🚨 Fake Malwarebytes, LastPass & 70+ brands abused on GitHub to spread Atomic Stealer (AMOS).
🔹 Fake repos + SEO + sponsored ads = malware installs
🔹 Copy-paste terminal commands (curl … | bash) deliver the payload instantly
🔹 Brands targeted include password managers, fintech apps, and dev tools
⚠️ Another reminder: only trust official developer sites.
💬 Do you think GitHub & Google should be held more accountable for catching these campaigns earlier?

Follow @technadu for #CyberSecurity insights.

#Malware #AtomicStealer #AMOS #Infostealer #MacOS #Malwarebytes #LastPass #GitHubSecurity

🚨 macOS users are being hit with a widespread infostealer campaign.
LastPass warns that hackers are using fake GitHub repos + SEO tricks to deliver the Atomic Stealer (AMOS) malware.

⚠️ Impersonated brands: password managers, banks, crypto wallets, AI tools
⚠️ Ongoing since July, with multiple fake repos removed
⚠️ Trust in GitHub & Google Ads is being weaponized
💬 How do you think platforms can balance openness with stronger malware detection?
🔔 Follow @technadu for daily cyber threat updates.

#macOS #Infostealer #AtomicStealer #AMOS #GitHubThreats #LastPass #Cybercrime #CyberResilience #TechNadu

LastPass uncovers fake GitHub repos spreading Atomic Stealer malware to Mac users

https://web.brid.gy/r/https://nerds.xyz/2025/09/lastpass-uncovers-fake-github-repos-spreading-atomic-stealer-malware-to-mac-users/

Alright team, it's been a pretty interesting 24 hours in the cyber security world! We've got a zero-click vulnerability impacting OpenAI's Deep Research agent, a widespread info-stealer campaign targeting macOS users, and a significant law enforcement action against a crypto exchange. Let's dive in:

OpenAI ChatGPT Deep Research Agent Zero-Click Flaw ⚠️

- Cybersecurity researchers have uncovered "ShadowLeak," a zero-click flaw in OpenAI ChatGPT's Deep Research agent that could leak sensitive Gmail data.
- The attack uses indirect prompt injection hidden in email HTML (e.g., white-on-white text) which the agent reads and obeys, exfiltrating data directly from OpenAI's cloud infrastructure, bypassing local defences.
- This vulnerability affects any ChatGPT connector, including Box, Dropbox, Google Drive, and Outlook, significantly broadening the potential attack surface.

📰 The Hacker News | https://thehackernews.com/2025/09/shadowleak-zero-click-flaw-leaks-gmail.html

macOS Users Targeted by Atomic Infostealer via Fake GitHub Repos 🍎

- LastPass is warning macOS users about a widespread campaign distributing the Atomic infostealer through fake GitHub repositories.
- Threat actors use SEO poisoning to push malicious GitHub links high in search results, impersonating popular tools like LastPass, 1Password, Dropbox, and others.
- Victims are tricked into executing a Terminal command from "ClickFix-style" instructions on a GitHub page, leading to the deployment of the Atomic Stealer malware.

📰 The Hacker News | https://thehackernews.com/2025/09/lastpass-warns-of-fake-repositories-infecting-macos-with-atomic-infostealer/

Canada Shuts Down TradeOgre Crypto Exchange, Seizes $40M 💰

- The Royal Canadian Mounted Police (RCMP) has dismantled the TradeOgre cryptocurrency exchange and seized over $40 million believed to be from criminal activities.
- This marks Canada's first crypto exchange shutdown and its largest asset seizure, targeting a platform known for no-KYC policies and dealing in privacy-focused altcoins like Monero.
- TradeOgre failed to register as a money services business with FINTRAC, and while the RCMP cannot confirm all seized crypto is illicit, non-criminal customers may have recourse through the Canadian court system.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/canada-dismantles-tradeogre-exchange-seizes-40-million-in-crypto/

#CyberSecurity #ThreatIntelligence #Vulnerability #ZeroClick #PromptInjection #AIsecurity #ChatGPT #Malware #Infostealer #macOS #AtomicStealer #Cybercrime #Crypto #LawEnforcement #IncidentResponse #InfoSec