Part of my fiat mine job is as a Lead on malware remediation, among other things. Yesterday, a work colleague enquired my assistance on a strange CAPTCHA impacting the visitors of a customer’s website. Turns out, it is one of the new phishing tactics being employed by bad actors looking to inject malware into unsuspecting targets. PSA: if a CAPTCHA asks you to copy/paste something into your Windows system’s run dialog, it is not a legitimate CAPTCHA request and you’re about to accidentally pwn your own machine with a malicious script. Stay vigilant!