GLOBAL SITUATIONMONITORING
482 published briefsUTCSun, Apr 5 23:38:51
Infostealer malware
RedLine, Lumma, Vidar malware used to steal credentials for cloud attacks.
1 intelligence brief← Intelligence Hub
-
Microsoft says ClickFix campaign used Windows Terminal to deploy Lumma Stealer
Microsoft says a widespread ClickFix campaign observed in February 2026 used Windows Terminal instead of the Run dialog to launch a multi-stage attack chain that downloaded payloads, set scheduled-task persistence, added Defender exclusions, and injected Lumma Stealer into Chrome and Edge.