CrashFix — Identified by Microsoft Defender in January 2026, this variant deliberately crashes the victim's browser, then lures them into executing malicious commands to "restore" functionality .
ConsentFix — A browser-native variant that abuses OAuth authorization flows to compromise Microsoft accounts without malware, credential harvesting, or even requiring the user to paste a command . Security firm revel8 observed seven active ClickFix variants in Q1 2026, including ConsentFix and an "AI-fix" variant targeting AI tool onboarding workflows
.
An analysis of roughly 3,000 live ClickFix payloads by Threadlinqs Intelligence revealed that backend servers dynamically generate freshly obfuscated PowerShell commands using Base64, AES, TripleDES, Rijndael, and Deflate compression .
Malicious AI skills / Agentic Skills — According to an El País report (July 8, 2026) citing ESET's latest threat data, ESET alerted that over the span of just two months, the number of unique "AI Skills" (plugins for AI agents) it analyzed grew from roughly 60,000 to nearly 900,000. Of those, malicious or suspicious AI skills numbered over 3,000 . This represents an explosive growth in AI-agent-based attack tooling.
PromptSpy — ESET Research discovered PromptSpy, the first known Android malware to use generative AI during its execution flow . The malware queries Google's Gemini model to interpret on-screen elements on the compromised device and dynamically determine where to tap — solving the problem of unpredictable screen layouts across thousands of phone models and languages
. Its primary capability is deploying a VNC module for remote control
. Researchers noted it may be a proof-of-concept, but it signals a major shift toward AI-assisted mobile malware
.
Ransomware attack volume is still rising. Comparitech recorded 4,217 ransomware attacks globally in H1 2026 — an 11% increase from H2 2025 (3,809), averaging 23 attacks per day . ESET projected a 40% year-over-year increase in ransomware victims based on 2025 leak-site data
.
Over 100 EDR-killer tools. ESET's H2 2025 Threat Report notes that EDR-killer tools continued to proliferate, with Akira, Qilin, and Warlock among the top users . ESET's deep-dive into the Gentlemen RaaS gang documented its use of both custom and third-party/leaked EDR killers including HexKiller
. The ESET MDR Q1 2026 report confirms EDR killers are now a standard component of ransomware operations
. Multiple sources confirm that the ecosystem of distinct EDR-killing tools has surpassed 100, using BYOVD (Bring Your Own Vulnerable Driver) techniques
.
Ransom payment rates fall to historic lows. Coveware reported the Q4 2025 ransom payment rate plummeted to 23% (a historic low), and by Q4 2025 it fell further to 20% — meaning fewer than 1 in 5 victims paid . Chainalysis tracked total on-chain ransomware payments at roughly $820 million in 2025, the lowest full-year figure since 2021 and an 8% drop from 2024
. Despite fewer victims paying, the median ransom payment rose sharply (up 132% QoQ to $325,000), suggesting attackers are concentrating on higher-value targets
.