top of page
ALL POSTS
Operation FlutterBridge: macOS Backdoor Campaign Leverages Fake Google Ads and Targeted Distribution
Key Findings Operation FlutterBridge is a sophisticated malvertising campaign targeting macOS users since late 2025, evolving from basic adware into a dangerous backdoor called FlutterShell Threat actors use fake shell companies to purchase verified Google and YouTube ads, bypassing security filters through artificial aging and legitimate developer credentials The malware masquerades as productivity tools including Podcasts Lounge, PDF-Brain, and PDF-Ninja, with three distinc
Jun 83 min read
AITM Phishing Campaign Targets TikTok Business Accounts with Cloudflare Evasion Tactics
Key Findings Push Security identified a new AITM phishing campaign targeting TikTok for Business accounts to hijack them for malvertising and fraud Attackers use fake TikTok and Google-themed pages with Cloudflare Turnstile bot protection to bypass security scanners Newly registered domains are created rapidly and hosted behind Cloudflare, making them difficult to track Compromised accounts are used for malvertising, credential theft, malware distribution, and ad fraud Many u
Mar 272 min read
bottom of page
