Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

A sophisticated global malvertising campaign, dubbed Operation FlutterBridge, is targeting macOS users with fully-functional, notarized apps that secretly deploy the rapidly evolving FlutterShell backdoor—capable of browser hijacking, shell command execution, and data exfiltration—while leveraging shell companies and dynamic web-based payloads to evade detection and scale distribution.