ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files

ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords, live session tokens, PDFs, Microsoft 365 documents, and files from synced OneDrive and SharePoint folders.

It gets in because someone pasted a command into a Run box and pressed Enter. Microsoft laid out two of the delivery chains on Thursday. Its Defender Experts team, the

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Attack Update: Top 5 Attack-IPs auf doode.info – 09.07.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. Keine relevanten IPs erfasst (ruhig oder stark gefiltert). Mehr Live-Daten und die komplette Historie im /attacks/ Watchtower-Bereich

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access

Qualcomm Linux 2.0

Qualcomm Linux 2.0 Source: Hacker News