Tag

Applescript

2 briefs RSS

SHub Reaper Stealer Backdoors macOS with Multi-Brand Spoofing

The SHub Reaper stealer combines credential theft, wallet hijacking, and document exfiltration with persistent backdoor access on macOS, distributed through fake WeChat and Miro installers while spoofing Apple, Google, and Microsoft to evade detection.

WeChat +3 macos infostealer backdoor social-engineering applescript

3r 4t May 19, 2026

medium advisory

macOS Mojave Beta Webcam and Microphone Access Bypass

2 rules 1 TTP

macOS Mojave beta's new privacy controls can be bypassed by exploiting the entitlements of trusted applications like QuickTime Player via AppleScript to access the webcam and microphone without user consent.

macOS Mojave +2 macos webcam microphone applescript tcc

2r 1t Jan 9, 2024