On January 6, 2026, security researchers at Iru discovered a suspicious Mach-O binary masquerading as a Windows .exe file. Investigation revealed the file is a PyInstaller-compiled binary that executes malware hidden within a .pyc file.