A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Security researchers uncover the first malicious Outlook add-in, hijacked to steal 4,000+ Microsoft credentials in new supply chain attack.