re out, scan your system and don’t return to that page.
Kurt’s key takeaway
ClickFix works because it leans on user interaction. Nothing happens unless you follow the instructions on the screen. That makes the fake Windows update page especially dangerous, because it taps into something most people trust. If you are used to Windows updates freezing your screen, you may not question a prompt that appears during the process. Cybercriminals know this. They copy trusted interfaces to lower your guard and then rely on you to run the final command. The technical tricks that follow are complex, but the starting point is simple. They need you to help them.
Do you ever copy commands from a website without thinking twice about what they do? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
RAMageddon has come for computers. The price of memory chips, hard drives, and solid state storage has skyrocketed. That’s led to price increases on desktop and laptop RAM, SSDs, spinning hard drives, and pretty much everything that uses any of those things. Consoles are more expensive. Desktops are more expensive. Laptops are more expensive. Tablets and phones are more expensive. Even MacBooks, which started out expensive but then started looking like a pretty good deal, just got more expensive.
All that sucks. But if (if) there’s a silver lining, it’s that most of the stuff you plug into a computer — keyboards, mice, webcams, monitors, and so forth — isn’t getting bananas expensive. Actually, there are some good deals out there.
Great keyboards on the cheap
Hot deals on mice in your area
Monitors to watch (get it?)
Cases and stands, hubs and docks, and other stuff
NEWYou can now listen to Fox News articles!
Robots have gotten very good at moving fast, repeating steps and doing jobs that would wear you and me out. But ask a robot to pick up something delicate, oddly shaped or slightly different from the last item it handled, and things can get a little complicated quickly.
That is where a new collaboration between ABB Robotics and PSYONIC comes in. ABB Robotics is working with PSYONIC, a California bionics company, to explore whether real-world touch and motion data from human prosthetic use can help train robotic arms.
In other words, the same kind of bionic hand that helps a person grip a tool, pick up a fragile object or adjust pressure in real time could help teach robots how to do those tasks better.
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
SOFT ROBOTIC ARMBAND GIVES PROSTHETIC HAND USERS NATURAL CONTROL
The PSYONIC Ability Hand can capture touch, motion and grip-force data from real human prosthetic use. (ABB Robotics)
How a bionic hand could teach a robot
The collaboration centers on PSYONIC’s Ability Hand and ABB’s GoFa cobot. The Ability Hand was originally developed for prosthetic use. It has multi-articulating fingers, pressure sensors, vibration feedback and flexible mechanics that help it conform to irregular objects. That combination is important because human grip isn’tt one fixed action. You hold a coffee cup differently than a screwdriver. You handle an egg differently than a phone. Most of us do that without thinking about it.
For robots, that instinctive adjustment is hard. ABB and PSYONIC want to explore how movement, contact and grip-force data from the Ability Hand can help train robots to handle objects that are fragile, uneven or unpredictable. ABB’s GoFa cobot brings the industrial side of the equation, offering the accuracy and repeatability needed to test those movements in a controlled way. The result could be a robot arm that learns from real human handling data, then applies that information to factory and warehouse tasks.
Why robot grip is such a hard problem
Industrial robots can already lift, move, weld, sort and assemble with impressive speed. However, many still struggle when a task involves subtle touch. Think about a robot picking up a soft package, a medical component or a part that shifts slightly on a conveyor belt. Too much pressure can damage the item. Too little pressure can make the robot drop it. A tiny change in angle can throw off the whole process.
JOB-KILLING ROBOT LEARNS AT WORK, AND IT’S COMING TO THE FACTORY FLOOR
That is why gripping and dexterity remain major challenges in automation. ABB calls this a key part of Autonomous Versatile Robotics, or AVR, its vision for robots that can sense, reason, move and handle objects with precision in changing environments.
Marc Segura, president of ABB Robotics, put it this way: Human dexterity remains “one of the most difficult things to replicate in industrial-grade robotics.” He said the collaboration with PSYONIC could help “close the long-standing gap” between human and robot dexterity. That gap is where this technology could make a real difference.
What makes the PSYONIC Ability Hand different
The PSYONIC Ability Hand was built to help people. It uses myoelectric control, touch sensing and compliant mechanics in a lightweight design. Its sensors can detect pressure during a grip, while vibration feedback can help communicate touch back to the person using it. That same sensing ability could be valuable for robots.
AI ENABLES PARALYZED MAN TO CONTROL ROBOTIC ARM WITH BRAIN SIGNALS
PSYONIC says the Ability Hand can capture detailed data about movement, contact and grip force. When that hand is used by people in real-world situations, it can generate a more natural dataset than a lab-only robot demonstration.
