Tag: macOS

Google Rolls Out Chrome 143 Update for Billions Worldwide

Dec 5, 2025 4:32 PM

Tags: browser, chrome, flaw, google, linux, macOS, update, vulnerability, windows

Chrome 143 fixes 13 security vulnerabilities, including four high-severity flaws, in a December desktop update rolling out to Windows, macOS, and Linux users. The post Google Rolls Out Chrome 143 Update for Billions Worldwide appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-143-update-13-security-fixes/
Sicherheitsforscher warnt: Apple zeigt den Mittelfinger in Richtung MacOS

Dec 4, 2025 1:32 PM

Tags: apple, macOS

Forscher erhalten künftig teils deutlich weniger Geld für an Apple gemeldete MacOS-Sicherheitslücken. Betroffene sind nicht begeistert. First seen on golem.de Jump to article: www.golem.de/news/macos-apple-veraergert-forscher-mit-gekuerzten-bug-bounty-praemien-2512-202913.html
Sicherheitsforscher warnt: Apple zeigt den Mittelfinger in Richtung MacOS

Dec 4, 2025 1:32 PM

Tags: apple, macOS

Forscher erhalten künftig teils deutlich weniger Geld für an Apple gemeldete MacOS-Sicherheitslücken. Betroffene sind nicht begeistert. First seen on golem.de Jump to article: www.golem.de/news/macos-apple-veraergert-forscher-mit-gekuerzten-bug-bounty-praemien-2512-202913.html
Contagious Interview attackers go ‘full stack’ to fool developers

Dec 1, 2025 5:49 PM

Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, worm

Coding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
Neue Gefahr für macOS: DigitStealer stiehlt Daten unbemerkt

Nov 28, 2025 7:49 AM

Tags: macOS, threat

Ein aktueller Fund des Threat-Labs-Teams von Jamf zeigt, dass macOS-Nutzer einer neuen Form von Datendiebstahl ausgesetzt sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/macos-digitstealer-stiehlt-daten
Neue Gefahr für macOS: DigitStealer stiehlt Daten unbemerkt

Nov 28, 2025 7:49 AM

Tags: macOS, threat

Ein aktueller Fund des Threat-Labs-Teams von Jamf zeigt, dass macOS-Nutzer einer neuen Form von Datendiebstahl ausgesetzt sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/macos-digitstealer-stiehlt-daten
macOS Infostealer “DigitStealer” hinterlässt kaum Spuren in betroffenen Systemen

Nov 26, 2025 3:50 PM

Tags: Hardware, macOS

Dies deutet darauf hin, dass die Angreifer hinter DigitStealer ein tiefgreifendes Verständnis von macOS-Betriebssystemen aufweisen. Insbesondere die Aufteilung der Payloads und die Nutzung von Hardware-Prüfungen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/macos-infostealer-digitstealer-hinterlaesst-kaum-spuren-in-betroffenen-systemen/a42971/
Hackers Trick macOS Users into Running Terminal Commands to Install FlexibleFerret Malware

Nov 26, 2025 12:49 PM

Tags: cyber, hacker, jobs, macOS, malicious, malware, north-korea, social-engineering, tactics, threat

North Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. The campaign, attributed to the Contagious Interview operation, represents a refined iteration of social engineering tactics designed to bypass macOS security protections,…
Hackers Trick macOS Users into Running Terminal Commands to Install FlexibleFerret Malware

Nov 26, 2025 12:49 PM

Tags: cyber, hacker, jobs, macOS, malicious, malware, north-korea, social-engineering, tactics, threat

North Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. The campaign, attributed to the Contagious Interview operation, represents a refined iteration of social engineering tactics designed to bypass macOS security protections,…
DPRK’s FlexibleFerret Tightens macOS Grip

