-
GhostClaw is a multi-stage macOS infostealer that now abuses both GitHub and AI-assisted development workflows to harvest credentials and deploy secondary payloads, significantly widening its potential victim base. Jamf Threat Labs has since expanded o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) show that Macs are no longer a niche target but a priority for cybercrime ecosystems. Marketed as a premium Malware‑as‑a‑Servic…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of ClickFix campaigns targeting macOS users and delivering the MacSync infostealer, signaling a growing shift in threat actor tactics against Apple devices. The attacks rely heavily on social engineering rather than software exploits, tricki…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers warn of a fake CleanMyMac site using a ClickFix attack to install SHub Stealer on macOS and steal passwords and crypto wallets.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ExifTool is a ubiquitous open-source solution for reading, writing, and editing image metadata. It’s the go-to tool for photographers and digital archivists, and is widely used in data analytics, digital forensics, and investigative journalism. Can a c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three actively exploited vulnerabilities affecting multiple Apple platforms. On March 5, 2026, CISA added these security flaws to its Known Exploited Vulne…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security vulnerability has been discovered in the IPVanish VPN application for macOS. This flaw allows any unprivileged local user to execute arbitrary code with root privileges without requiring any user interaction. The attack bypasse…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed “malext,” which steals sensitive data such as browser credential…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DigitStealer’s expanding command-and-control (C2) footprint is exposing more of its backend than its operators likely intended, giving defenders fresh opportunities to track and block new infrastructure linked to the macOS‑targeting infostealer. Unlike…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ClickFix is being weaponized against macOS developers by turning a trusted Homebrew workflow into a stealthy delivery channel for a new infostealer dubbed Cuckoo Stealer. The campaign shows how attackers can skip exploit chains entirely and instead rel…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
