GLOBAL SITUATIONMONITORING
517 published briefsUTCSat, May 16 03:51:16
Infostealer malware
RedLine, Lumma, Vidar malware used to steal credentials for cloud attacks.
1 intelligence brief← Intelligence Hub
-
Microsoft says ClickFix campaign used Windows Terminal to deploy Lumma Stealer
Microsoft says a widespread ClickFix campaign observed in February 2026 used Windows Terminal instead of the Run dialog to launch a multi-stage attack chain that downloaded payloads, set scheduled-task persistence, added Defender exclusions, and injected Lumma Stealer into Chrome and Edge.