Nov 25, 2025 11:49 PM

Tags: credentials, macOS, scam, social-engineering, tactics

The actor behind the Contagious Interview campaign is continuing to refine its tactics and social engineering scams to wrest credentials from macOS users. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dprks-flexibleferret-tightens-macos-grip
New FlexibleFerret Malware Chain Targets macOS With Go Backdoor

Nov 25, 2025 3:49 PM

Tags: access, backdoor, credentials, macOS, malware

A new macOS malware chain using staged scripts and a Go-based backdoor has been attributed to FlexibleFerret, designed to steal credentials and maintain system access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flexibleferret-malware-macos-go/
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Tsundere Botnet Targets Windows, Linux macOS via Node.js Packages

Nov 20, 2025 9:49 PM

Tags: botnet, cyber, kaspersky, linux, macOS, russia, supply-chain, threat, windows

A Russian-speaking threat actor attributed to the username >>koneko
MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices

Nov 20, 2025 2:49 PM

Tags: apple, google, macOS, malware

A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/20/macos-digitstealer-malware-poses-as-dynamiclake-targets-apple-silicon-m2-m3-devices/
MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices

Nov 20, 2025 2:49 PM

Tags: apple, google, macOS, malware

A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/20/macos-digitstealer-malware-poses-as-dynamiclake-targets-apple-silicon-m2-m3-devices/
Nova Stealer Targets macOS Users, Swaps Legit Apps to Steal Crypto Wallets

Nov 19, 2025 9:49 PM

Tags: crypto, cyber, macOS, malicious, malware, threat, update

A sophisticated new macOS malware campaign dubbed >>Nova Stealer
New Security Tools Target Growing macOS Threats

Nov 14, 2025 10:49 PM

Tags: apple, macOS, malware, threat, tool

A public dataset and platform-agnostic analysis tool aim to help organizations in the fight against Apple-targeted malware, which researchers say has lacked proper attention. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/new-security-tools-target-growing-macos-threats
Advanced macOS DigitStealer Uses Multi-Stage Attack Chain to Evade Detection

Nov 14, 2025 1:49 PM

Tags: attack, cyber, detection, macOS, malicious, threat

Jamf Threat Labs has identified a new family of malicious stealers tracked as DigitStealer, representing a significant evolution in macOS-targeted malware. Unlike traditional infostealers that follow linear execution paths, DigitStealer introduced sophisticated multi-stage attack techniques, extensive anti-analysis checks, and novel persistence mechanisms, demonstrating the threat actors’ deep understanding of macOS architecture. The DigitStealer campaign begins…
New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware

Nov 13, 2025 9:49 AM

Tags: attack, credentials, cyber, exploit, infection, macOS, malware, social-engineering, software, threat, windows

Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across Windows and macOS platforms. The campaign demonstrates how threat actors are exploiting legitimate search queries for cracked software to deliver devastating payloads that compromise user credentials and sensitive data.paste.txt”‹ The infection chain begins when users…
AppleScript Abused to Spread Fake Zoom and Teams macOS Updates

Nov 12, 2025 8:49 PM

Tags: apple, hacker, macOS, malware, update

Hackers use AppleScript to disguise macOS malware as fake app updates, bypassing Apple’s protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/applescript-abused-to-spread-fake-zoom-and-teams-macos-updates/
AppleScript Abused to Spread Fake Zoom and Teams macOS Updates

Nov 12, 2025 8:49 PM

Tags: apple, hacker, macOS, malware, update

Hackers use AppleScript to disguise macOS malware as fake app updates, bypassing Apple’s protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/applescript-abused-to-spread-fake-zoom-and-teams-macos-updates/
Rideshare giant moves 200 Macs out of the cloud, saves $2.4 million

Nov 7, 2025 7:20 PM

Tags: apple, cloud, macOS

Grab tried to virtualize macOS, but Apple doesn’t make that easy First seen on theregister.com Jump to article: www.theregister.com/2025/11/07/grab_macos_cloud_repatriation_savings/
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…