← Back to Security Blog
Security Briefing March 16, 2026 12 min read

ClickFix Campaigns Spread MacSync macOS Stealer, DRILLAPP Backdoor Targets Ukraine via Edge, Storm-2561 Fake VPN Credential Theft, HPE AOS-CX Critical Flaw

Three ClickFix social engineering campaigns deliver the MacSync macOS infostealer through fake AI tool installers. Russia-linked DRILLAPP JavaScript backdoor weaponizes Microsoft Edge headless mode against Ukrainian targets. Storm-2561 steals VPN credentials through SEO-poisoned fake clients. HPE AOS-CX switches vulnerable to unauthenticated admin password resets. GitHub repositories compromised in GlassWorm aftermath. Iran-linked actors expand targeting to US critical infrastructure. Two AI security startups emerge with $80M combined funding.


🍎 ClickFix Campaigns Deliver MacSync macOS Infostealer

Sophos researchers have identified three distinct ClickFix campaigns delivering the MacSync macOS infostealer through sophisticated social engineering tactics targeting macOS users. Unlike traditional exploit-based attacks, these campaigns rely entirely on tricking users into copying and pasting malicious terminal commands.

⚠️ Critical: Fake AI Tool Installers

The campaigns impersonate legitimate AI tools including OpenAI Atlas browser, fake "clean Mac" ChatGPT conversations, and even fake Anthropic Claude Code installer pages. Malvertising campaigns drive traffic to convincing landing pages hosted on Cloudflare Pages, Squarespace, and Tencent EdgeOne.

Attack Methodology

The ClickFix technique is deceptively simple but devastatingly effective:

  1. Victim visits a convincing fake AI tool website
  2. The page instructs the user to "install" by copying a command to the terminal
  3. The pasted command downloads and executes the MacSync infostealer
  4. MacSync harvests credentials, browser data, cryptocurrency wallets, and keychain entries

February 2026 Variant: Enhanced Capabilities

The latest variant discovered in February 2026 introduces significant upgrades:

macOS Users Are Not Immune

The persistence of the myth that macOS is "safe from malware" makes these social engineering attacks particularly effective. Organizations with BYOD policies or mixed-OS environments must extend endpoint protection and user awareness training to cover macOS-specific threats.

Compliance Implications

NIS2 Article 21(2)(g): Organizations must implement cybersecurity awareness training that covers social engineering techniques — including platform-specific threats like ClickFix on macOS. GDPR Article 32: Failure to protect employee endpoints that process personal data constitutes an inadequate technical measure.


🇺🇦 DRILLAPP JavaScript Backdoor Targets Ukraine via Edge Headless Mode

S2 Grupo's LAB52 research team has discovered DRILLAPP, a novel JavaScript backdoor targeting Ukrainian entities through judicial and charity-themed phishing lures. The backdoor is attributed to Laundry Bear (also tracked as UAC-0190 / Void Blizzard), a Russia-linked threat actor with a history of targeting Ukrainian government and civil society organizations.

⚠️ Dangerous Browser Abuse

DRILLAPP abuses Microsoft Edge headless mode with extremely dangerous command-line flags: --no-sandbox, --disable-web-security, and --use-fake-ui-for-media-stream. This grants the backdoor access to local files, microphone, and webcam without any user interaction or consent prompts.

Technical Architecture

Evolution: Version 2 (Late February 2026)

The second version, observed in late February 2026, replaces LNK file delivery with Windows Control Panel modules (.cpl files). This technique bypasses many email gateway filters that block traditional shortcut files and has lower detection rates across major antivirus engines.

NIS2 relevance: Government entities, NGOs, and civil society organizations operating in conflict zones fall under NIS2's essential entity protections. The use of legitimate browser functionality (Edge headless mode) as an attack vector highlights the need for application whitelisting and browser policy enforcement under Article 21 technical measures.


🐍 ForceMemo: GitHub Repositories Compromised in GlassWorm Aftermath

The fallout from the VS Code GlassWorm campaign continues to expand. Hundreds of GitHub accounts have been accessed using credentials stolen during the original GlassWorm attack, leading to the compromise of numerous Python repositories.

Supply Chain Cascade Effect

This represents a dangerous second-order supply chain attack: compromised developer credentials from one campaign (GlassWorm) are being weaponized to inject malicious code into entirely separate projects. Any organization depending on affected Python packages faces potential downstream compromise.

Impact Assessment

DORA Article 28: Financial entities using open-source Python libraries must assess whether their dependencies are affected and implement software composition analysis (SCA) as part of their ICT third-party risk management framework.


🔑 Storm-2561 Distributes Fake VPN Clients for Credential Theft

Microsoft Threat Intelligence is tracking Storm-2561, a threat actor distributing trojanized VPN clients through SEO poisoning campaigns. The fake VPN installers appear in top search results for popular VPN software, deploying trojans that harvest login credentials from the victim's system.

⚠️ SEO Poisoning Attack Chain

Storm-2561 manipulates search engine results so that users searching for legitimate VPN software are directed to malicious download pages. The downloaded "VPN client" installs the legitimate VPN alongside a hidden trojan that captures all credentials entered on the system.

