Skip to content

The Iru Blog

The Iru Blog Reports Educational Product News Thought Leadership Threat Intelligence
Atomic Stealer (AMOS) Returns: ClickFix, Trojanized Crypto Apps, and a New macOS Persistence Mechanism
Calvin So

11 min read

Atomic Stealer (AMOS) Returns: ClickFix, Trojanized Crypto Apps, and a New macOS Persistence Mechanism

Atomic Stealer, commonly tracked as AMOS, has earned its place as one of the most persistent threats the macOS threat landscape. Powered by a relentless development cycle and diverse distribution networks, it shows no signs of slowing down. Researchers have extensively documented its signature tactics: "ClickFix" browser social engineering prompts, trojanized application installers, and, most recently, the "malext" variants spread through malvertising campaigns.

Threat Intelligence
macOS Malware Analysis: Music Plugin DMG Loader
Calvin So

17 min read

macOS Malware Analysis: Music Plugin DMG Loader

Threat Intelligence
Analyzing the MonetaStealer macOS Threat
Calvin So

6 min read

Analyzing the MonetaStealer macOS Threat

Threat Intelligence
Investigating Shai-Hulud: Inside the NPM Supply Chain Worm
Calvin So

9 min read

Investigating Shai-Hulud: Inside the NPM Supply Chain Worm

On August 26, 2025, attackers exploited a GitHub Actions injection vulnerability inside Nx’s workflow, using a manipulated pull request title to run shell commands and extract the company’s NPM publishing token. With that access, they published malicious versions of trusted Nx packages. Once installed, those packages hijacked local AI command line tools to scan victim systems for credentials, SSH keys, and crypto wallets.

Threat Intelligence
The Top Cyber Threats Facing SMBs in 2025
Calvin So

3 min read

The Top Cyber Threats Facing SMBs in 2025

Small and midsize businesses (SMBs) are under siege. Attackers know these organizations often run lean IT teams with limited budgets, making them prime “path of least resistance” targets.

Threat Intelligence

Stay up to date

Iru's weekly collection of articles, videos, and research to keep IT & Security teams ahead of the curve.