Cybercriminals are exploiting the implicit trust users place in central Artificial Intelligence (AI) platforms to distribute the Atomic macOS Stealer (AMOS). A new campaign, identified by security researchers at Huntress, reveals that attackers have evolved beyond simply mimicking trusted brands; they are now actively exploiting legitimate services from OpenAI and xAI to host malicious payloads. The campaign highlights a significant shift in social engineering tactics. Rather than directing v
clickfix attack (2)
Havoc is a powerful command-and-control (C2) framework. Like other well-known C2 frameworks, such as Cobalt Strike, Silver, and Winos4.0, Havoc has been used in threat campaigns to gain complete control over the target. Additionally, It is open-source and available on GitHub, making it easier for threat actors to modify it to evade detection.
FortiGuard Labs recently discovered a phishing campaign that combines ClickFix and multi-stage malware to deploy a modified Havoc Demon Agent. The threat a
