ACR Stealer campaigns using ClickFix social engineering
Security researchers have observed increased activity involving ACR Stealer, an information-stealing malware family associated with the Amatera Stealer ecosystem. The activity was particularly prevalent from late April through mid-June 2026 and has successfully compromised enterprise environments.