
macOS Backdoor Uses WKWebView and FlutterInvoke Bridge for Runtime Command Execution
Security researchers have uncovered a sophisticated macOS malware family dubbed FlutterShell. Tracked under the threat cluster CL-CRI-1089 and associated with Operation FlutterBridge, this campaign relies heavily on the legitimate Flutter framework to mask its malicious activities. Active between December 2025 and March 2026, the malware primarily targets macOS users for financial gain through browser search […]
The post macOS Backdoor Uses WKWebView and FlutterInvoke Bridge for Runtime Command Execution appeared first on Cyber Security News.