By The Hacker News
Publication Date: 2026-02-04 07:42:00
Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale.
The tech giant’s Defender Security Research Team said it observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix since late 2025 to distribute disk image (DMG) installers that deploy stealer malware families like Atomic macOS Stealer (AMOS), MacSync, and DigitStealer.
The campaigns have been found to use techniques like fileless execution, native macOS utilities, and AppleScript automation to facilitate data theft. This includes details like web browser credentials and session data, iCloud Keychain, and developer secrets.
The starting point of these attacks is often a malicious ad, often served through Google Ads, that redirects users searching…
