Your News Talk and Sports Leader
A newly discovered web security vulnerability is putting internet users in New York and beyond at serious risk. This dangerous hack targets popular browsers like Chrome, Edge, and Safari and allows cybercriminals to exploit your actions with just a simple double-click.
The threat, revealed by application security expert Paulos Yibelo, presents a new challenge in the world of online security. Unlike traditional clickjacking attacks, which have been largely mitigated by browser protections, double clickjacking bypasses these safeguards by manipulating the timing of mouse clicks. This allows hackers to trick users into unknowingly authorizing account actions—such as confirming logins or making financial transactions—while they believe they are clicking something else, like a CAPTCHA.
Known as "double clickjacking," here's how the attack works: When you double-click on a webpage, your browser may trigger an invisible action behind the scenes. Attackers can then exploit this by replacing legitimate prompts with malicious ones, making it appear as though you're interacting with something harmless when, in reality, you're unknowingly granting hackers access to your accounts.
The danger here is immense. As Yibelo explains, double clickjacking affects almost every website and browser, leaving countless users vulnerable to account takeovers, unauthorized transactions, and even cryptocurrency wallet compromises. This threat doesn't just target websites—it can affect apps, financial accounts, and any platform where user authorization is required. And the worst part? You don't need to do anything out of the ordinary. Just a double-click could be enough to open the door for hackers.
In response to this threat, Yibelo urges developers and cybersecurity teams to step up their defenses by tightening control over embedded windows and being vigilant about multi-click actions. But until more robust in-browser mitigations are available, the best advice for users is to avoid double-clicking whenever possible, particularly on websites where you have sensitive information stored.
Cybersecurity experts are raising alarms, warning that hackers are becoming more adaptive and creative with their tactics. While the rise of double clickjacking poses new challenges, it also highlights the growing need for vigilance in both personal and professional cybersecurity practices.
In the meantime, users should exercise caution and avoid double-clicking on any suspicious or unfamiliar links until browser updates can address this new vulnerability.
Gallery Credit: Dave Wheeler
English 
Français