ACR Stealer campaigns use ClickFix lures, JPEG steganography, and WebDAV to steal browser tokens, passwords, PDFs, and synced ...
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
CVE-2026-59208, a JWT matching flaw that could log users into another issuer’s account on affected multi-issuer Enterprise ...