New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites -

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. “Instead of relying on a single click, it takes advantage of a double-click sequence,” Yibelo said.

January 1, 2025

Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites.
The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo.
“Instead of relying on a single click, it takes advantage of a double-click sequence,” Yibelo said.

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Leave a Reply Cancel reply

Related Posts

U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns

New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers