Collecting Cyber-News from over 60 sources

Tag: macOS

WhatsApp 0-Click Flaw Abused via Malicious DNG Image File

Sep 29, 2025 3:08 PM

Tags: apple, attack, cve, cyber, exploit, flaw, macOS, malicious, remote-code-execution

A newly discoveredzero-click remote code execution (RCE)vulnerability in WhatsApp is putting millions of Apple users at risk. Researchers from DarkNavyOrg have demonstrated a proof-of-concept (PoC) exploit that leverages two distinct flaws to compromise iOS, macOS, and iPadOS devices without any user interaction. The attack chain begins with CVE-2025-55177, a critical logic error in WhatsApp’s message…
New ModStealer Evades Antivirus, Targets macOS Users to Steal Sensitive Data

Sep 29, 2025 10:08 AM

Tags: antivirus, apple, crypto, cyber, cybercrime, cybersecurity, data, macOS, malware, threat

A sophisticated new malware strain targeting macOS users has emerged, capable of bypassing traditional antivirus solutions while specifically targeting developers and cryptocurrency holders. The cross-platform threat, dubbed ModStealer, represents the latest evolution in macOS-focused cybercrime, highlighting the growing security challenges facing Apple users in 2024. ModStealer was first identified by cybersecurity firm Mosyle and reported through…
Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass

Sep 29, 2025 8:09 AM

Tags: apple, cyber, data, exploit, framework, google, leak, macOS, vulnerability

Google Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerability Overview The vulnerability exploits a technique that leverages pointer-keyed data structures in Apple’s NSKeyedArchiver serialization framework to leak…
Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass

Sep 29, 2025 8:09 AM

Tags: apple, cyber, data, exploit, framework, google, leak, macOS, vulnerability

Google Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerability Overview The vulnerability exploits a technique that leverages pointer-keyed data structures in Apple’s NSKeyedArchiver serialization framework to leak…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Sep 28, 2025 4:08 PM

Tags: attack, github, international, LLM, macOS, malware

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Brewing Trouble, Dissecting a macOS Malware Campaign Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware Prompts as Code & Embedded Keys – The Hunt for LLM-Enabled […]…
Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Sep 26, 2025 10:09 PM

Tags: attack, exploit, intelligence, macOS, malware, microsoft, threat, vulnerability, zero-day

Microsoft Threat Intelligence researchers found a new XCSSET macOS malware variant used in limited attacks. Microsoft Threat Intelligence researchers have discovered a new version of the macOS malware XCSSET that has been employed in limited attacks. Trend Micro first spotted the malware in 2020 when it was spreading through Xcode projects and exploiting two zero-day vulnerabilities…
Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects

Sep 26, 2025 6:09 PM

Tags: apple, crypto, defense, macOS, malware, microsoft

Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/microsoft_xcsset_macos/
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

Sep 26, 2025 12:09 PM

Tags: apple, browser, cybersecurity, encryption, intelligence, macOS, malware, microsoft, threat

Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks.”This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the Microsoft Threat Intelligence team said in a Thursday report.”It employs sophisticated encryption and obfuscation First seen…
Zorin OS 18 beta makes Linux look like anything but Linux

Sep 26, 2025 9:09 AM

Tags: linux, macOS, switch, windows

Windows, macOS, Cinnamon, even iPadOS all just a layout switch away First seen on theregister.com Jump to article: www.theregister.com/2025/09/24/zorin_os_18_beta/
New XCSSET Malware Variant Targets macOS App Developers

Sep 26, 2025 9:09 AM

Tags: cyber, cybersecurity, data, intelligence, macOS, malware, microsoft, threat, update

Cybersecurity researchers have discovered an advanced variant of the XCSSET malware specifically targeting macOS developers through infected Xcode projects, introducing sophisticated clipboard hijacking and enhanced data exfiltration capabilities. Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules beyond those detailed in previous security analyses. The…
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs

Sep 26, 2025 1:16 AM

Tags: attack, intelligence, macOS, malware, microsoft, threat

Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-warns-of-new-xcsset-macos-malware-variant-targeting-xcode-devs/
LastPass: Fake password managers infect Mac users with malware

Sep 22, 2025 6:16 PM

Tags: github, macOS, malicious, malware, password, software

LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lastpass-fake-password-managers-infect-mac-users-with-malware/
Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Sep 22, 2025 5:16 PM

Tags: github, macOS, malicious, software

MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/22/macos-infostealer-campaign-github/
Beware: GitHub repos distributing Atomic Infostealer on macOS

Sep 22, 2025 9:16 AM

Tags: github, intelligence, macOS, malware, mitigation, threat, tool

LastPass warns macOS users of fake GitHub repos distributing Atomic infostealer malware disguised as legitimate tools. LastPass warns macOS users about fake GitHub repositories spreading malware disguised as legitimate tools, redirecting victims to download the Atomic macOS infostealer. >>The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team is tracking an ongoing, widespread infostealer campaign targeting…
Hackers Abuse GitHub Pages to Spread Stealer Malware to macOS Users

Sep 22, 2025 8:15 AM

Tags: cyber, exploit, github, hacker, intelligence, macOS, malicious, malware, mitigation, software, tactics, threat

A sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to unsuspecting victims. The LastPass Threat Intelligence, Mitigation, and Escalation team has identified an ongoing widespread infostealer operation that specifically targets macOS users through…
Hackers Abuse GitHub Pages to Spread Stealer Malware to macOS Users

