Opera has added a new security feature called Paste Protect to its desktop browser, and you probably won’t even notice it’s there until it stops something suspicious. The feature is enabled by default, with no settings to tweak or extensions to install.
The idea behind it is straightforward. If a website tries to convince you to copy and run a dangerous command, Opera wants to catch it before you paste it into Terminal, PowerShell, or another command prompt.
That kind of scam has become a lot more common over the past year. You land on a page that claims your browser needs repairing, a CAPTCHA has failed, or a video won’t play. It then walks you through a few “fix” steps, which usually include copying a command from the page. The command looks harmless to most people, but running it can install malware, steal passwords, or give an attacker access to your computer. A cybersecurity company called Huntress said ClickFix campaigns were behind more than 53 percent of malware-loading attacks during 2025.
Paste Protect is made up of two separate protections. One of them isn’t actually new. Opera has spent years blocking applications from quietly replacing whatever you’ve copied with something else. That’s useful against clipboard hijacking, where a copied cryptocurrency wallet address or another piece of text is swapped without you noticing.
The new part is aimed at clipboard injection. Opera now monitors what gets copied to the clipboard and flags commands that appear risky. If it thinks that something isn’t right, the browser blocks the copy action, throws up a warning, and adds a red icon in the address bar. You’ll still be able to see the first 120 characters of the blocked command, and developers can choose to bypass the warning if they’re working with code from a source they trust.
We’ve been seeing clipboard-related attacks pop up quite a bit lately. Just yesterday, we covered two fake VPN extensions for Chrome and Firefox that quietly collected clipboard data and sent it back to attacker-controlled servers.
McAfee also recently uncovered a fake “Google Notes” browser extension that targeted cryptocurrency users. Instead of stealing the clipboard outright, it watched for copied wallet addresses and silently replaced them with addresses controlled by the attackers. The campaign even relied on blockchain-hosted infrastructure, making it harder to disrupt.
Chrome and Firefox continue to receive regular security improvements, but neither browser currently includes a built-in feature that checks clipboard contents for malicious commands before they’re pasted. Opera is taking a slightly different approach by treating the clipboard itself as another place where an attack can be interrupted.
Opera Head of Security Pawel Kurzelewski said the clipboard is effectively the last chance to stop a malicious command before it runs.
Whether attackers find ways around Paste Protect is another question. ClickFix scams have spread quickly because they rely on people following instructions instead of exploiting software bugs. That also means browser makers have to find new ways to break the chain, and Opera’s latest feature is one attempt to do exactly that.
The post Opera beats Chrome and Firefox to native clipboard attack protection appeared first on PiunikaWeb.