This Threat Thursday session deeply delves into the ClearFake campaign, a novel browser update scam that uses compromised websites to execute malicious PowerShell scripts. Starting with a fake error message prompting users to install a "root certificate," the campaign deploys multi-stage attacks that include clipboard hijacking for cryptocurrency theft, in-memory PowerShell execution, and more.