ABB’s GoFa cobot is being used to test how bionic hand data could help robots handle delicate and irregular objects. (ABB Robotics)
Dr. Aadeel Akhtar, founder and CEO of PSYONIC, called dexterous manipulation “a data challenge as much as a hardware challenge.” That line really gets to the heart of this. Better robot hands are important. Yet the training data behind those hands may be what decides how useful they become in real workplaces.
Where bionic hand data could show up first
ABB and PSYONIC say this work could apply across automotive, aerospace, packaging, logistics and life sciences. That makes sense. These are industries where robots already play a major role, but where delicate or variable handling can still slow things down. A robot that can better adjust its grip could help with fragile components, oddly shaped products, soft packaging or repetitive tasks that are tough on the body.
HUMANOID ROBOTS HANDLE QUALITY CHECKS AND ASSEMBLY AT AUTO PLANT
The International Federation of Robotics has also pointed to advanced gripping and digital integration as a way to reduce engineering time by up to 30%. That’s important for companies because automation often gets delayed by setup, tuning and custom engineering. If touch-enabled robotic hands can reduce some of that work, companies could deploy robots faster and use them in more flexible ways.
How touch-trained robots could change factory work
There is a hopeful side to this. Robots that handle repetitive or ergonomically challenging work could reduce strain on people. That could mean fewer workers stuck doing the same painful motion all day. However, there is also a bigger labor question here. More capable robots could take on tasks that once seemed too variable to automate. That may affect how companies hire, train and assign work in the future.
The most useful version of this technology would support people instead of simply replacing them. For example, robots could handle the repetitive gripping while workers focus on oversight, quality checks, machine setup and higher-skill work.
Watch the CyberGuy Live replay: Lock Down Your Phone in 30 Minutes
Your phone holds your email, passwords, photos, banking apps and personal data. In this free CyberGuy Live replay, Kurt the CyberGuy walks you step by step through simple phone security fixes you can do at your own pace. You’ll learn how to improve your privacy settings, spot the latest phone scams, use trusted security tools and walk away with a simple checklist to stay protected. Watch the replay and get our checklist here: CyberGuyLive.com
Kurt’s key takeaways
ABB Robotics and PSYONIC are taking a different approach to one of robotics’ hardest problems: touch. Instead of training robots only in a lab, they want to use real movement and grip data from a bionic hand that people already use. That could help robots become better at delicate, variable tasks that have traditionally been hard to automate. It could also push industrial robots closer to working safely and effectively around humans in more settings. But the human side should not get lost in the excitement. If robots are going to learn from human touch, companies need to be clear about data use, workplace impact and safety testing.
The collaboration could help robots become more useful in factories, warehouses and other workplaces where precise grip matters. (ABB Robotics)
Would you feel comfortable knowing a robot at work was trained using real human touch data? Let us know by writing to us at CyberGuy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
Amazon’s Prime Day is now in its second day, and whether you’re looking for a new pair of wireless earbuds or a smartwatch, there’s a good chance you’ll find a discount. The Apple Watch Series 11 has already dropped to a new low price, while the AirPods Pro 3 are discounted to $179. With Tim Cook warning that price hikes are coming, now may be the moment if you’ve been eyeing one of the company’s devices.
Below are the best Apple deals currently available. Some are exclusive to Prime Day, while others are simply great discounts we think are worth highlighting. We’ll continue updating this guide throughout Prime Day, highlighting more deals as they become available.
Earbud and headphone deals
Update, June 24th: Adjusted prices and availability, and added deals for Apple’s MagSafe Charger as well as the Apple Magic Keyboard.
-
Movie Reviews3 minutes ago8News Reel Talk: ‘Toy Story 5’ movie review
-
World12 minutes agoStrong Earthquake Rocks Venezuela Capital
-
Health42 minutes agoDoes Berberine Aid Weight Loss? The Best Time To Take It To Boost Results
-
Lifestyle57 minutes agoJohn Cena wanted to step away from the WWE ring before he became ‘too slow for the show’ : Wild Card with Rachel Martin
-
Technology1 hour agoHere’s a bunch of Prime Day deals on keyboards, mice, and other peripherals we like
-
World1 hour agoIsrael slams UN report as ‘political blood libel’ for alleging deliberate targeting of Palestinian children
-
Politics1 hour agoBiden judge rejects Trump’s sanctuary cities lawsuit, says even a win wouldn’t solve DOJ’s problem
-
Health1 hour agoLatest COVID vaccine may have unexpected health benefit, study suggests
