Collecting Cyber-News from over 60 sources

Tag: macOS

Sapphire Sleet macOS Malware Abuses curlosascript Execution for Multi-Stage Payload Delivery

Jun 17, 2026 2:02 PM

Tags: cyber, infection, macOS, malware, update

Sapphire Sleet’s latest macOS campaign uses crafted .scpt AppleScript lures that pipe curl output directly to osascript, enabling a compact, multi-stage payload chain that executes entirely within Script Editor and evades many built”‘in macOS protections. The infection begins with a socially engineered lure fake SDK or update AppleScript files such as Zoom SDK Update.scpt or…
Critical Chrome Flaws Let Attackers Execute Arbitrary Code Update Immediately

Jun 17, 2026 8:02 AM

Tags: browser, chrome, cyber, flaw, google, macOS, update, vulnerability, windows

Google has released an urgent Chrome security update addressing multiple critical vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out to users globally, upgrades Chrome to version 149.0.7827.155/.156 for Windows and macOS and 149.0.7827.155 for Linux. Security researchers and enterprise defenders are strongly advised to apply the…
Amos Stealer Targets macOS Keychain Files and Browser Passwords

Jun 16, 2026 7:02 PM

Tags: data, macOS, password

Amos Stealer targets macOS users through fake downloads, stealing Keychain files, browser passwords, cookies, and developer configs for data theft. First seen on hackread.com Jump to article: hackread.com/amos-stealer-macos-keychain-files-browser-passwords/
âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

Jun 15, 2026 6:02 PM

Tags: ai, browser, chrome, cybersecurity, exploit, flaw, login, macOS, phishing, software, tool, vpn, zero-day

Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten software…
Weimer Network Defender: Netzwerk-Wachhund für macOS soll unbekannte Geräte aufspüren

Jun 12, 2026 2:02 PM

Tags: macOS, network

Weimer Network Defender nur für macOS: Netzwerküberwachung, Geräteerkennung und mehr Sicherheit für Heim- und Firmennetzwerke inklusive. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/weimer-network-defender-netzwerk-wachhund-fuer-macos-soll-unbekannte-geraete-aufspueren-330176.html
Product showcase: Avast One turns scam screenshots into actionable security advice

Jun 12, 2026 7:02 AM

Tags: android, identity, macOS, monitoring, privacy, scam, tool, windows

Avast One Free combines privacy, security, identity monitoring, and performance tools in a single platform. The app is available for Windows, macOS, Android, and iOS. Checking … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/12/product-showcase-avast-one-platform/
Weaponized DMG Files Deliver macOS Infostealer Malware

Jun 11, 2026 2:02 PM

Tags: authentication, credentials, crypto, cyber, macOS, malware, social-engineering, threat

A recent surge in macOS-targeted campaigns shows threat actors favoring weaponized disk images (.dmg) as the primary delivery mechanism for infostealer malware. Attackers are leveraging convincing, branded DMG installers and social-engineering tricks to bypass Gatekeeper and trick users into executing payloads that rapidly harvest credentials, cookies, authentication tokens, and cryptocurrency wallets before disappearing without persistence.…
Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor

Jun 8, 2026 9:42 PM

Tags: backdoor, google, macOS

Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users. First seen on hackread.com Jump to article: hackread.com/op-flutterbridge-fake-google-ads-spread-macos-backdoor/
Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs

Jun 8, 2026 2:42 PM

Tags: browser, chrome, cyber, flaw, google, linux, macOS, remote-code-execution, update, vulnerability, windows

Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical flaws that could enable remote code execution, memory corruption, and sandbox escapes. The update, version 149.0.7827.53/54, is being rolled out gradually and includes fixes across multiple components, including ANGLE, GPU,…
Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs

Jun 8, 2026 2:42 PM

Tags: browser, chrome, cyber, flaw, google, linux, macOS, remote-code-execution, update, vulnerability, windows

Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical flaws that could enable remote code execution, memory corruption, and sandbox escapes. The update, version 149.0.7827.53/54, is being rolled out gradually and includes fixes across multiple components, including ANGLE, GPU,…
Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware

