https://www.paulosyibelo.com/2024/12/doubleclickjacking-what.html
A new cyberattack technique dubbed “DoubleClickjacking” has been discovered, exploiting the timing between double-clicks to bypass existing clickjacking protections. This allows attackers to trick users into unknowingly granting permissions or performing actions on websites, potentially leading to account takeovers and data theft.
DoubleClickjacking leverages the brief window between two mouse clicks to seamlessly redirect users to malicious pages while they interact with seemingly innocuous elements. This method can bypass common security measures like X-Frame-Options and SameSite cookies, which are designed to prevent clickjacking attacks.
While this technique builds upon existing clickjacking methods, it introduces a new layer of complexity that requires a re-evaluation of current security measures. Researchers suggest that browser vendors should consider implementing new standards to specifically address this vulnerability.
This disclosure follows the discovery of another clickjacking variant earlier this year, highlighting the ongoing evolution of cyberattack techniques and the need for continuous vigilance in online security.