{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreia26uoxqliuhigxvhmhjrkpbaaq44qrijo6s2wzon7lrqutn7yhky",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mic6ipkmy7y2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiadfiwn5wsd6xeyccd2gsfa7nlemvarhq3ezhyagpzlcpavsoybma"
    },
    "mimeType": "image/jpeg",
    "size": 197542
  },
  "path": "/2026/03/deepload-malware-uses-clickfix-and-wmi.html",
  "publishedAt": "2026-03-30T15:47:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad.\n\"It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captures passwords and sessions even if the primary loader is blocked,\" ReliaQuest researchers Thassanai",
  "title": "DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials"
}