FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the two attack chains is

According to Unit 42, Operation FlutterBridge is a macOS malvertising campaign that delivers a Flutter-based backdoor called FlutterShell via malicious Google and YouTube ads, using fake desktop apps such as PodcastsLounge, PDF-Brain, and PDF-Ninja.[1][7] The malware supports arbitrary command execution, file system access, browser hijacking, system fingerprinting, and theft of browser session data.[1][2] Some variants (PDF-Brain and PDF-Ninja) add an AI-powered document summarization feature by sending user documents through an attacker-controlled server before processing, creating direct risk of data exfiltration of any content users ask the "AI" to summarize.[1] From a CyberSE.AI perspective, any AI or AI-like feature that proxies sensitive documents to untrusted infrastructure should be treated as a high-risk data leakage vector, and organizations should harden AI document-processing workflows, apply SBOM and code review to third-party "AI helper" components, and use continuous red teaming to detect malware-like behaviors such as covert exfiltration behind AI functionality.