New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions
XCSSET macOS malware's updated variant monitors the clipboard to hijack cryptocurrency transactions while adding persistence, browser targeting, and info-stealing capabilities.
macOS also contains backdoors: how the 'ChillyHell' malware works
ChillyHell is stealthy macOS malware that persists via LaunchAgent/LaunchDaemon, removes forensic artifacts, sleeps intermittently, and uses modular C2-driven capabilities to exfiltrate data.