Dossier
FileRipple
Coverage of FileRipple in the Nexus archive.
- FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
A macOS malvertising campaign named Operation FlutterBridge is spreading a new backdoor called FlutterShell via malicious Google and YouTube ads. The campaign is linked to a prior activity cluster dubbed JSCoreRunner (FileRipple) by cybersecurity researchers at Palo Alto Networks Unit 42.