RE: https://caneandable.social/@WeirdWriter/116540815503821445

I thought from the title that this might be about the #disability #cookie that some sites use so they can get away with #inaccessible #CAPTCHA challenges.

This is the only thing I use #BeMyEyes for. I don't want to be profiled.

Give me strength.

This robot, uses a minute (yes 60 seconds) to verify i'm not a robot. Then it expires the validation after 20 seconds. Who makes this crap?

Is this the #Matrix ?

#captcha #recaptcha

Nowa reCAPTCHA

Pojawiło się doniesienie o wprowadzeniu przez Google nowej wersji reCAPTCHA. Nazwa jest pi
https://zakr.es/blog/2026/05/nowa-recaptcha/
#android #CAPTCHA #google #prywatność

Well, the new Google ReCaptcha is awful, sheesh

It's a QR code you have to scan with a "proper" device - aka with Google Services installed

Goodbye last 10 years of phishing awareness, time to scan random QRs without a thought while you are purchasing things, woo! Seriously what were they thinking?

And because it's recommended to be put in "high risk" places, people will expect them to be seen there, and so a scam/phishing QR will be so much easier to slip in.

https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-fraud-defense-the-next-evolution-of-recaptcha/

#google #captcha #recaptcha #phishing #infosec #cybersecurity

#ITByte: Do you know what is full form of #Captcha?

Today is #WorldPasswordDay. Know more about some common #Terminologies related to #Password and user #Authentication.

https://knowledgezone.co.in/posts/World-Password-Day-627397e7688874a8f4d93c77

In another sickening twist to Google's grasp on Android, Google can now require you to have an Android device with Google Mobile Services, or an iOS device with the reCAPTCHA mobile app installed, in order to solve CAPTCHAs.

https://support.google.com/recaptcha/answer/16609652

and archive: https://archive.is/Fq196

#Google #reCAPTCHA #CAPTCHA #privacy #GMS #Android

Multi-Stage AiTM Attack Uses Code Of Conduct Phishing Emails

A sophisticated credential theft campaign targeting over 35,000 users across 13,000 organizations was observed between April 14-16, 2026. The operation primarily impacted the United States, particularly healthcare and financial services sectors. Attackers used code of conduct themed phishing emails masquerading as internal compliance communications, sent through legitimate email delivery services from attacker-controlled domains. Victims received polished HTML emails with PDF attachments containing fake disciplinary logs and CAPTCHA gates to evade automated analysis. The multi-stage attack chain ultimately directed users to counterfeit Microsoft authentication pages operating as adversary-in-the-middle infrastructure, enabling real-time interception of credentials and session tokens while bypassing multi-factor authentication defenses.

Pulse ID: 69fb1736879a4a945346b9ba
Pulse Link: https://otx.alienvault.com/pulse/69fb1736879a4a945346b9ba
Pulse Author: AlienVault
Created: 2026-05-06 10:25:58

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AdversaryInTheMiddle #AitM #CAPTCHA #CyberSecurity #Email #HTML #Healthcare #InfoSec #Microsoft #OTX #OpenThreatExchange #PDF #Phishing #RAT #RCE #Troll #UnitedStates #bot #AlienVault

Breaking the code: Multi-stage 'code of conduct' phishing campaign leads to AiTM token compromise

A sophisticated large-scale credential theft campaign targeted over 35,000 users across 13,000 organizations, primarily in the United States, between April 14-16, 2026. Attackers distributed fully authenticated emails from legitimate services using code of conduct-themed lures with polished HTML templates. The multi-stage attack chain included PDF attachments with embedded links, multiple CAPTCHA challenges, and intermediate staging pages designed to appear legitimate while filtering automated defenses. Recipients were directed through several layers ultimately leading to an adversary-in-the-middle phishing flow that proxied authentication sessions and captured tokens, bypassing non-phishing-resistant multifactor authentication. The campaign broadly impacted Healthcare, Financial services, Professional services, and Technology industries, using social engineering techniques that created urgency through time-bound prompts and concerning accusations.

Pulse ID: 69f8f1230f0bda494499b941
Pulse Link: https://otx.alienvault.com/pulse/69f8f1230f0bda494499b941
Pulse Author: AlienVault
Created: 2026-05-04 19:18:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AdversaryInTheMiddle #AitM #CAPTCHA #CyberSecurity #Email #HTML #Healthcare #InfoSec #MultiFactorAuthentication #OTX #OpenThreatExchange #PDF #Phishing #SocialEngineering #UnitedStates #bot #AlienVault