Certainly I have been seeing an increase in fake captchas recently on compromised WordPress instances being used to deliver infostealers. Although a couple of months old, Netskope has a great article on how these captchas work:
https://www.netskope.com/blog/lumma-stealer-fake-captchas-new-techniques-to-evade-detection
Was a good to understand how the captcha component works to deliver the malware.
Thank u for this
Thanks for sharing @TribesmanJohn.