Infostealers Target macOS And Python Ecosystems

Microsoft Defender Experts report that since late 2025 infostealer campaigns increasingly target macOS and cross-platform environments, using Python and trusted utilities to deliver credential-stealing malware. They observed campaigns such as DigitStealer, MacSync, AMOS, PXA Stealer, and Eternidade Stealer delivered via fake installers, phishing, WhatsApp abuse, and malvertising. The report provides detection coverage and mitigation guidance organizations can implement to detect, mitigate, and respond.