Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to hijack Bitcoin swap transactions and redirect funds to attacker-controlled wallets.

The campaign relies on social engineering that promises large profits from a supposed Swapzone.io arbitrage exploit, but instead runs malicious code that modifies the swap process directly within the victim’s browser.

It could also be the first known ClickFix attack to use JavaScript to alter a webpage’s functionality for a malicious purpose.

Promoted through Pastebin

In the campaign spotted by BleepingComputer, threat actors are iterating through Pastebin posts and leaving comments that promote an alleged cryptocurrency exploit, with a link to a URL on rawtext[.]host.

The campaign is widespread, with many of our posts receiving comments over the past week claiming to be “leaked exploit documentation” that allows users to earn $13,000 in 2 days.

The link in the comment redirects to a Google Docs page titled “Swapzone.io – ChangeNOW Profit Method,” which claims to be a guide describing a method to exploit arbitrage opportunities for higher payouts.

“ChangeNOW still has an older backend node connected to the Swapzone partner API. On direct ChangeNOW, this node is no longer used for public swaps,” reads the fake guide.

“However, when accessed through Swapzone, the rate calculation passes through Node v1.9 for certain BTC pairs. This old node applies a different conversion formula for BTC to ANY, which results in ~38% higher payouts than intended.”

At any given time, these documents typically show between 1 and 5 active viewers, suggesting the scam is circulating.

The fake guide provides instructions to visit Swapzone.io and manually load a Bitcoin node by executing JavaScript directly in their browser’s address bar.

The instructions tell victims to visit a URL on paste[.]sh and copy a JavaScript snippet hosted on the page.

The guide then tells the reader to go back to the SwapZone tab, click on the address bar, type javascript:, and then paste the code. When the code has been pasted into the address, they state to press Enter on your keyboard to execute it, as explained below.

This technique abuses the browser’s ‘javascript:’ URI feature, which allows users to execute JavaScript from the address on the currently loaded website.

By convincing victims to run this code on Swapzone.io, attackers can manipulate the page and alter the swap process.

BleepingComputer’s analysis of the malicious script hosted at paste[.]sh shows that it loads a secondary payload from https://rawtext[.]host/raw?btulo3.

This heavily obfuscated script is injected directly into the Swapzone page, overriding the legitimate Next.js script used for handling Bitcoin swaps to hijack the swap interface.

The malicious script includes embedded Bitcoin addresses, which are randomly selected and injected into the swap process, replacing the legitimate deposit address generated by the exchange.

Because the code executes within the Swapzone.io session, victims see a legitimate interface but end up copying and sending funds to attacker-controlled Bitcoin wallets.

In addition to replacing the deposit address, BleepingComputer was told that the script modifies displayed exchange rates and offer values, making it feel like the alleged arbitrage exploit is actually working.

Unfortunately, as Bitcoin transactions cannot be reversed, if you fell for this scam, there is no easy way to recover your money.

A novel ClickFix variant

This campaign is a variant of the ClickFix attacks, a social engineering technique that tricks users into executing malicious commands on their computer, typically to install malware.

Normally, ClickFix attacks target operating systems by telling victims to run PowerShell commands or shell scripts to fix alleged errors or enable functionality.

In this case, instead of targeting the operating system, the attackers instruct victims to execute JavaScript directly in their browser while visiting a cryptocurrency exchange service.

This allows the malicious code to modify the page and intercept transaction details.

This may represent one of the first reported ClickFix-style attacks specifically designed to use JavaScript in the browser and steal cryptocurrency.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

A recent example was published in 2025 by researchers at the European X-Ray Free-Electron Laser Facility near Hamburg, among other institutions. They cooled iodopyridine, an organic molecule consisting of 11 atoms, almost to absolute zero and hammered it with a laser pulse to break its atomic bonds. The team found that the motions of the freed atoms were correlated, indicating that, despite its chilled state, the iodopyridine molecule had been vibrating. “That was not initially the main goal of the experiment,” said Rebecca Boll, an experimental physicist at the facility. “It’s basically something that we found.”

Perhaps the best-known effect of zero-point energy in a field was predicted by Hendrick Casimir in 1948, glimpsed in 1958, and definitively observed in 1997. Two plates of electrically uncharged material—which Casimir envisioned as parallel metal sheets, although other shapes and substances will do—exert a force on each other. Casimir said the plates would act as a kind of guillotine for the electromagnetic field, chopping off long-wavelength oscillations in a way that would skew the zero-point energy. According to the most accepted explanation, in some sense, the energy outside the plates is higher than the energy between the plates, a difference that pulls the plates together.

