Tag: macOS
-
Take these 5 steps to protect against macOS security gaps
by
in SecurityNews
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/perspective/take-these-5-steps-to-protect-against-macos-security-gaps
-
Albabat Ransomware Expands Reach to Target Linux and macOS Platforms
by
in SecurityNewsA recent report from Trend Micro has revealed that a new variant of the Albabat ransomware now targets Linux and macOS platforms, marking a significant expansion in its capabilities. Previously limited to Windows systems, this updated strain demonstrates the evolving sophistication of ransomware threats. The malware is still under active development, with its multi-OS functionality…
-
New Phishing Campaign Targets macOS Users with Fake Security Alerts
by
in SecurityNewsLayerX Labs reports a sophisticated macOS phishing campaign, evading security measures. Learn how attackers adapt and steal credentials from Mac users. First seen on hackread.com Jump to article: hackread.com/new-phishing-campaign-targeted-at-mac-users/
-
New phishing campaign uses scareware to steal Apple credentials
by
in SecurityNewsThe campaign previously targeted Windows users: According to LayerX researchers, the campaign has been seen targeting Mac users only in the last few months. Initially, it targeted Windows users by masquerading as Microsoft security alerts.Designed to steal user credentials, threat actors have apparently shifted focus to Mac users owing to new security features being rolled…
-
Albabat Ransomware Expands Targets, Abuses GitHub
by
in SecurityNewsNew versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub. The post Albabat Ransomware Expands Targets, Abuses GitHub appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/
-
Researchers Reveal macOS Vulnerability Exposing System Passwords
by
in SecurityNewsA recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in the latest security updates for macOS Sequoia 15.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1. This vulnerability could potentially expose system passwords, emphasizing the importance of updating macOS devices to the latest versions. Background and…
-
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
by
in SecurityNewsRecent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and macOS systems. This expansion highlights the increasing sophistication of ransomware groups in exploiting multiple operating systems to maximize their impact. The Albabat group has been leveraging GitHub to streamline its operations,…
-
Albabat Ransomware Evolves to Target Linux and macOS
by
in SecurityNewsTrend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/albabat-ransomware-linux-macos/
-
Xcode Projects Targeted By New XCSSET macOS Malware Variant
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/xcode-projects-targeted-by-new-xcsset-macos-malware-variant
-
XCSSET macOS malware variant targets Xcode projects of app developers
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/xcsset-macos-malware-variant-targets-xcode-projects-of-app-developers
-
Apple Rolls Out Critical Security Fixes: iOS 18.3.2, macOS Ventura, and More Receive Important Updates
by
in SecurityNewsApple has released a series of crucial security updates designed to patch vulnerabilities across its ecosystem of devices. On March 11, 2025, the tech giant rolled the Apple security update with iOS 18.3.2, iPadOS 18.3.2, macOS Ventura, macOS Sonoma, macOS Sequoia, visionOS 2.3.2, and tvOS 18.3.1, addressing multiple security flaws that could potentially have been…
-
iPhone-Nutzer attackiert: Aktiv ausgenutzte Webkit-Lücke gefährdet Apple-Geräte
by
in SecurityNewsAngreifer können durch die Schwachstelle aus der Web-Content-Sandbox von Webkit ausbrechen. Apple verteilt Notfallupdates für iOS, MacOS und Safari. First seen on golem.de Jump to article: www.golem.de/news/iphone-nutzer-attackiert-aktiv-ausgenutzte-webkit-luecke-gefaehrdet-apple-geraete-2503-194203.html
-
macOS NULL Pointer Dereference Vulnerability Allow Attackers Exploits Kernel
by
in SecurityNewsHistorically, NULL pointer dereferences have been a significant vulnerability in operating systems, including macOS. These occur when software attempts to access memory at address 0 via a NULL pointer, leading to potential crashes or, under certain conditions, exploitation by attackers. In the past, attackers could exploit such vulnerabilities by mapping controlled memory at address 0,…
-
Linux, macOS users infected with malware posing as legitimate Go packages
