4 articles tagged with "Atomic Stealer"
ClickFix attackers bypass macOS 26.4 Terminal paste scanning by using applescript:// URLs to launch Script Editor. Same payload, new delivery vector.
Threat actors bypass ClawHub security by hiding Base64 payloads in fake troubleshooting comments. Atomic Stealer delivered to unsuspecting OpenClaw users.
Microsoft Defender Experts track expanding infostealer campaigns hitting macOS via ClickFix prompts, malicious DMG installers, and Python-based stealers. DigitStealer, MacSync, and AMOS lead the wave.
Security researchers uncover ClawHavoc campaign distributing Atomic Stealer through fake cryptocurrency and productivity tools on ClawHub marketplace.