Andrew Davies
Back to sources
email newsletterJuly 14, 2026

CrashStealer macOS 🍏,Ghostcommit Attack 🖼️, Six U-Boot Flaws 🥾

TLDR InfoSec

Retained excerpt

Jamf uncovered a new macOS infostealer they dubbed CrashStealer because it impersonates the built-in CrashReporter tool 🔓 ATTACKS & VULNERABILITIES NEW CRASHSTEALER MALWARE POSES AS APPLE CRASH REPORTING TOOL (2 MINUTE READ) Jamf uncovered a new macOS infostealer they dubbed CrashStealer because it impersonates the built-in CrashReporter tool. The malware displays a fake password prompt, verifies the entered password, then uses it to unlock the OS keychain and steal other credentials. CrashStealer focuses on stealth and uses a notarized dropper and AES-256-GCM to encrypt zip archives of stolen credentials before exfiltration. ‘GHOSTCOMMIT' HIDES PROMPT INJECTION IN IMAGES TO FOOL AI AGENTS AND STEAL SECRETS (2 MINUTE READ) Researchers unveiled a new technique to harvest credentials from Git repos by abusing AI agents. The researchers pushed an image to the repo containing instructions to copy the.env file and upload it byte by byte as numbers. Later, a coding agent that runs will…

This limited excerpt is retained to explain the source trail. Rights remain with the original publisher.

CrashStealer macOS 🍏,Ghostcommit Attack 🖼️, Six U-Boot Flaws 🥾 | Crashboard