{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreico4xdhf7epfzwez3cf3t6bhj3nblcad6rf7e547bibfeng5pxn3a",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mkjiqfzyzro2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicjmts3vz5grud76ul2a6kvlelkc4l67b2twtnblgogkmwahlgnmy"
    },
    "mimeType": "image/webp",
    "size": 50852
  },
  "path": "/new-clickfix-attack-uses-cmdkey-and-regsvr32-instead-of-powershell-to-evade-detection/",
  "publishedAt": "2026-04-27T17:44:05.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "New ClickFix Attack Uses Cmdkey and Regsvr32 Instead of PowerShell to Evade Detection",
    "VPN Central"
  ],
  "textContent": "A new ClickFix variant is replacing PowerShell with native Windows tools, making the social engineering attack harder for security teams to detect. The campaign tricks users into running a command through the Windows Run dialog, then uses cmdkey and regsvr32 to load a remote DLL from attacker-controlled infrastructure. ClickFix attacks rely on user deception rather […]\n\nThe post New ClickFix Attack Uses Cmdkey and Regsvr32 Instead of PowerShell to Evade Detection appeared first on VPN Central.",
  "title": "New ClickFix Attack Uses Cmdkey and Regsvr32 Instead of PowerShell to Evade Detection"
}