Security
ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files
The Hacker News·July 17, 2026·1 min read
ACR Stealer, an infostealer active since 2024, uses ClickFix lures to steal browser passwords, session tokens, PDFs, Microsoft 365 documents, and files from OneDrive and SharePoint. It enters when a user pastes a command into a Run box. Microsoft detailed two delivery chains on Thursday.
Read at The Hacker NewsDaily crypto arcade
Read the news, then play it.
Chainshorts turns crypto headlines into a daily game. Catch up in 60 words, then jump into daily lucky draws for a shot at the pot.
