Opera adds native protection against clipboard malware attacks

Opera has rolled out Paste Protect, a new built-in feature that blocks malicious clipboard attacks known as ClickFix. The tool marks the first native defense of its kind in a major browser. It activates automatically and alerts users when suspicious code attempts to copy itself.

The company announced the update in a blog post on July 2. Paste Protect detects harmful scripts aimed at Windows, macOS and Linux systems. It stops the copy action, displays the first 120 characters of the command and places a red warning icon in the address bar.

ClickFix attacks often pose as CAPTCHA checks. They copy code that users are tricked into pasting and running, which can install infostealer malware such as Lumma Stealer. These attacks made up more than half of malware loading incidents in 2025.

Users can toggle the feature in Settings under Privacy and Security. False positives can be marked as safe. The rollout to regions is scheduled to begin soon.

Связанные статьи

Mozilla engineers using Anthropic's Mythos AI to patch 271 Firefox security vulnerabilities in a high-tech lab.
Изображение, созданное ИИ

Mozilla patches 271 Firefox vulnerabilities with Anthropic's Mythos AI

Сообщено ИИ Изображение, созданное ИИ

Mozilla has patched 271 security vulnerabilities in Firefox 150 using early access to Anthropic's Mythos Preview AI model. Firefox CTO Bobby Holley described the tool as every bit as capable as the world's best security researchers. The foundation says the AI helps defenders gain an edge in cybersecurity.

Google published proof-of-concept exploit code on Wednesday for a vulnerability in its Chromium browser that has gone unfixed for 29 months. The flaw affects Chrome, Microsoft Edge, and other Chromium-based browsers used by millions worldwide. It enables attackers to establish persistent connections for monitoring user activity and launching attacks.

Сообщено ИИ

Microsoft is expanding its Copilot AI tool in the Edge web browser to scan open tabs and draw on browsing history for suggestions. The updates apply to both desktop and mobile versions of the browser.

Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.

Сообщено ИИ

Arch Linux has disabled new account registrations for the Arch User Repository following multiple waves of malicious package updates. The move comes after more than 1,500 packages were compromised last week.

Этот сайт использует куки

Мы используем куки для анализа, чтобы улучшить наш сайт. Прочитайте нашу политику конфиденциальности для дополнительной информации.
Отклонить