Tag: macOS

New ClickFix Attacks Exploit Official ChatGPT Website to Deliver macOS Infostealer

Dec 11, 2025 7:32 PM

Tags: attack, chatgpt, cyber, exploit, kaspersky, macOS, malicious, openai, social-engineering

Infostealers have become 2025’s fastest-growing cyberthreat, targeting all operating systems and regions with sophisticated social engineering tactics. In a new campaign discovered by Kaspersky experts, attackers are exploiting users’ interest in OpenAI’s Atlas browser by leveraging the official ChatGPT website itself as a hosting platform for malicious installation guides. The attack begins with paid search…
Hackers Are Using Shared AI Chats to Steal Your Passwords and Crypto

Dec 11, 2025 7:32 PM

Tags: ai, attack, chatgpt, credentials, crypto, cyber, exploit, google, hacker, LLM, macOS, malicious, malware, password, threat

A sophisticated malvertising campaign is exploiting ChatGPT and DeepSeek’s shared chat features to deliver credential-stealing malware to macOS users. Threat actors are purchasing sponsored Google search results and redirecting victims to legitimate-looking LLM-generated chat sessions that contain obfuscated malicious commands, effectively bypassing platform-level safety mechanisms. The attack begins when users search for common macOS troubleshooting…
Hackers Are Using Shared AI Chats to Steal Your Passwords and Crypto

Dec 11, 2025 7:32 PM

Tags: ai, attack, chatgpt, credentials, crypto, cyber, exploit, google, hacker, LLM, macOS, malicious, malware, password, threat

A sophisticated malvertising campaign is exploiting ChatGPT and DeepSeek’s shared chat features to deliver credential-stealing malware to macOS users. Threat actors are purchasing sponsored Google search results and redirecting victims to legitimate-looking LLM-generated chat sessions that contain obfuscated malicious commands, effectively bypassing platform-level safety mechanisms. The attack begins when users search for common macOS troubleshooting…
Google ads for shared ChatGPT, Grok guides push macOS infostealer malware

Dec 11, 2025 1:32 AM

Tags: chatgpt, google, guide, macOS, malware

A new AMOS infostealer campaign is abusing Google search ads to lure users into Grok and ChatGPT conversations that appear to offer “helpful” instructions but ultimately lead to installing the AMOS info-stealing malware on macOS. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-ads-for-shared-chatgpt-grok-guides-push-macos-infostealer-malware/
KI-Browser gefährden Unternehmen

Dec 10, 2025 2:32 PM

Tags: access, ai, chatgpt, ciso, cloud, gartner, injection, macOS, openai, phishing, risk, update, vulnerability

Experten warnen vor der Nutzung von KI-Browsern in Unternehmen.Die Gartner-Analysten Dennis Xu, Evgeny Mirolyubov und John Watts empfehlen Unternehmen dringend, alle KI-Browser aufgrund der Cybersicherheitsrisiken auf absehbare Zeit zu blockieren. Sie stützten ihre Empfehlung auf bereits identifizierte Risiken ‘und andere potenzielle Risiken, die noch entdeckt werden müssen, da es sich um eine sehr junge Technologie…
KI-Browser gefährden Unternehmen

Dec 10, 2025 2:32 PM

Tags: access, ai, chatgpt, ciso, cloud, gartner, injection, macOS, openai, phishing, risk, update, vulnerability

Experten warnen vor der Nutzung von KI-Browsern in Unternehmen.Die Gartner-Analysten Dennis Xu, Evgeny Mirolyubov und John Watts empfehlen Unternehmen dringend, alle KI-Browser aufgrund der Cybersicherheitsrisiken auf absehbare Zeit zu blockieren. Sie stützten ihre Empfehlung auf bereits identifizierte Risiken ‘und andere potenzielle Risiken, die noch entdeckt werden müssen, da es sich um eine sehr junge Technologie…
Classic MacOS for non-Apple PowerPC kit rediscovered

