Security experts have warned Windows users about the Lumma Stealer malware, which is being disseminated through fake human verification pages masquerading as Google's CAPTCHA. These phishing sites lure users into clicking a button that triggers the download of malware via a PowerShell script. Once executed, the malware connects to attacker-controlled domains to steal sensitive information. The malware, initially discovered by Palo Alto Networks, spreads through a zip file named 'dengo.zip.' Users are advised to update their software and be cautious of suspicious verification pages to avoid infection.