{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicn3z7esk4ouegpa776cwx5katonifpr75vordemgdk4s5aml2pay",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3momfgnbr2dz2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigbme3ldf4znrqjpbphfceobr4vjresh3lnddf6vji33prq4cq5ty"
    },
    "mimeType": "image/webp",
    "size": 68010
  },
  "path": "/clickfix-campaign-uses-etherhiding-and-guloader-to-target-windows-users-with-fake-captcha-pages/",
  "publishedAt": "2026-06-18T18:23:06.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "ClickFix Campaign Uses EtherHiding and GULoader to Target Windows Users With Fake CAPTCHA Pages",
    "VPN Central"
  ],
  "textContent": "A new ClickFix campaign is targeting Windows users through compromised WordPress sites, fake CAPTCHA prompts, blockchain-hosted payload delivery, and a remote GULoader infection attempt. The attack does not begin with a phishing email. In the case analyzed by Sicuranext, the victim reached a legitimate European small-business website through Google Search. The site looked normal. Product […]\n\nThe post ClickFix Campaign Uses EtherHiding and GULoader to Target Windows Users With Fake CAPTCHA Pages appeared first on VPN Central.",
  "title": "ClickFix Campaign Uses EtherHiding and GULoader to Target Windows Users With Fake CAPTCHA Pages"
}