There’s a new scam making the rounds, and while it first appeared late last year, it’s now gaining traction on security forums and websites I follow. Attackers have found a way to exploit CAPTCHAs — the very tool designed to keep websites safe from bots — turning them into a method for tricking users into executing malicious actions.