An ongoing infostealer campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads. The LastPass TIME team is raising awareness of this threat, which employs SEO tactics to position malicious links prominently in search results, and has already initiated takedown efforts against some of these fraudulent sites.

LastPass has alerted macOS users about a malicious campaign using fake password managers and other software, which deliver the Atomic info-stealing malware through deceptive GitHub repositories. The campaign employs search engine optimization tactics to promote these fraudulent applications, urging users to execute potentially harmful commands that install malware on their systems. Users are advised to only download software from official sources to avoid such threats.

A phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, prompting recipients to download a malicious desktop application. The downloaded software installs a remote management tool called Syncro, enabling threat actors to remotely access users' computers and potentially steal sensitive information. LastPass has clarified that these claims are false and users should verify security alerts through official channels.