Gizmodo’s website was compromised and used to serve ClickFix social engineering prompts, tricking Windows users into running malicious commands that could install trojan malware. Mac users were largely unaffected. The incident highlights how trusted media brands can become vectors for malware distribution following an account or CMS compromise.

Security Architect’s Take: Review your organisation’s acceptable use and endpoint protection policies to ensure that browser-based social engineering attacks like ClickFix — which instruct users to paste commands into PowerShell or Run dialogs — are mitigated through application control and PowerShell constrained language mode. Consider alerting your security awareness programme to this specific technique, as it bypasses many traditional content filters.

Original advisory: Gizmodo readers hit with ClickFix malware prompts after account compromise