Product
Attackers compromise websites, inject malicious code posing as fake CAPTCHAs, and trick users into copying and pasting malicious commands into the Windows Run dialog box, leading to the execution of PowerShell, Cmd, or MSHTA.