Well, I'm very late to this topic but have been dealing with similar issues myself.

My computer has been hacked twice in the last six months. The first time I downloaded some software from a new source that I didn't vet ahead of time. Turn out it installed a RaT on my PC (remote access). The hacker waiting a few weeks waiting for the right time to take over. When they did, I was away at rehearsal. My Google messages was connected to my PC, so they were able to use that for 2FA to connect my credit card to their device. Luckily I got a notification about the 2FA and ran out of rehearsal and went through a 24 hour process of locking everything down, including having my girlfriend unplug my PC ASAP. They had stolen all my Chrome credentials (passswords, etc.)

The second time was recently via Discord. Someone who I worked with briefly with a startup company DMed me about trying an indie game their sister made and leaving a review for her birthday. It sounded sus, so I used VirusTotal to scan it and it came back clean. Well...it turns out the virus was so new it just wasn't reported yet. That gave me a false sense of security. The virus tried to steal my credentials (luckily I had that locked down, so they only got some old Microsoft Edge passwords). The hacker hijacked my Discord, deleted my server list, friend list, and DM list and DMed me to try and blackmail me to get my stuff back. I couldn't believe I had gotten hacked again...

So anyway, here are the steps I'm taking...

1. Don't use a common browser. I'm using Perplexity's Comet now as most viruses don't know to look for that.

2. Never leave your PC unlocked if unattended. I have it set to auto-lock now when my phone leaves my office. I'm setting up biometrics to unlock my PC.

3. Use an encrypted password manager for passwords. I'm setting up Bitwarden now. I'm setting it up to use biometrics to avoid a keylogger getting my master password.

4. Set up 2FA with authenticator app or hardware key. I'm using an app at the moment, as a hardware key seems overkill for me. Obviously have your reset key written down and hidden somewhere (I lost another Discord account when I didn't do that). Don't use texts for 2FA and have a pass/biometric lock on your 2FA account as well.

5. Set up notifications for any bank/credit card transactions. Early warnings can help you lock down things fast.

6. Scan and double scan everything. Unless it's from a reputable site, scan anything before you open it. Looking back at VirusTotal, I should have gone to the "behavior" tab and then I would have seen the suspicious behavior the file was doing. Use AI to check the results and it can tell if you if you should avoid the file.

7. Ask AI to help. AI is getting pretty good at being helpful at things like this. The second time I was hacked, I used AI to help me analyze my traffic to make sure I didn't have a RaT, to completely eliminate the virus, to do multiple scans, etc. It might be worth it to just ask AI to walk you through all the steps to make sure you don't have malicious software already hiding on your computer.

8. But don't give AI access to your PC. This is more future-proofing, but AI will absolutely be used as an exploit for future hackers. I'm already worried about Perplexity's Comet browser backfiring in that way. Prompt injections are becoming popular and can really screw you over quick if you give AI too much access.

That's all I can think of off the top of my head. Good luck! It's a nightmare...

Yeah, I've mostly been lurking Discord and haven't checked this site as much. I'm looking for work starting in June if anyone has leads...

Sounds good, I haven't been on discord much but I keep an eye on messages! The others are on there as well!

Merry Christmas!

No advice i am afraid. But big hugs to you all!

Nocry!  No worries - big hug reciprocated, my friend!