Microsoft Defender Experts says two ACR Stealer campaigns observed from late April through mid-June 2026 are using ClickFix prompts to turn ordinary browser activity into enterprise credential theft. The immediate risk is not merely a malware alert: successful infections can expose Chromium...