Mayank Sahariya

In a chilling new twist on an old threat, cybercriminals are once again targeting YouTube creators—this time with an insidiously clever technique dubbed Clickflix. Masquerading as legitimate brand collaborations, attackers lure content creators into executing malicious PowerShell scripts that silently steal browser credentials, crypto wallet data, and more. CloudSEK's latest investigation dives deep into this fast-evolving campaign, exposing how the attackers weaponize fake Microsoft portals, manipulate clipboard actions, and maintain stealthy persistence. If you’re a creator, security professional, or simply curious about the latest in malware innovation—this report is a must-read.

The Lumma Stealer malware campaign is exploiting compromised educational institutions to distribute malicious LNK files disguised as PDFs, targeting industries like finance, healthcare, technology, and media. Once executed, these files initiate a stealthy multi-stage infection process, allowing cybercriminals to steal passwords, browser data, and cryptocurrency wallets. With sophisticated evasion techniques, including using Steam profiles for command-and-control operations, this malware-as-a-service (MaaS) threat highlights the urgent need for robust cybersecurity defenses. Stay vigilant against deceptive phishing tactics to protect sensitive information from cyber exploitation.