4 min learnNew DelhiJul 2, 2026 01:30 PM IST
Opera on Thursday, July 2, launched a brand new in-browser function that appears to guard customers from clipboard-based cyber assaults similar to hijacking and pastejacking.
Generally known as ‘Paste Defend’, the function is constructed immediately into Opera’s desktop browsers and switched on by default, so customers are protected mechanically with no setup required, in line with the Norway-based browser maker. Paste Defend is particularly designed to guard customers towards ClickFix-based cyber assaults, which accounted for over half of malware-loading cyber assaults in 2025, as per Opera.
The natively built-in safeguard makes Opera one of many first browsers to roll out this function. It comes at a time when synthetic intelligence (AI) is extensively anticipated to make cyber assaults simpler to launch by decreasing technical boundaries. That potential danger is particularly acute in browsers, with researchers warning that AI browser brokers similar to Perplexity’s Comet or ChatGPT Atlas are notably weak to oblique immediate injection assaults.
“ClickFix assaults succeed as a result of they flip the person right into a weapon. The clipboard is the final level earlier than a malicious command is run, in order that’s the place we constructed our protection. With Paste Defend, we’re stopping these assaults on the actual second they’d usually succeed,” Pawel Kurzelewski, head of safety at Opera, stated in an announcement.
“Opera had already been defending customers from paste hijacking for half a decade -it made sense to broaden that safety to deal with one of the more and more severe on-line threats,” Mohamed Salah, senior director of product at Opera, stated.
What’s a ClickFix-style assault?
ClickFix-style assaults got down to goal victims by displaying them a video that gained’t play or a CAPTCHA that doesn’t confirm them as a human. Step one is often one thing small and peculiar, as per the corporate with greater than 300 million month-to-month energetic customers throughout its browser household.
The following step within the assault entails displaying the potential sufferer a pop-up which claims to supply a repair to the earlier situation. It instructs them to repeat a brief command and paste it into their laptop’s terminal. Customers are simply duped because it seems like routine troubleshooting.
Story continues beneath this advert
Nonetheless, in actuality, the command will be for putting in malware on the person’s system, stealing saved passwords, and even enabling the risk actor to remotely entry their system. “What makes ClickFix so efficient is that it sidesteps most present defences fully. Antivirus software program and electronic mail filters are constructed to catch threats arriving from outdoors, not instructions a person varieties or pastes in themselves,” Opera stated.
ClickFix-based cyber assaults account for over 53 per cent of this type of malicious exercise, in line with cybersecurity agency Huntress.
How does Paste Defend assist?
Opera’s new function doubles as “a strong early warning system that may alert much less skilled customers whereas nonetheless enabling extra management for extra tech-savvy customers or builders.”
Opera customers are already protected by a Hijack safety function designed to cease exterior functions from swapping out clipboard contents for one thing dangerous with out the person noticing. Paste Protects builds on this function and comes with a singular Injection safety ingredient which displays clipboard exercise in actual time for probably malicious instructions which are copied by the person or positioned there by a web site.
Story continues beneath this advert
Paste Defend additional depends on superior detection methods to identify patterns related to malicious scripts. These methods are tailor-made to units working Home windows, macOS, and Linux.
Upon detecting a risk, Paste Defend blocks any copy motion and exhibits customers a pop-up warning explaining what occurred. It additionally seems as a crimson icon seems within the handle bar. Customers can see the primary 120 characters of the blocked content material. Solely builders working with trusted sources can override the block or mark particular websites as protected.


