Key Findings SentinelLABS discovered a new macOS infostealer variant called Reaper that bypasses Apple's recent security patches in macOS Tahoe 26.4 Attack chain begins with fake download pages for WeChat or Miro using typo-squatted domain mlcrosoft.co.com Malware uses Script Editor with hidden commands disguised as ASCII art to trick users into executing malicious code Reaper steals passwords, browser data, cryptocurrency wallets, and financial documents before establishing