[AlotOfReading]

And now your keylogger doesn't even need to clear the minimal hurdle of using the screen recording APIs to get screen data, it can simply read a folder to defeat "secure" onscreen keyboards and it'll work across the vast majority of (future) computers.

Now thousands of tech-impaired organizations have to proactively go out and find alternatives that don't alienate their users. How many of do you think will get it right as opposed to ever more inconvenient security theater to satisfy compliance checklists?