Sep 22, 2025 8:15 AM

Tags: cyber, exploit, github, hacker, intelligence, macOS, malicious, malware, mitigation, software, tactics, threat

A sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to unsuspecting victims. The LastPass Threat Intelligence, Mitigation, and Escalation team has identified an ongoing widespread infostealer operation that specifically targets macOS users through…
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer

Sep 20, 2025 10:16 AM

Tags: apple, github, macOS, malware

LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools.”In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware,” researchers Alex Cox, Mike Kosak, and First seen on thehackernews.com…
Fake Empire Podcast Invites Target Crypto Industry with macOS AMOS Stealer

Sep 18, 2025 2:16 PM

Tags: crypto, hacker, macOS

Hackers are posing as Empire podcast hosts, tricking crypto influencers and developers with fake interview invites to deliver macOS AMOS Stealer malware. First seen on hackread.com Jump to article: hackread.com/fake-empire-podcast-invites-crypto-macos-amos-stealer/
Malicious PyPI Packages Deliver SilentSync RAT

Sep 18, 2025 5:16 AM

Tags: access, api, attack, backdoor, breach, browser, chrome, cloud, control, credentials, data, detection, email, endpoint, government, healthcare, identity, linux, macOS, malicious, malware, network, open-source, password, pypi, rat, risk, service, software, supply-chain, threat, windows

IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In July 2025, a malicious Python package named termncolor was identified by ThreatLabz. Just a few weeks later, on August 4, 2025, ThreatLabz uncovered two more malicious Python packages…
Apple Releases iOS 26, macOS Tahoe 26 and 50+ Security Fixes

Sep 17, 2025 8:16 PM

Tags: apple, flaw, iphone, macOS

Apple just fixed more than 50 security flaws across iPhone, iPad, Mac, Watch, TV, and Vision Pro. The post Apple Releases iOS 26, macOS Tahoe 26 and 50+ Security Fixes appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-ios26-macos26-release-security-fixes/
VirtualBox 7.2.2 Update Released with Fix for Guest GUI Crashes

Sep 12, 2025 8:16 AM

Tags: cyber, linux, macOS, oracle, software, update, windows

Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s reliability and user experience. Critical GUI Crash Fixes Implemented The most significant improvements in VirtualBox…
Breach Roundup: Vidar Strikes Back

Sep 11, 2025 11:16 PM

Tags: attack, backdoor, breach, data, flaw, hacker, macOS, ransomware, update

Also, Akira Ransomware Resumes Attacks Via SonicWall Flaws. This week, the Vidar infostealer, BlackDB admin, Akira ransomware hackers and Patch Tuesday. A warning for British bankers, a Cursor flaw, a Brazilian dating app shut down. KazMunayGas said it wasn’t hacked. Wealthsimple and Hello Gym data breaches. A macOS backdoor hid in plain sight for years.…
ChillyHell macOS Malware Resurfaces, Using Google.com as a Decoy

Sep 11, 2025 1:16 PM

Tags: macOS, malware, threat

A previously dormant macOS threat, ChillyHell, is reviving. Read how this malware can bypass security checks, remain hidden,… First seen on hackread.com Jump to article: hackread.com/chillyhell-macos-malware-resurfaces-google-com-decoy/
ChillyHell macOS Malware: Three Methods of Compromise and Persistence

Sep 11, 2025 9:16 AM

Tags: antivirus, cyber, detection, endpoint, macOS, malware, threat

A new wave of macOS-targeted malware has emerged under the radar”, despite employing advanced process reconnaissance and maintaining successful notarization status for years. Jamf Threat Labs recently uncovered a developer-signed sample on VirusTotal that used sophisticated endpoint profiling and established persistence using several different mechanisms. The malware, dubbed ChillyHell, has evaded popular antivirus detections even…
Apple slips up on ChillyHell macOS malware, lets it past security . . . for 4 years

Sep 10, 2025 9:16 PM

Tags: apple, cybercrime, group, macOS, malware, threat

‘We do believe that this was likely the creation of a cybercrime group,’ threat hunter tells The Reg First seen on theregister.com Jump to article: www.theregister.com/2025/09/10/chillyhell_modular_macos_malware/
Dormant macOS Backdoor ChillyHell Resurfaces

Sep 10, 2025 6:02 PM

Tags: backdoor, macOS, malware, password

With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/dormant-macos-backdoor-chillyhell-resurfaces
Cursor’s autorun lets hackers execute arbitrary code

Sep 10, 2025 5:16 PM

Tags: data-breach, hacker, macOS, microsoft

Security Debt in the Cursor Ecosystem: The disclosure isn’t an isolated scenario. Earlier this year, Cursor was already targeted by campaigns like CurXecute and MCPoison, along with npm package tampering aimed at macOS users. Barr warned that the .vscode/tasks.json issue is “just another piece of the same puzzle: attackers are looking deep into Cursor’s ecosystem…
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems

Sep 10, 2025 5:16 PM

Tags: access, apple, backdoor, cybersecurity, linux, macOS, malware, rat, threat, windows

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems

Sep 10, 2025 5:16 PM

Tags: access, apple, backdoor, cybersecurity, linux, macOS, malware, rat, threat, windows

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems

Sep 10, 2025 5:16 PM

Tags: access, apple, backdoor, cybersecurity, linux, macOS, malware, rat, threat, windows

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…