[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f8_1ws0E9tMERrUzzdnGQMHksfvW9r_hJotZsb1uMh9o":3},{"article":4,"iocs":41},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":26,"category":27,"article_tags":30},"0c39d1f4-f888-4f3e-a026-2c2dbed44c3b","2026-05-20 (Tuesday): Pages impersonating Claude and Homebrew continue to distribute malware like...","2026-05-20-tuesday-pages-impersonating-claude-and-homebrew-continue-to-distribut-b0bfa6","2026-05-20 (Tuesday): Pages impersonating Claude and Homebrew continue to distribute malware like #MacSync stealer by employing a #ClickFix-style social engineering technique. Details at https:\u002F\u002Ft.co\u002FcTU26X3LhU https:\u002F\u002Ft.co\u002Fq85sibsuyP","Threat actors are operating malicious web pages impersonating popular developer tools Claude and Homebrew to distribute the MacSync stealer malware. The attack leverages ClickFix-style social engineering tactics—fake browser alerts and urgent prompts—to trick users into downloading malicious payloads. This campaign highlights ongoing risks in the developer ecosystem targeting macOS users.","Fake Claude and Homebrew pages distribute MacSync stealer via ClickFix social engineering.",null,"https:\u002F\u002Fx.com\u002FUnit42_Intel\u002Fstatus\u002F2057208834012168646","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIysdSRWMAAvcqE.jpg","2026-05-20T21:16:21+00:00","2026-05-20T22:00:10.964092+00:00",7,[18,21,23],{"name":19,"type":20},"Claude","product",{"name":22,"type":20},"Homebrew",{"name":24,"type":25},"ClickFix-style social engineering","campaign","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":26,"icon":11,"name":28,"slug":29},"Malware","malware",[31,36],{"category":32},{"id":33,"icon":11,"name":34,"slug":35},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":37},{"id":38,"icon":11,"name":39,"slug":40},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[42,45],{"type":29,"value":43,"context":44},"MacSync","macOS stealer malware distributed via impersonation pages",{"type":29,"value":46,"context":47},"ClickFix","Social engineering technique used in distribution campaign"]