Quantum field theorists typically describe fields as a collection of oscillators, each of which has its own zero-point energy. There is an infinite number of oscillators in a field, and thus a field should contain an infinite amount of zero-point energy. When physicists realized this in the 1930s and ’40s, they at first doubted the theory, but they soon came to terms with the infinities. In physics—or most of physics, at any rate—energy differences are what really matters, and with care physicists can subtract one infinity from another to see what’s left.

That doesn’t work for gravity, though. As early as 1946, Wolfgang Pauli realized that an infinite or at least gargantuan amount of zero-point energy should create a gravitational field powerful enough to explode the universe. “All forms of energy gravitate,” said Sean Carroll, a physicist at Johns Hopkins University. “That includes the vacuum energy, so you can’t ignore it.” Why this energy remains gravitationally muted still mystifies physicists.

In quantum physics, the zero-point energy of the vacuum is more than an ongoing challenge, and it’s more than the reason you can’t ever truly empty a box. Instead of being something where there should be nothing, it is nothing infused with the potential to be anything.

“The interesting thing about the vacuum is every field, and therefore every particle, is somehow represented,” Milonni said. Even if not a single electron is present, the vacuum contains “electronness.” The zero-point energy of the vacuum is the combined effect of every possible form of matter, including ones we have yet to discover.

Original story reprinted with permission from Quanta Magazine, an editorially independent publication of the Simons Foundation whose mission is to enhance public understanding of science by covering research developments and trends in mathematics and the physical and life sciences.

A good gaming laptop deal is not just about saving money. It’s about landing the right mix of GPU, CPU, and storage so you don’t feel boxed in six months from now. This Presidents’ Day promo on the HP Victus 15.6-inch gaming laptop hits that sweet spot: it’s $999.99, down from $1,369.99, saving you $370. The important detail is the deadline. The deal ends on Feb. 17, 2026, so this is more of a “grab it while it’s live” situation than a price you can assume will stick around.

What you’re getting

This configuration checks the boxes most people actually care about for 2026 PC gaming and everyday use:

• 15.6-inch Full HD display with a 144Hz refresh rate for smoother gameplay and less blur in fast motion
• Intel Core i7-13620H (2023), a capable CPU for gaming plus school/work multitasking
• NVIDIA GeForce RTX 5060 for modern titles and GPU-accelerated creative apps
• 16GB memory for running games, voice chat, browsers, and background apps without constant slowdowns
• 1TB SSD so you can install several large games and still have room for projects, clips, and downloads

In other words, it’s a “play, stream, edit, and study” machine, not a laptop that only feels good on day one.

Why it’s worth it

Here’s the practical angle: many laptops around this price force compromises that become annoying quickly (small storage, weaker GPU, or screens that feel laggy). This one avoids the common traps. The 144Hz panel matters more than people expect because it makes everything feel more responsive, even outside gaming. And 1TB storage is a quality-of-life perk if you bounce between a handful of big games or keep media locally.

It’s also a smart pick for anyone who wants a laptop that can handle gaming now and still be useful later for productivity. The i7 chip and 16GB memory are what keep it feeling “current” when your workload is not just one app at a time.

The bottom line

At $999.99, this HP Victus is a solid Presidents’ Day deal for anyone who wants a balanced gaming laptop with a high-refresh display, modern graphics, and enough storage to avoid juggling installs. If you were already shopping in the under-$1,000 range, the $370 discount and the Feb. 17, 2026 end date make this one worth moving on sooner rather than later.

Microsoft says it has resolved a Windows 11 bug that caused some commercial systems to fail to boot with an “UNMOUNTABLE_BOOT_VOLUME” error after installing recent security updates, with the fix delivered in the February 2026 Patch Tuesday update.

The boot issue, which Microsoft previously investigated and linked to failed December 2025 updates, affected a limited number of commercial Windows 11 devices running versions 25H2 and 24H2.

According to a private enterprise advisory seen by Susan Bradley of Ask Woody, the issue has now been marked as fully resolved in the Windows 11 KB5077181 security update released on February 10, 2026.

Microsoft says impacted devices suffered boot failures after installing the January 13, 2026, security update KB5074109 or later updates, displaying a black screen and the message: “Your device ran into a problem and needs a restart. You can restart.”

At that point, impacted systems were unable to boot and required manual recovery to restore functionality.

Microsoft previously confirmed the issue was caused by the failed installation of the December 2025 security update, leaving devices in an improper state after the installation rolled back. 

Attempting to install future Windows updates on devices with this “improper state” could cause the system to become unbootable.

Microsoft said the issue affected only physical devices running Windows 11 25H2 and 24H2, and did not receive reports of it affecting home users or virtual machines.

Fix delivered in February Patch Tuesday update

Microsoft says it previously released an initial resolution in the optional non-security preview update KB5074105 on January 29, 2026, which helped prevent additional systems from becoming affected by the bug.

