Here’s how potent Atomic credential stealer is finding its way onto Macs

Security companies have warned of a potent credential stealer targeting Mac users through ads impersonating online services, with LastPass users being a recent focus. LastPass detected a campaign using SEO to display fake LastPass macOS app ads on search engines, leading to fraudulent GitHub sites offering to install LastPass but actually delivering the Atomic Stealer malware. LastPass is actively working to combat the threat and has shared indicators of compromise to help others detect similar cyber threats.