In September 2025, Kandji’s security researchers uncovered a sophisticated credential theft campaign targeting macOS developers through spoofed Homebrew installer sites. The tactics used paralleled recent pro-Russian hacktivist methods employed against operational technology (OT) and industrial control system (ICS) environments. The operation exploited trust in package managers to deliver malicious payloads capable of credential harvesting and […] The post Credential Theft Tactics by Pro-...