The company now says the issue is fully resolved in the Windows 11 KB5077181 update released during the February 2026 Patch Tuesday and later updates.

“This issue is fully resolved in the Windows security update released on February 10, 2026 (the Resolved KBs listed above), and later updates,” reads Microsoft’s advisory.

Unfortunately, devices that became unbootable before the fix was released may still require additional remediation. 

Microsoft advises enterprise customers whose devices remain affected to contact Microsoft Support for Business for assistance restoring system stability.

It is unclear why Microsoft did not share this advisory publicly, as it does for other known Windows issues.

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide

If you’ve been wondering what’s next for Netflix’s Terminator Zero in the time since its first season, we finally have an update, and it’s a bummer. Responding to a fan on social media, showrunner Mattson Tomlin said this weekend that the show has been canceled. Despite being generally well received, Tomlin noted that “at the end of the day not nearly enough people watched it.”

Season one of Terminator Zero was released in August 2024 and focused on the events around Judgment Day — August 29, 1997, as established in Terminator 2 — and its aftermath, jumping forward to 2022, more than two decades into a war between humans and machines. In the post about the show’s cancellation, Tomlin wrote, “I would’ve loved to deliver on the Future War I had planned in season’s 2 and 3, but I’m also very happy with how it feels contained as is.”

Tomlin went on to praise the marketing team in additional replies for “trying to really make the show work,” as well as the hundreds of people who worked on the show. Offering a bit of insight, Tomlin wrote, “Generally speaking, anime audiences skew younger. Terminator audiences skew older. Terminator Zero asked them to meet in the middle, and they didn’t in the way the corporation needed to justify the spend to continue. I’m extremely grateful to the people who have watched it.”

Tesla’s long-awaited adoption of Apple CarPlay is still happening – just not as quickly as some drivers had hoped. After signaling last year that support could arrive by the end of 2025, the electric carmaker has hit a few unexpected hurdles that are slowing the rollout, according to the latest edition of Bloomberg’s Power On newsletter.

A delayed but ongoing integration

Tesla began working to bring Apple’s CarPlay system to its vehicles amid a period of soft sales and mounting pressure to boost demand. At the time, adding CarPlay was viewed internally as more than a minor software update. For many car buyers, CarPlay has become a must-have feature – a familiar, iPhone-like interface that seamlessly integrates navigation, messaging and music into the dashboard.

Despite Tesla’s reputation for having one of the best in-house infotainment systems in the auto industry, customer demand for CarPlay has remained strong. Tesla’s software already supports Apple Music, Spotify, video playback, web browsing and deep integration with its Full Self-Driving (FSD) system. But for many users, that’s not enough. CarPlay’s simplicity and ecosystem integration remain a powerful draw.

Tesla confirmed plans to support CarPlay in a windowed mode within its existing interface. However, technical challenges have pushed the timeline back.

During testing, Tesla discovered compatibility issues between Apple Maps and its own mapping software used for self-driving features. Specifically, turn-by-turn guidance from Tesla’s navigation system did not properly synchronize with Apple Maps when autonomous driving was active. In scenarios where both systems were visible side by side, this mismatch could confuse drivers.

Tesla requested engineering changes from Apple to address the issue. Apple implemented the fix in a later update to iOS 26 and the latest version of CarPlay. But another obstacle emerged: not enough users had installed the updated software.

CarPlay isn’t just another dashboard app – it’s become a central part of how many drivers interact with their vehicles. For iPhone users especially, the ability to mirror apps, access messages, use Apple Maps or Google Maps, and rely on Siri through a familiar interface can significantly improve the driving experience.

Tesla has long resisted adding CarPlay, arguing that its own system offers superior integration

But as competitors increasingly include CarPlay as standard, the absence has been a sticking point for some potential buyers. Adoption rates of iOS 26 have been slower than previous releases. Apple recently revealed that 74% of iPhones released in the past four years are running iOS 26 – slightly behind the pace of earlier updates. Crucially, the necessary Apple Maps fix did not arrive in the initial iOS 26.0 release but in subsequent updates. Apple has not disclosed how many users are on those later builds.

For Tesla, rolling out CarPlay before a critical mass of drivers has the compatible software could create inconsistencies and support issues. That has prompted a more cautious approach.

The good news is that CarPlay remains firmly on Tesla’s roadmap. As iOS 26 adoption continues to rise, the technical barriers should gradually ease. Apple is also expanding CarPlay functionality, adding support for third-party voice chatbot apps and enhancing its premium Ultra version – moves that could make the eventual Tesla integration even more compelling.

For now, Tesla drivers eager for CarPlay will need to wait a little longer. But the direction is clear: the feature is coming – just on a timeline dictated as much by software adoption as by engineering.