Attack Flow

  1. SEO poisoning: Malicious sites rank for VPN-related search terms
  2. Convincing download page: Mimics the official VPN provider's website
  3. Dual installation: Installs working VPN (for legitimacy) plus credential-stealing trojan
  4. Credential harvesting: Captures passwords, session tokens, and authentication cookies
  5. Exfiltration: Stolen credentials sent to attacker-controlled infrastructure

NIS2 Article 21(2)(j): Use of secured communication systems and emergency communication systems. Organizations must ensure VPN software is obtained exclusively from verified sources and implement application whitelisting to prevent installation of unauthorized software. GDPR: Credential theft from employees processing personal data constitutes a reportable breach under Article 33.


🔓 Critical HPE AOS-CX Vulnerability — Unauthenticated Admin Password Reset

A critical vulnerability in HPE Aruba Networking AOS-CX switches allows remote attackers to reset administrator passwords without authentication, completely circumventing existing access controls.

⚠️ Patch Immediately

This vulnerability is remotely exploitable without authentication. An attacker with network access to the management interface can reset admin credentials and gain full control of the switch infrastructure. HPE has released patches — apply immediately.

Risk Assessment

Factor Assessment
Attack vector Network (remote)
Authentication required None
Impact Full administrative control of network switches
Affected systems HPE Aruba AOS-CX switches
Mitigation Patch immediately; restrict management interface access

NIS2 Article 21(2)(e): Security in network and information systems acquisition, development, and maintenance — including vulnerability handling and disclosure. Organizations running HPE AOS-CX infrastructure must patch within their defined critical vulnerability SLA.


🇮🇷 Iran-Linked Hackers Expand Targeting to US Critical Infrastructure

Pro-Iranian hacking groups are expanding operations beyond the Middle East, increasingly targeting US defense contractors, power stations, and water treatment facilities. The escalation coincides with ongoing regional tensions and represents a significant broadening of Iran's cyber operations.

Stryker Manufacturing Attack

An Iran-linked attack on medical device manufacturer Stryker disrupted manufacturing and shipping operations. Notably, attackers used the company's own endpoint management software to wipe devices — leveraging legitimate tools rather than deploying traditional malware (Living Off the Land technique).

Targets at Risk

NIS2 critical infrastructure: Energy, water, health, and manufacturing entities classified as essential entities must implement enhanced security measures under NIS2. The Stryker attack pattern — using legitimate endpoint management tools — underscores the need for behavioral monitoring and zero-trust architecture beyond signature-based detection.

DORA: Financial entities with supply chain dependencies on affected sectors must reassess their ICT third-party risk profiles.


🚀 Bold Security & Onyx Security Launch — $80M in AI Security Funding

Two AI security startups have emerged from stealth, each with $40 million in funding, signaling continued investor confidence in AI-driven cybersecurity solutions.

Market Signal: AI Security Investment Surge

$80M combined funding for two AI security startups in a single week reflects the market's recognition that traditional security approaches cannot keep pace with evolving threats. Both companies address the growing challenge of securing AI-driven operations.

Bold Security

Bold Security uses AI to transform endpoint devices into active protection agents. Rather than relying solely on centralized security monitoring, each device becomes an autonomous defender capable of detecting and responding to threats locally — reducing response times from minutes to milliseconds.

Onyx Security

Onyx Security builds a control plane for autonomous AI agent oversight. As organizations deploy AI agents for business operations, Onyx provides the governance layer to ensure these agents operate within defined security boundaries — preventing unauthorized data access, privilege escalation, and policy violations.

EU AI Act relevance: Onyx Security's approach directly addresses the AI Act's requirements for human oversight of high-risk AI systems. Organizations deploying autonomous AI agents in critical sectors will need governance platforms to demonstrate compliance with Article 14 human oversight obligations.


📋 Today's Action Items

  1. macOS security awareness: Alert teams about ClickFix campaigns targeting macOS via fake AI tool installers — especially developers who might search for tools like Claude Code
  2. Browser policy enforcement: Audit and restrict Edge/Chrome headless mode usage; block dangerous flags (--no-sandbox, --disable-web-security) via Group Policy
  3. Python dependency audit: Review all Python dependencies for unauthorized commits related to the ForceMemo/GlassWorm compromise chain
  4. VPN source verification: Ensure all VPN software is obtained exclusively from verified vendor sources; implement application whitelisting
  5. HPE AOS-CX patching: Apply HPE patches for the critical unauthenticated admin password reset vulnerability immediately
  6. Endpoint management audit: Review who has access to endpoint management tools — the Stryker attack shows these can be weaponized for destructive attacks
  7. Credential rotation: If your organization uses VS Code extensions or GitHub PATs, rotate all credentials as a precaution against GlassWorm credential reuse

Stay Ahead of These Threats with KENSAI

Continuous vulnerability scanning, supply chain risk assessment, and regulatory compliance mapping for NIS2, DORA, GDPR, and EU AI Act.

Start Free Security Scan →

Stay vigilant. Stay secure.

🗡️ KENSAI Security & Compliance Team

March 16, 2026

🛡️ Is your website secure?

Discover vulnerabilities before attackers do.

Scan your website for free →

Related Articles

Smart Slider WordPress CVE 影响50万网站,Coruna iOS利用工具包复活三角测量行动,OpenAI推出安全漏洞赏金计划 VENON Rust 银行恶意软件袭击巴西,Apple 修补 Coruna WebKit Fausses alertes VS Code sur GitHub propagent des malwares, Un groupe pro-iranien