CAPTCHA-bypass lures and ClickFix-style social engineering are helping credential thieves get past both users and security tools, and the latest Q1 2026 data shows these tactics are becoming more common. Microsoft Threat Intelligence says email phishing remained massive in scale, but attackers increasingly favored link-based delivery, QR code lures, and CAPTCHA-gated pages to steal credentials. […] The post CAPTCHA Bypass and ClickFix Lures Drive Surge In Credential Theft Attacks appeared first on Cyber Security News.