FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Source summary: Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the two attack chains is
Why it matters: Add your own practical explanation here before publishing.
What to do: Add recommended action/checks here.
Need IT help?
Need help with hosting, Cloudflare, backups or IT support? IT Radar UK can point you in the right direction.
Get support