ClickFix Evolves with PySoxy Proxying

### Executive summary: ReliaQuest observed a ClickFix campaign where a user-pasted PowerShell command led to scheduled-task persistence, an in-memory PowerShell C2 that polled every three seconds, environment reconnaissance, and the subsequent deployment of PySoxy (a Python SOCKS5 proxy) from ProgramData; the chain created redundant encrypted access paths, and the report provides IOCs and actionable detection and remediation guidance.