A new wave of cyberattacks is leveraging AI-generated TikTok videos to distribute malware, including infostealers like Vidar and StealC. These videos falsely promise free upgrades to premium services such as Spotify and Microsoft Windows, tricking users into installing malicious code that can spy on their computers. This tactic, known as "ClickFix," abuses CAPTCHA overlays to socially engineer users into self-infection and has been gaining traction over the past 8 to 12 months. One such video amassed 500,000 views before being removed. Additionally, a hacker group named ViciousTrap has compromised 5,300 Cisco routers across 84 countries by exploiting the CVE-2023-20118 vulnerability, deploying a script called NetGhost to create a global honeypot network for covert surveillance rather than attacks. Attackers are also targeting platforms like TikTok and Instagram using malicious Python tools to exploit undocumented APIs, mimicking user behavior to bypass traditional security defenses.