Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

Randy Rainbow Draws Donald Trump as ‘Psychopathic’ in Jazzy Song Parody

Serena Williams returns to Wimbledon in Nike tennis kit

Bear’s final run is a season of disappointment

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » Microsoft warns that Python Infostears is targeting macOS via fake ads and installers
Celebrities

Microsoft warns that Python Infostears is targeting macOS via fake ads and installers

By February 4, 2026No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

Ravi LakshmananFebruary 4, 2026Malvertising/information thieves

macOS via fake ads and installers

Microsoft warned that information theft attacks are “rapidly expanding” beyond Windows to target Apple’s macOS environment by leveraging cross-platform languages ​​such as Python and abusing trusted platforms for large-scale distribution.

The tech giant’s Defender Security Research team said it has observed information stealer campaigns targeting macOS since late 2025 using social engineering techniques such as ClickFix to distribute disk image (DMG) installers that deploy stealer malware families such as Atomic macOS Stealer (AMOS), MacSync, and DigitStealer.

The campaign has been found to use techniques such as fileless execution, native macOS utilities, and AppleScript automation to facilitate data theft. This includes details such as web browser credentials and session data, iCloud keychain, and developer secrets.

The starting point for these attacks is often malicious ads served through Google Ads. The ad redirects users searching for tools like DynamicLake and artificial intelligence (AI) tools to a fake site that uses the ClickFix lure to trick users into infecting their machines with malware.

“Python-based stealers are utilized by attackers to rapidly adapt, reuse, and target disparate environments with minimal overhead,” Microsoft said. “These are typically distributed via phishing emails and collect login credentials, session cookies, authentication tokens, credit card numbers, and crypto wallet data.”

One such stealer is the PXA Stealer. It is linked to Vietnamese-speaking attackers and can collect login credentials, financial information, and browser data. The Windows maker announced that it has identified two PXA Stealer campaigns in October 2025 and December 2025 that used phishing emails for initial access.

The attack chain included the use of registry execution keys or scheduled tasks for persistence and the use of Telegrams for command-and-control communications and data exfiltration.

Additionally, malicious actors have been observed weaponizing popular messaging apps such as WhatsApp to distribute malware such as Eternidade Stealer and gain access to financial and cryptocurrency accounts. Details of the campaign were publicly documented by LevelBlue/Trustwave in November 2025.

Other stealer-related attacks revolve around fake PDF editors such as Crystal PDF, distributed via malvertising and search engine optimization (SEO) poisoning through Google ads, and deploying Windows-based stealers that can covertly collect cookies, session data, and credential caches from Mozilla Firefox and Chrome browsers.

To combat the threat of information theft, organizations are encouraged to educate users about social engineering attacks such as malvertising redirect chains, fake installers, and ClickFix-style copy-and-paste prompts. We also recommend monitoring suspicious terminal activity and iCloud Keychain access, and inspecting network output for POST requests to newly registered or suspicious domains.

“Breaches by information thieves can lead to data breaches, unauthorized access to internal systems, business email compromise (BEC), supply chain attacks, and ransomware attacks,” Microsoft said.


Source link

#BlockchainIdentity #Cybersecurity #DataProtection #DigitalEthics #DigitalIdentity #Privacy
Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleEclipse Foundation requires pre-publication security checks for open VSX extensions
Next Article EU releases new cancer prevention guidelines on World Cancer Day

Related Posts

Serena Williams returns to Wimbledon in Nike tennis kit

June 30, 2026

Best Hair Moments at the 2026 BET Awards

June 29, 2026

Pharrell Williams shows off his bold take on men’s wedding rings

June 29, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

Randy Rainbow Draws Donald Trump as ‘Psychopathic’ in Jazzy Song Parody

Serena Williams returns to Wimbledon in Nike tennis kit

Bear’s final run is a season of disappointment

“It was never a racial issue.”

Trending Posts

Randy Rainbow Draws Donald Trump as ‘Psychopathic’ in Jazzy Song Parody

June 30, 2026

Serena Williams returns to Wimbledon in Nike tennis kit

June 30, 2026

“It was never a racial issue.”

June 30, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.