Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft

SentinelOne researchers describe Reaper, a macOS-targeting SHub infostealer variant that impersonates trusted apps and platform prompts to socially engineer victims into running installers/scripts; it harvests browser credentials, crypto wallet data, Keychain/iCloud items and business files, establishes persistence via a GoogleUpdate-like script that contacts a C2 every 60 seconds, and exfiltrates collected data — users are advised to avoid unofficial downloads, be cautious with preloaded scripts, change compromised passwords, back up data, and seek forensic help if infected.