ACR Stealer Malvertising: Fake Claude AI Download Pages Deliver Windows Credential Stealer

An active Google Ads malvertising campaign is pushing ACR Stealer via fake Claude AI download pages. IOCs, SHA256 hashes, C2 domains, and detection guidance inside.