The Russian cyber espionage group COLDRIVER, also known as Star Blizzard, has adopted a new attack method called ClickFix, as revealed by the Zscaler ThreatLabz team. This development introduces two malware families, BAITSWITCH and SIMPLEFIX, allowing the group to conduct highly targeted cyber attacks against individuals within strategically important organizations, such as NGOs and think tanks. By employing selective malware dissemination based on user characteristics, COLDRIVER enhances the sophistication of its operations. This evolution in tactics underscores the persistent threat of state-sponsored cyber activities and the necessity for organizations to implement robust cybersecurity measures, including phishing-resistant multi-factor authentication and strict access controls, to mitigate risks from such advanced threats.