Security News ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files TheHackerNews Daniel Bender 17 Jul 2026 Share ACR Stealer campaigns use ClickFix lures, JPEG steganography, and WebDAV to steal browser tokens, passwords, PDFs, and synced Microsoft 365 files.