A lookalike of an open-source clipboard manager is being used as a lure for a macOS infostealer that leans on native automation, local password checks, and clipboard scraping.
A disguised Mac utility, a two-stage payload, and local password validation through PAM reveal a stealthier playbook for credential theft.