Researchers have uncovered a multi-stage attack involving infected sites, fake Chrome updates, and a JScript downloader to deploy the BadSpace malware. Threat actors are using fake Google Chrome, Microsoft Word, and OneDrive errors to trick users into downloading malware. Cyber experts warn of new Google Chrome and Microsoft Word money-stealing malware. A new, highly evasive malware loader named SquidLoader has been discovered, primarily targeting Chinese organizations via phishing emails. Additionally, a new Rust-based malware called Fickle Stealer targets sensitive data from crypto wallets and browsers through various attack methods, including PowerShell for UAC bypass and data exfiltration. Cybercriminals also exploit SEO tricks and social engineering tactics to deploy Hijack Loader and Vidar Stealer, targeting unsuspecting users.