PANews reported on April 22 that, according to SlowMist's MistEye intelligence, a high-risk macOS information-stealing Trojan called " MacSync Stealer " (v1.1.2) is actively spreading. Attackers trick users into entering passwords by forging AppleScript system pop-ups, thereby stealing encrypted wallets, browser credentials, system keychains , and infrastructure keys such as SSH/AWS/K8s . After completing the data transfer, the Trojan disguises itself as a "system not supported" error message. SlowMist advises users not to execute macOS scripts from unknown sources. If you suspect your device has been compromised, immediately rotate all infrastructure credentials, invalidate exposed keychains , and transfer encrypted assets to a secure wallet as soon as possible.