Tag: macOS

Odyssey Stealer umgeht macOS-Schutzmaßnahmen

Aug 28, 2025 7:23 AM

Tags: apple, macOS, malware

Sicherheitsforscher von Jamf haben eine Variante des bekannten Atomic Stealer entdeckt. Die “Odyssey Stealer” getaufte Malware nutzt eine gültige Apple Developer ID, um Apples Sicherheitssysteme zu umgehen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/odyssey-stealer-macos
First AI-Powered Ransomware PromptLock Targets Windows, Linux and macOS

Aug 28, 2025 12:23 AM

Tags: ai, linux, macOS, openai, ransomware, windows

ESET has identified PromptLock, the first AI-powered ransomware, using OpenAI models to generate scripts that target Windows, Linux… First seen on hackread.com Jump to article: hackread.com/first-ai-promptlock-ransomware-windows-linux-macos/
Experimental PromptLock ransomware uses AI to encrypt, steal data

Aug 27, 2025 11:23 PM

Tags: ai, data, linux, macOS, ransomware, threat, windows

Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows, macOS, and Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/experimental-promptlock-ransomware-uses-ai-to-encrypt-steal-data/
Docker Desktop Vulnerability Allowed Host Takeover on Windows, macOS

Aug 27, 2025 4:24 PM

Tags: docker, flaw, macOS, vulnerability, windows

A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious… First seen on hackread.com Jump to article: hackread.com/docker-desktop-vulnerability-host-takeover-windows-macos/
Critical Chrome UseFree Flaw Enables Arbitrary Code Execution

Aug 27, 2025 9:23 AM

Tags: browser, chrome, cyber, flaw, google, macOS, update, vulnerability, windows

Google has released an urgent security update for the Chrome Stable channel to address acritical use-after-free vulnerabilityin the ANGLE graphics library that could allow attackers to execute arbitrary code on vulnerable systems. The fixes arrive as part of Chrome Stable versions 139.0.7258.154/.155 on Windows and macOS, and 139.0.7258.154 on Linux. Users are advised to update immediately, as the patch…
Aktiv ausgenutzte Sicherheitslücke – Notfallupdate für iOS, iPadOS und macOS

Aug 26, 2025 7:54 AM

Tags: bug, macOS

First seen on security-insider.de Jump to article: www.security-insider.de/apple-schliesst-kritische-sicherheitsluecke-a-805ec52b0f129b2ca1e16768c2f0e1a8/
Docker fixes critical Desktop flaw allowing container escapes

Aug 26, 2025 12:55 AM

Tags: container, docker, exploit, flaw, macOS, vulnerability, windows

Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker Desktop app for Windows and macOS. An attacker can exploit the flaw to potentially escape…
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Aug 25, 2025 9:55 PM

Tags: access, container, cve, cvss, docker, flaw, macOS, malicious, vulnerability, windows

Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container.The vulnerability, tracked as CVE-2025-9074, carries a CVSS score of 9.3 out of 10.0. It has been addressed in version 4.44.3.”A malicious…
Critical Docker Desktop flaw lets attackers hijack Windows hosts

Aug 25, 2025 5:54 PM

Tags: container, docker, flaw, macOS, malicious, vulnerability, windows

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/
Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign

Aug 25, 2025 4:54 PM

Tags: macOS, malware

A variant of the Atomic macOS Stealer (AMOS) targets macOS users via fake support sites in malvertising campaign First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fake-macos-spread-infostealer/
Fake macOS help sites push Shamos infostealer via ClickFix technique

Aug 25, 2025 2:54 PM

Tags: crowdstrike, macOS

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/25/fake-macos-help-sites-push-shamos-infostealer-via-clickfix-technique/
Fake macOS help sites push Shamos infostealer via ClickFix technique

Aug 25, 2025 2:54 PM

Tags: crowdstrike, macOS

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/25/fake-macos-help-sites-push-shamos-infostealer-via-clickfix-technique/
New macOS Installer Boasts Lightning-Fast Data Theft, Marketed on Dark Web

Aug 25, 2025 11:55 AM

Tags: cyber, dark-web, data, macOS, malware, service, theft, threat

A novel macOS infostealer malware, designated as Mac.c, has emerged as a formidable contender in the underground malware-as-a-service (MaaS) ecosystem. Developed openly by a threat actor operating under the pseudonym >>mentalpositive,
Kopia: Open-source encrypted backup tool for Windows, macOS, Linux

Aug 25, 2025 7:54 AM

Tags: backup, cloud, linux, macOS, network, open-source, tool, windows

Kopia is an open-source backup and restore tool that lets you create encrypted snapshots of your files and store them in cloud storage, on a remote server, on network-attached … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/25/kopia-open-source-encrypted-backup-tool-windows-macos-linux/
Over 300 entities hit by a variant of Atomic macOS Stealer in recent campaign

Aug 23, 2025 9:54 AM

Tags: crowdstrike, macOS, malware

Over 300 entities hit by the Atomic macOS Stealer via malvertising campaign between June and August, CrowdStrike warns. From June and August, over 300 entities were hit by a variant of the Atomic macOS Stealer (AMOS) called SHAMOS, reports CrowdStrike. The Atomic macOS Stealer lets operators steal diverse information from infected machines. This includes Keychain…
COOKIE SPIDER’s Malvertising Drops New SHAMOS macOS Malware

Aug 23, 2025 1:55 AM

Tags: crowdstrike, macOS, malware

CrowdStrike reports COOKIE SPIDER using malvertising to spread SHAMOS macOS malware (a new variant of AMOS infostealer), stealing… First seen on hackread.com Jump to article: hackread.com/cookie-spider-malvertising-new-shamos-macos-malware/
ClickFix Exploit Emerges: Microsoft Flags Cross-Platform Attacks Targeting Windows and macOS

