The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

New MacOS.ZuRu Variant Discovered

Jul 22, 2025 3:05:50 PM / by The Hivemind posted in Threat Bulletin, Evolving Threat, Malware Analysis, Cybersecurity Threat, MacOS malware, ZuRu malware, Termius trojan, macOS security, backdoor threat, SSH client attack, Khepri C2, developer security

0 Comments

Verticals Targeted: IT, software development  
Regions Targeted: None specified
Related Families: None

Executive Summary

A new variant of the macOS.ZuRu malware, first identified in 2021, was discovered, leveraging a trojanized Termius application to deploy a modified Khepri C2 beacon, targeting developers and IT professionals. This sophisticated backdoor employs advanced techniques to evade detection and establish persistent remote access.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More