GhostClaw expands beyond npm: GitHub repositories and AI workflows deliver macOS infostealer |
https://www.jamf.com/blog/ghostclaw-ghostloader-malware-github-repositories-ai-workflows
GhostClaw/GhostLoader Malware: GitHub Repositories & AI Workflow Attacks Threat Labs
Jamf Threat Labs exposes new GhostClaw/GhostLoader samples using malicious GitHub repos and AI dev workflows to steal macOS credentials via multi-stage payloads.
zer0