Aug 22, 2025 3:54 PM

Tags: attack, cyber, exploit, intelligence, macOS, malicious, microsoft, social-engineering, threat, windows

Microsoft Threat Intelligence has spotlighted the escalating adoption of the ClickFix social engineering technique, a sophisticated method that manipulates users into executing malicious commands on their devices, bypassing traditional automated security defenses. Observed since early 2024, this tactic has targeted thousands of enterprise and end-user systems daily, delivering payloads such as Lumma Stealer infostealers, remote…
CISA Warns of Actively Exploited 0-Day Vulnerability in Apple iOS, iPadOS, and macOS

Aug 22, 2025 2:54 PM

Tags: apple, cisa, cve, cyber, cybersecurity, exploit, framework, infrastructure, macOS, risk, vulnerability, zero-day

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability affecting Apple iOS, iPadOS, and macOS systems that is being actively exploited in the wild. CVE-2025-43300, an out-of-bounds write vulnerability in Apple’s Image I/O framework, poses significant security risks to millions of users across Apple’s ecosystem. Critical Vulnerability…
Apple Releases Patch for Likely Exploited Zero-Day Vulnerability

Aug 22, 2025 11:54 AM

Tags: apple, exploit, iphone, macOS, update, vulnerability, zero-day

All Apple users are encouraged to update their iPhones, iPads and macOS devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-patch-likely-exploited-zero/
Apple discloses actively exploited zero-day affecting iOS, iPadOS and macOS

Aug 22, 2025 12:54 AM

Tags: apple, attack, exploit, macOS, zero-day

The defect, which affects the company’s most popular devices, has been exploited in an “extremely sophisticated attack against specific targeted individuals,” Apple said. First seen on cyberscoop.com Jump to article: cyberscoop.com/apple-zero-day-ios-macos-ipados-august-2025/
Apple addressed the seventh actively exploited zero-day

Aug 21, 2025 7:54 PM

Tags: apple, cve, exploit, framework, macOS, vulnerability, zero-day

Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing…
New SHAMOS Malware Targets macOS Through Fake Help Sites to Steal Login Credentials

Aug 21, 2025 2:56 PM

Tags: credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, group, login, macOS, malware, service

Cybersecurity researchers at CrowdStrike identified and thwarted a sophisticated malware campaign deploying SHAMOS, an advanced variant of the Atomic macOS Stealer (AMOS) malware, orchestrated by the cybercriminal group COOKIE SPIDER. Operating under a malware-as-a-service model, COOKIE SPIDER rents out this information stealer to affiliates who target victims to harvest sensitive data, including login credentials, cryptocurrency…
Apple rushes out fix for active zero-day in iOS and macOS

Aug 21, 2025 2:56 PM

Tags: apple, exploit, macOS, zero-day

Another ‘extremely sophisticated’ exploit chewing at Cupertino’s walled garden First seen on theregister.com Jump to article: www.theregister.com/2025/08/21/apple_imageio_exploit/
CVE-2025-43300: Critical Zero-Day Bug in iOS, iPadOS, and macOS

Aug 21, 2025 10:54 AM

Tags: apple, cve, flaw, framework, iphone, macOS, software, update, vulnerability, zero-day

CVE-2025-43300: Vulnerability in Image Handling Framework Apple has released urgent software updates for iPhones, iPads, and Macs after identifying a zero-day security flaw that was already being exploited. The issue, cataloged as CVE-2025-43300, exists in the ImageIO framework and can… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-43300-zero-day-apple/
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

Aug 21, 2025 8:54 AM

Tags: apple, attack, cve, exploit, flaw, framework, macOS, malicious, update, vulnerability, zero-day

Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild.The zero-day out-of-bounds write vulnerability, tracked as CVE-2025-43300, resides in the ImageIO framework that could result in memory corruption when processing a malicious image.”Apple is aware of a report that…
ClickFix macOS Malware Targets User Login Credentials

Aug 10, 2025 3:11 PM

Tags: attack, credentials, crypto, cyber, login, macOS, malware, phishing, social-engineering

Security researchers have identified a new malware campaign targeting macOS users through a sophisticated ClickFix technique that combines phishing and social engineering to steal cryptocurrency wallet details, browser credentials, and sensitive personal data. The Odyssey Stealer malware, discovered by X-Labs researchers in August 2025, represents an evolution of earlier ClickFix attacks that previously focused on…
MacOS Under Attack: How Organizations Can Counter Rising Threats

Aug 5, 2025 2:28 PM

Tags: attack, awareness, deep-fake, macOS, threat, training

Not only are attacks against macOS users ramping up, but threat actors have proved to be advanced with deepfake technology. Security awareness training may be the best defense. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/mac-under-attack-how-organizations-can-counter-rising-threats
âš¡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

Aug 4, 2025 2:28 PM

Tags: ai, backdoor, encryption, flaw, macOS, malware, open-source, threat, tool, vpn, zero-day

Malware isn’t just trying to hide anymore”, it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just…
‘Sploitlight’ Vulnerability: How Hackers Bypassed Apple’s TCC Protections

Aug 2, 2025 12:28 PM

Tags: access, apple, data, data-breach, flaw, hacker, macOS, unauthorized, vulnerability

Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data despite security measures. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-macos-sploitlight-vulnerability-explained/
Kali Linux can now run in Apple containers on macOS systems

Jul 31, 2025 9:28 PM

Tags: apple, container, cybersecurity, kali, linux, macOS

Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple’s new containerization framework. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kali-linux-can-now-run-in-apple-containers-on-macos-systems/