Dec 10, 2025 7:32 AM

Tags: apple, jobs, macOS

Unreleased variants that Jobs killed off found 7.6 on a G4, anyone? First seen on theregister.com Jump to article: www.theregister.com/2025/12/08/classic_macos_for_nonapple_powerpc/
Classic MacOS for non-Apple PowerPC kit rediscovered

Dec 10, 2025 7:32 AM

Tags: apple, jobs, macOS

Unreleased variants that Jobs killed off found 7.6 on a G4, anyone? First seen on theregister.com Jump to article: www.theregister.com/2025/12/08/classic_macos_for_nonapple_powerpc/
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws

Dec 10, 2025 5:33 AM

Tags: attack, cve, cyber, data, data-breach, flaw, macOS, software, unauthorized, update, vulnerability, windows

Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability, tracked as CVE-2025-67460, affects Zoom Rooms for Windows with a High severity rating. This flaw…
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws

Dec 10, 2025 5:33 AM

Tags: attack, cve, cyber, data, data-breach, flaw, macOS, software, unauthorized, update, vulnerability, windows

Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability, tracked as CVE-2025-67460, affects Zoom Rooms for Windows with a High severity rating. This flaw…
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws

Dec 10, 2025 5:33 AM

Tags: attack, cve, cyber, data, data-breach, flaw, macOS, software, unauthorized, update, vulnerability, windows

Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability, tracked as CVE-2025-67460, affects Zoom Rooms for Windows with a High severity rating. This flaw…
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws

Dec 10, 2025 5:33 AM

Tags: attack, cve, cyber, data, data-breach, flaw, macOS, software, unauthorized, update, vulnerability, windows

Zoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations across enterprise environments. The first vulnerability, tracked as CVE-2025-67460, affects Zoom Rooms for Windows with a High severity rating. This flaw…
Keep AI browsers out of your enterprise, warns Gartner

Dec 8, 2025 7:33 PM

Tags: access, ai, chatgpt, ciso, communications, control, credentials, cybersecurity, data, endpoint, flaw, gartner, group, injection, macOS, network, openai, phishing, privacy, risk, unauthorized, update, vulnerability

Traditional controls inadequate: AI browsers can autonomously navigate websites, fill out forms, and complete transactions while authenticated to web resources. As he and his colleagues wrote in their report, this makes the AI browsers susceptible to new cybersecurity risks, “such as indirect prompt-injection-induced rogue agent actions, inaccurate reasoning-driven erroneous agent actions, and further loss and…
Keep AI browsers out of your enterprise, warns Gartner

Dec 8, 2025 7:33 PM

Tags: access, ai, chatgpt, ciso, communications, control, credentials, cybersecurity, data, endpoint, flaw, gartner, group, injection, macOS, network, openai, phishing, privacy, risk, unauthorized, update, vulnerability

Traditional controls inadequate: AI browsers can autonomously navigate websites, fill out forms, and complete transactions while authenticated to web resources. As he and his colleagues wrote in their report, this makes the AI browsers susceptible to new cybersecurity risks, “such as indirect prompt-injection-induced rogue agent actions, inaccurate reasoning-driven erroneous agent actions, and further loss and…
Google Rolls Out Chrome 143 Update for Billions Worldwide

Dec 5, 2025 4:32 PM

Tags: browser, chrome, flaw, google, linux, macOS, update, vulnerability, windows

Chrome 143 fixes 13 security vulnerabilities, including four high-severity flaws, in a December desktop update rolling out to Windows, macOS, and Linux users. The post Google Rolls Out Chrome 143 Update for Billions Worldwide appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-143-update-13-security-fixes/
Sicherheitsforscher warnt: Apple zeigt den Mittelfinger in Richtung MacOS

