Endpoint-Security

🟠 High | Source: The Hacker News A macOS malvertising campaign called Operation FlutterBridge is distributing a new backdoor, FlutterShell, through malicious Google and YouTube advertisements. The campaign is an evolution of a previously identified threat cluster (JSCoreRunner/FileRipple) first observed in late 2025. This matters because it uses trusted ad platforms to target macOS users, broadening the attack surface beyond traditional phishing vectors. Architect’s Take: Enforce endpoint detection and response (EDR) tooling on all macOS devices, including developer and privileged-access workstations, and consider restricting or monitoring ad-network traffic at the corporate proxy or DNS layer. Review browser isolation and application allowlisting policies to limit the execution of unsigned or unnotarised binaries delivered via browser-based download prompts. ...

🟡 Medium | Source: The Hacker News A malware-as-a-service campaign dubbed Weedhack has been targeting Minecraft players since January 2026, distributing malicious software disguised as game clients and mods via YouTube. The operation has already compromised approximately 86,000 systems and includes components such as CountLoader and cryptocurrency miners. The campaign highlights how gaming communities remain a significant vector for delivering credential-stealing and system-control malware at scale. Architect’s Take: If your organisation permits personal devices or BYOD access to cloud workloads, ensure endpoint detection controls can identify MaaS-delivered loaders such as CountLoader, and audit whether compromised personal credentials could pivot into corporate cloud environments via SSO or reused passwords. ...

🟡 Medium | Source: The Hacker News A malware-as-a-service campaign dubbed Weedhack has been targeting Minecraft players since January 2026, distributing malware through YouTube by impersonating legitimate Minecraft clients and mods. The campaign has compromised thousands of systems and is linked to a loader dubbed CountLoader, which has recorded over 86,000 infections. The threat is notable for its exploitation of gaming communities and pirated software channels as a delivery mechanism for system-control malware. ...