Phil Stokes, Author at SentinelOne

Phil Stokes

Phil Stokes is a Research Engineer at SentinelOne, specializing in macOS threat intelligence, platform vulnerabilities and malware analysis. He began his journey into macOS security as a software developer, creating end user troubleshooting and security tools just at the time when macOS adware and commodity malware first began appearing on the platform. Phil has been closely following the development of macOS threats as well as researching Mac software and OS vulnerabilities since 2014.

ConInt Validin July2025 Ftr

macOS.ZuRu Resurfaces | Modified Khepri C2 Hides Inside Doctored Termius App

From the Front Lines | 11 minute read

25 MKTG Comms Blog 022 Generic LABS Blog Images 07

CryptoDrain Soc

AkiraBot Ftr

ReaderUpdate Reforged | Melting Pot of macOS Malware Adds Go to Crystal, Nim and Rust Variants

From the Front Lines | 10 minute read

CasS Leaks Ftr

macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed

From the Front Lines | 9 minute read

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

From the Front Lines | 15 minute read

DPRK Front V3 Ftr