A new ClickFix campaign automates malware downloads on macOS entirely through terminal commands, with Atomic macOS Stealer stealing passwords, browser data, and cryptocurrency wallet holdings.
Three new malware loaders (BabaDeda, Lorem Ipsum, Potemkin) distribute via ClickFix social engineering and compromised WordPress sites to enable data theft, ransomware, and remote control.
Hacked websites are systematically exploited by DriveSurge as a malware distribution channel using deceptively authentic update and clickbait techniques.