Jun 6, 2026 5:42 AM

Tags: backdoor, macOS, malicious, malware

First seen on scworld.com Jump to article: www.scworld.com/news/malicious-podcast-pdf-apps-spread-fluttershell-macos-backdoor-malware
Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware

Jun 6, 2026 5:42 AM

Tags: backdoor, macOS, malicious, malware

First seen on scworld.com Jump to article: www.scworld.com/news/malicious-podcast-pdf-apps-spread-fluttershell-macos-backdoor-malware
Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords

Jun 5, 2026 3:43 PM

Tags: crypto, exploit, macOS, password, threat

Threat actors are deploying an updated SHub Stealer variant named Reaper that exploits the native macOS Script Editor to bypass OS-level protections and compromise cryptocurrency assets. First seen on hackread.com Jump to article: hackread.com/reaper-macos-infostealer-script-editor-crypto-passwords/
New SHub Stealer Variant Targets Major Browsers and Crypto Wallets

Jun 5, 2026 11:42 AM

Tags: apple, crypto, cyber, macOS, malicious, threat

Threat actors have resurfaced with an upgraded SHub stealer for macOS, now branded “Reaper,” and they’re using a stealthy distribution trick that should worry every Mac user. Attackers build fake download pages for popular apps (WeChat, Miro and others) and employ an automated ClickFix technique that opens Apple’s Script Editor preloaded with malicious code. One…
Apple Begins Rosetta’s Final Phase as Intel Mac Era Winds Down

Jun 5, 2026 5:42 AM

Tags: apple, macOS

Apple says macOS 26 Tahoe is the last major release for Intel Macs, with Rosetta support continuing through macOS 27 before narrowing. The post Apple Begins Rosetta’s Final Phase as Intel Mac Era Winds Down appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-macos-27-drops-intel-mac-support-rosetta/
Apple Begins Rosetta’s Final Phase as Intel Mac Era Winds Down

Jun 5, 2026 5:42 AM

Tags: apple, macOS

Apple says macOS 26 Tahoe is the last major release for Intel Macs, with Rosetta support continuing through macOS 27 before narrowing. The post Apple Begins Rosetta’s Final Phase as Intel Mac Era Winds Down appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-macos-27-drops-intel-mac-support-rosetta/
Malicious Ads Target macOS Users with FlutterShell Backdoor

Jun 4, 2026 3:42 PM

Tags: adware, backdoor, cyber, hacker, macOS, malicious, malware

Hackers are leveraging large-scale malvertising campaigns to distribute a newly identified macOS backdoor dubbed FlutterShell, marking a significant evolution in financially motivated adware operations. Security researchers tracking the activity attribute it to a broader cluster known as CL-CRI-1089 and have named the ongoing campaign Operation FlutterBridge. The campaign builds on earlier activity linked to the…
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Jun 4, 2026 2:42 PM

Tags: attack, backdoor, cybercrime, cybersecurity, google, group, macOS, malicious, malware, network

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell.According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the two…
JINX-0164 Targets Crypto Firms With macOS Malware

Jun 4, 2026 10:42 AM

Tags: access, crypto, cyber, endpoint, group, macOS, malware, social-engineering, software, threat

A series of targeted intrusions against cryptocurrency organizations, attributing the activity to a newly identified threat actor tracked as JINX-0164. The campaign combines advanced social engineering, custom macOS malware, and deep access into development and CI/CD environments, enabling attackers to pivot from individual developer endpoints to critical software distribution systems. The group primarily targets developers…
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys

Jun 3, 2026 7:42 AM

Tags: apt, crypto, cyber, finance, group, macOS, north-korea, threat

A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, is targeting high-value organizations in the financial and cryptocurrency sectors. The operation focuses on venture capital firms, Web3 developers, and crypto platforms, highlighting a continued shift in North Korean cyber operations toward financially…
Update Now: Apple Rolls Out Critical Fixes for iPhone 17, M5 Macs

Jun 2, 2026 7:42 PM

Tags: apple, iphone, macOS, update

Apple released iOS 26.5.1 and macOS 26.5.1 to fix iPhone 17 charging issues and M5 Mac shutdown problems before WWDC. The post Update Now: Apple Rolls Out Critical Fixes for iPhone 17, M5 Macs appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-ios-26-5-1-macos-26-5-1-bug-fixes/
WhatsApp Local Storage Claim Raises Apple Privacy Questions