Dec 4, 2025 1:32 PM

Tags: apple, macOS

Forscher erhalten künftig teils deutlich weniger Geld für an Apple gemeldete MacOS-Sicherheitslücken. Betroffene sind nicht begeistert. First seen on golem.de Jump to article: www.golem.de/news/macos-apple-veraergert-forscher-mit-gekuerzten-bug-bounty-praemien-2512-202913.html
Sicherheitsforscher warnt: Apple zeigt den Mittelfinger in Richtung MacOS

Dec 4, 2025 1:32 PM

Tags: apple, macOS

Forscher erhalten künftig teils deutlich weniger Geld für an Apple gemeldete MacOS-Sicherheitslücken. Betroffene sind nicht begeistert. First seen on golem.de Jump to article: www.golem.de/news/macos-apple-veraergert-forscher-mit-gekuerzten-bug-bounty-praemien-2512-202913.html
Contagious Interview attackers go ‘full stack’ to fool developers

Dec 1, 2025 5:49 PM

Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, worm

Coding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
Neue Gefahr für macOS: DigitStealer stiehlt Daten unbemerkt

Nov 28, 2025 7:49 AM

Tags: macOS, threat

Ein aktueller Fund des Threat-Labs-Teams von Jamf zeigt, dass macOS-Nutzer einer neuen Form von Datendiebstahl ausgesetzt sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/macos-digitstealer-stiehlt-daten
Neue Gefahr für macOS: DigitStealer stiehlt Daten unbemerkt

Nov 28, 2025 7:49 AM

Tags: macOS, threat

Ein aktueller Fund des Threat-Labs-Teams von Jamf zeigt, dass macOS-Nutzer einer neuen Form von Datendiebstahl ausgesetzt sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/macos-digitstealer-stiehlt-daten
macOS Infostealer “DigitStealer” hinterlässt kaum Spuren in betroffenen Systemen

Nov 26, 2025 3:50 PM

Tags: Hardware, macOS

Dies deutet darauf hin, dass die Angreifer hinter DigitStealer ein tiefgreifendes Verständnis von macOS-Betriebssystemen aufweisen. Insbesondere die Aufteilung der Payloads und die Nutzung von Hardware-Prüfungen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/macos-infostealer-digitstealer-hinterlaesst-kaum-spuren-in-betroffenen-systemen/a42971/
Hackers Trick macOS Users into Running Terminal Commands to Install FlexibleFerret Malware

Nov 26, 2025 12:49 PM

Tags: cyber, hacker, jobs, macOS, malicious, malware, north-korea, social-engineering, tactics, threat

North Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. The campaign, attributed to the Contagious Interview operation, represents a refined iteration of social engineering tactics designed to bypass macOS security protections,…
Hackers Trick macOS Users into Running Terminal Commands to Install FlexibleFerret Malware

Nov 26, 2025 12:49 PM

Tags: cyber, hacker, jobs, macOS, malicious, malware, north-korea, social-engineering, tactics, threat

North Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. The campaign, attributed to the Contagious Interview operation, represents a refined iteration of social engineering tactics designed to bypass macOS security protections,…
DPRK’s FlexibleFerret Tightens macOS Grip

Nov 25, 2025 11:49 PM

Tags: credentials, macOS, scam, social-engineering, tactics

The actor behind the Contagious Interview campaign is continuing to refine its tactics and social engineering scams to wrest credentials from macOS users. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dprks-flexibleferret-tightens-macos-grip
New FlexibleFerret Malware Chain Targets macOS With Go Backdoor

Nov 25, 2025 3:49 PM

Tags: access, backdoor, credentials, macOS, malware

A new macOS malware chain using staged scripts and a Go-based backdoor has been attributed to FlexibleFerret, designed to steal credentials and maintain system access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flexibleferret-malware-macos-go/
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

Nov 21, 2025 7:49 PM

Tags: android, apple, google, iphone, macOS, rust, service

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad,…
Tsundere Botnet Targets Windows, Linux macOS via Node.js Packages

Nov 20, 2025 9:49 PM

Tags: botnet, cyber, kaspersky, linux, macOS, russia, supply-chain, threat, windows

A Russian-speaking threat actor attributed to the username >>koneko