FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
The Hacker News | #1 Trusted Source for Cybersecurity News [Uno…
June 4, 2026
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell.
According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the two attack chains is
Discussion in the ATmosphere