ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
Microsoft observed a surge in ACR Stealer attacks from late April to mid-June, using ClickFix lures to steal browser passwords, authentication tokens, and documents from enterprise customers. The malware-as-a-service operation, a rebranding of Amatera Stealer, delivers payloads via WebDAV servers or steganographic JPEG images, with variants using blockchain dead-drop resolvers for C2 addresses.
Tap to vote and see what everyone thinks.
The Hacker News leads with the technical lure method, while BleepingComputer leads with Microsoft's warning and downplays the attack vector.
Summary by ByteBrief