According to Mosyle’s analysis, ModStealer is being delivered to victims through malicious job recruiter ads targeting developers. It uses a heavily obfuscated JavaScript file written with NodeJS that remains completely undetectable by signature-based defenses. And this one isn’t just targeting Mac users either; Windows and Linux environments are also at risk.

> malware undetected by AV tools

This is not news. News will be "malware detected by AV tools". /s