Telegram

The WantToCry ransomware exploits exposed SMB services via brute-force for initial access, then exfiltrates files for remote encryption, rewriting the encrypted files to the original locations, demanding ransom payments from $400 to $1,800.

A new variant of the 'SHub' macOS infostealer, dubbed Reaper, uses AppleScript to display a fake security update message and install a backdoor, ultimately stealing browser data, financial documents, and cryptocurrency wallet information while bypassing Terminal-based mitigations in macOS.