May 26, 2026 5:00 AM

Tags: apple, macOS, privacy

Researchers allege that WhatsApp’s local storage on macOS and iOS may raise privacy concerns, though experts dispute the broader claim. The post WhatsApp Local Storage Claim Raises Apple Privacy Questions appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-local-storage-claim-apple-privacy/
FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack

May 25, 2026 7:00 PM

Tags: attack, hacker, macOS

Hackers compromised FBI Chief Kash Patel’s clothing store in a ClickFix attack that tricked macOS users into installing infostealer malware. First seen on hackread.com Jump to article: hackread.com/fbi-chief-kash-patel-store-hacked-infostealer-clickfix/
WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS

May 25, 2026 1:02 PM

Tags: container, cyber, data, data-breach, group, macOS

Security researchers have raised concerns over how WhatsApp stores user chat data on macOS and iOS, revealing that message databases may be stored in unencrypted form within app group containers accessible by other applications from the same developer ecosystem. According to researchers at Mysk, WhatsApp stores chat histories in plaintext within a shared app group…
WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS

May 25, 2026 1:02 PM

Tags: container, cyber, data, data-breach, group, macOS

Security researchers have raised concerns over how WhatsApp stores user chat data on macOS and iOS, revealing that message databases may be stored in unencrypted form within app group containers accessible by other applications from the same developer ecosystem. According to researchers at Mysk, WhatsApp stores chat histories in plaintext within a shared app group…
FBI Director’s Former Apparel Brand Hit by Malware

May 23, 2026 5:00 AM

Tags: cyber, email, government, hacker, incident, iran, macOS, malicious, malware

Malware Targeted macOS Users Visiting Patel Foundation Merchandise Page. Two months after Iran-linked hackers exfiltrated FBI Director Kash Patel’s personal email, the government official’s name is tangled up in another cyber incident, this time through a MAGA swag shop he co-founded. ClickFix malware on the site tried to trick shoppers into running a malicious command.…
Hackers Hide Malware in Nested macOS-Style Folders to Evade Scans

May 22, 2026 10:00 AM

Tags: cyber, detection, email, hacker, macOS, malware, phishing, social-engineering, spear-phishing

Hackers are increasingly adopting stealthy delivery techniques, and a newly uncovered spear-phishing campaign shows how nested macOS-like folder structures can be abused to evade detection while deploying advanced malware. The phishing email carries a ZIP attachment named “å¸¸å·žå¤§å¦2026å¹´ã€Šå›½å®¶å¦ç, Ÿä½“è´¨å¥åº·æ ‡å‡†ã€‹æµ‹è¯•é€šçŸ¥æœ€ç»ˆç‰ˆ.zip,” posing as an official university notice. The social engineering is unusually precise: failure in this fitness…
Google Chrome Security Flaws Could Let Attackers Execute Code Remotely

May 21, 2026 2:00 PM

Tags: browser, chrome, cyber, flaw, google, macOS, update, vulnerability, windows

Google has released a critical security update for its Chrome browser, addressing multiple vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out to users globally, upgrades Chrome to version 148.0.7778.178/179 for Windows and macOS, and 148.0.7778.178 for Linux. According to the official Chrome Releases blog, the latest…
Critical ExifTool Vulnerability Lets Hackers Compromise Macs via Malicious Images

May 20, 2026 4:00 PM

Tags: attack, automation, cve, cyber, hacker, macOS, malicious, risk, vulnerability

A newly disclosed vulnerability in ExifTool, tracked as CVE-2026-3102, exposes macOS systems to command execution attacks through malicious image metadata, highlighting ongoing risks in widely used file processing tools. ExifTool is a popular utility used across media workflows to read and write metadata in images, PDFs, and multimedia files. Its flexibility and integration into automation…
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft

May 19, 2026 10:00 PM

Tags: apple, business, crypto, data, google, macOS, malware, microsoft, password, threat

A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and business files from Macs. The post Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reaper-shub-malware-mac-users/