This sounds like some LLM to me

Just flag and move on.

To add onto this, cloudflare switched away from recaptcha a while ago. https://blog.cloudflare.com/moving-from-recaptcha-to-hcaptch...

I think they now use their own Cloudflare turnstile if I remember correctly, but back then they switched to hcaptcha.

You can still use the audio captcha, but I’m not sure how long that’ll be around.

Google will incur serious lawsuits if they remove that accessibility aspect.

Google has already been crippling the audio CAPTCHA access for many years. If your trust score is low enough, the visual challenge is ridiculously slow and noisy, and pressing the audio challenge button will just give you an error saying "To protect our users, we can't process your request right now", accessibility be damned. Where are the lawsuits? I want to believe there are still forces that would create hell to pay for doing something so evil, but I'm not seeing any.

They'll keep it, but require TPM in each ear.

Haven't you heard? Accessibility is woke, and the institutions that are supposed to protect it are being dismantled. I wouldn't be counting on those lawsuits going anywhere personally.

Canvas seems like it’s not that great. But if you then use Blackboard Ultra it makes canvas look amazing.

OP here. My university was targeted by a recent phishing attack, and these are my findings. I hope this helps others, but this was my first experience with an Adversary in the Middle (AitM) attack.