Fake macOS Troubleshooting Sites Used to Steal iCloud Data in ClickFix Scam

Microsoft researchers warn of a new ClickFix campaign targeting macOS with fake guides on Medium and Craft to deploy AMOS and SHub Stealer via Terminal commands...

Exploit for CVE-2026-25253

OpenClaw Security Monitor Proactive security monitoring, thre...

CVE-2021-28488

Ericsson Network Manager ENM before 21.2 has incorrect access-control behavior that only affects the level of access available to persons who were already granted a highly privileged role. Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessib...

Malware in 2025 spread far beyond Windows PCs

This blog is part of a series highlighting new and concerning trends we noticed over the last year. Trends matter because they almost always provide a good indication of what 's coming next. If there’s one thing that became very clear in 2025, it’s that malware is no longer focused on Windows...

Google ads funnel Mac users to poisoned AI chats that spread the AMOS infostealer

Researchers have found evidence that AI conversations were inserted in Google search results to mislead macOS users into installing the Atomic macOS Stealer AMOS. Both Grok and ChatGPT were found to have been abused in these attacks. Forensic investigation of an AMOS alert showed the infection...

EUVD-2021-15165

Malware in sbrugna...

EUVD-2021-19412

Malware in sbrugna...

CVE-2021-32570

In Ericsson Network Manager ENM releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All AMOS users are considered to be highly privileged users in ENM system and all must be previously defined and authorized by the Security...

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in...

Stealer here, stealer there, stealers everywhere!

Introduction Information stealers, which are used to collect credentials to then sell them on the dark web or use in subsequent cyberattacks, are actively distributed by cybercriminals. Some of them are available through a monthly subscription model, thus attracting novice cybercriminals. Accordi...

amos-harricana.ca Cross Site Scripting vulnerability OBB-3909239

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

New Variant of AMOS Stealer Targets Safari Cookies and Crypto Wallets

By Waqas macOS users watch out for the new variant aiming at your crypto funds! This is a post from HackRead.com Read the original post: New Variant of AMOS Stealer Targets Safari Cookies and Crypto Wallets...

Atomic Stealer Sneaks In via Fake Browser Updates

Summary: The macOS information-stealing malware known as Atomic, or AMOS, is currently being delivered to targets through a deceptive web browser update chain known as ClearFake. ClearFake is a recent malware campaign that exploits compromised websites to distribute fake browser updates. Threat...

ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer

The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. "This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of...

Authorization

In Ericsson Network Manager ENM releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All AMOS users are considered to be highly privileged users in ENM system and all must be previously defined and authorized by the Security...

CVE-2021-32570

CVE-2021-32570 affects Ericsson Network Manager (ENM) versions before 21.2. The issue allows users within the same AMOS authorization group (considered highly privileged) to access data from certain log files under a common path and read information stored in those logs, enabling privilege escala...

PT-2022-10086 · Ericsson · Ericsson Network Manager

Name of the Vulnerable Software and Affected Versions: Ericsson Network Manager versions prior to 21.2 Description: The issue allows users belonging to the same AMOS authorization group to retrieve data from certain log files, potentially leading to privilege escalation. All AMOS users are...

Facebook to Launch Its Own Satellite to Beam Free Internet

Do you hear the same as me? Is Facebook planning to Launch Satellite? Yes, it's True. Facebook has revealed its secret plan to launch a $500 Million Satellite by 2016 in order to provide Free or cheap Internet access in the developing nations. Facebook CEO Mark Zuckerberg made an announcement tha...

CVE-2007-6510

Multiple stack-based buffer overflows in ProWizard 4 PC prowiz 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the 1 AMOS-MusicBank, 2 FuzzacPacker, and 3 QuadraComposer rippers; and 4 have an unknown impact via a crafted file to the SkytPacker ripper...

Stack overflow

Multiple stack-based buffer overflows in ProWizard 4 PC prowiz 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the 1 AMOS-MusicBank, 2 FuzzacPacker, and 3 QuadraComposer rippers; and 4 have an unknown impact via a crafted file to the SkytPacker ripper...