Campaign is tailor-made for persistence : The repeated use of identical filenames, array-based string obfuscation, and delayed execution tactics strongly suggests a coordinated adversary who plans to persist and adapt, the researchers added.The presence of multiple malicious Hypert and Layout packages along with several fallback domains also suggests a resilient infrastructure. This setup will allow threat…
-
Typosquatting campaign targets financial sector Linux, macOS systems
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/typosquatting-campaign-targets-financial-sector-linux-macos-systems
-
Malware Infects Linux and macOS via Typosquatted Go Packages
by
in SecurityNewsSocket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the… First seen on hackread.com Jump to article: hackread.com/malware-infects-linux-macos-typosquatted-go-packages/
-
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
by
in SecurityNewsCybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.”The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers First seen on thehackernews.com…
-
Chrome 134 Launches with Patches for 14 Crash-Inducing Vulnerabilities
by
in SecurityNewsGoogle has rolled out Chrome 134 to the stable channel for Windows, macOS, and Linux, addressing14 security vulnerabilities”, including high-severity flaws that could enable remote code execution or crashes. The update, version 134.0.6998.35 for Linux, 134.0.6998.35/36 for Windows, and 134.0.6998.44/45 for macOS, follows weeks of testing and includes critical fixes for vulnerabilities in components like…
-
North Korean Hackers Deploy RustDoor and Koi Stealer to Target Cryptocurrency Developers on macOS
by
in SecurityNewsA recent cybersecurity report from Unit 42 has revealed a new wave of North Korean-linked cyberattacks targeting macOS First seen on securityonline.info Jump to article: securityonline.info/north-korean-hackers-deploy-rustdoor-and-koi-stealer-to-target-cryptocurrency-developers-on-macos/
-
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
by
in SecurityNewsCybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram.LightSpy is the name given to a modular spyware that’s capable of infecting both Windows and Apple systems with an aim to harvest…
-
Parallels Desktop: Zero-Day-Exploit verleiht Angreifern Root-Zugriff auf MacOS
Eigentlich gibt es für die Sicherheitslücke längst einen Patch. Effektiv ist dieser aber wohl nicht. Ein Forscher zeigt, wie er sich umgehen lässt. First seen on golem.de Jump to article: www.golem.de/news/patch-laesst-sich-umgehen-root-luecke-in-parallels-desktop-gefaehrdet-mac-nutzer-2502-193685.html
-
Parallels Desktop: Zero-Day-Exploit verleiht Angreifern unter MacOS Root-Rechte
by
in SecurityNewsEigentlich gibt es für die Sicherheitslücke längst einen Patch. Effektiv ist dieser aber wohl nicht. Ein Forscher zeigt, wie er sich umgehen lässt. First seen on golem.de Jump to article: www.golem.de/news/patch-laesst-sich-umgehen-root-luecke-in-parallels-desktop-gefaehrdet-mac-nutzer-2502-193685.html
-
LightSpy Malware Expands With 100+ Commands to Target Users Across All Major OS Platforms
by
in SecurityNewsThe LightSpy surveillance framework has significantly evolved its operational capabilities, now supporting over 100 commands to infiltrate Android, iOS, Windows, macOS, and Linux systems, and routers, according to new infrastructure analysis. First documented in 2020, this modular malware has shifted from targeting messaging applications to focusing on social media database extraction and cross-platform surveillance, marking…
-
Parallels Desktop 0-Day Exploit Enables Root Privileges PoC Released
by
in SecurityNewsA critical zero-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed after seven months of unresolved reporting, enabling attackers to escalate privileges to the root level on macOS systems. The proof-of-concept (PoC) exploit code demonstrates two distinct bypass methods that circumvent existing patches for CVE-2024-34331, a previously addressed privilege escalation flaw. Technical Overview…
-
Zero Trust World: MacOS malware risks and protections
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/resource/zero-trust-world-macos-malware-risks-and-protections
-
Novel FrigidStealer macOS malware spread via bogus browser updates
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/novel-frigidstealer-macos-malware-spread-via-bogus-browser-updates
-
Russian cyberespionage groups target Signal users with fake group invites
by
in SecurityNewsQR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…