Collecting Cyber-News from over 60 sources

Tag: macOS

Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting

Sep 9, 2025 4:08 PM

Tags: access, attack, awareness, credentials, crypto, data, defense, detection, exploit, github, google, macOS, malware, microsoft, password, powershell, service, software, vpn, windows

GPU-Gated decryption evades detection: The malware itself is delivered as a large Microsoft Software Installer (MSI) file, approximately 128 MB in size. It features a GPU-gated decryption mechanism that keeps the payload encrypted unless it detects the presence of a real GPU on the system. Researchers noted that this design allows GPUGate to remain dormant…
Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting

Sep 9, 2025 4:08 PM

Tags: access, attack, awareness, credentials, crypto, data, defense, detection, exploit, github, google, macOS, malware, microsoft, password, powershell, service, software, vpn, windows

GPU-Gated decryption evades detection: The malware itself is delivered as a large Microsoft Software Installer (MSI) file, approximately 128 MB in size. It features a GPU-gated decryption mechanism that keeps the payload encrypted unless it detects the presence of a real GPU on the system. Researchers noted that this design allows GPUGate to remain dormant…
macOS Under Attack: Atomic Stealer Hidden in Pirated Software

Sep 8, 2025 11:08 AM

Tags: apple, attack, cyber, cybercrime, cybersecurity, data, macOS, malware, software, theft, threat

The cybersecurity landscape for macOS users has taken a dangerous turn as cybercriminals increasingly target Apple’s ecosystem with sophisticated malware campaigns. Atomic macOS Stealer (AMOS), a specialized data-theft malware, has emerged as one of the most significant threats to Mac users, particularly those seeking cracked software applications. While macOS has historically maintained a reputation as…
Hackers Exploit Fake Microsoft Teams Site to Spread Odyssey macOS Stealer

Sep 8, 2025 9:08 AM

Tags: attack, cyber, cybercrime, exploit, hacker, macOS, malicious, microsoft

Cybercriminals have escalated their attacks against macOS users by deploying a sophisticated new campaign that leverages a fraudulent Microsoft Teams download site to distribute the dangerous Odyssey stealer malware. This development represents a significant evolution from earlier attacks that primarily targeted users through fake trading platforms. The malicious campaign first came to light in early…
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security

Sep 5, 2025 2:20 PM

Tags: apple, macOS, malware

Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/macos-stealer-cracked-apps-bypass/
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security

Sep 5, 2025 2:20 PM

Tags: apple, macOS, malware

Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/macos-stealer-cracked-apps-bypass/
macOS vulnerability allowed Keychain and iOS app decryption without a password

Sep 4, 2025 3:19 PM

Tags: macOS, password, vulnerability

Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/04/macos-gcore-vulnerability-cve-2025-24204/
Zero-Click Spyware Hits WhatsApp on iOS and macOS

Sep 3, 2025 8:20 PM

Tags: attack, exploit, flaw, macOS, spyware, update

A WhatsApp zero-click flaw exploited in spyware attacks has been patched on iOS and macOS. Update now to protect your devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/zero-day-spyware-hits-whatsapp/
Unter iOS und macOS Click-Sicherheitslücke in WhatsApp

Sep 2, 2025 7:19 AM

Tags: bug, macOS

First seen on security-insider.de Jump to article: www.security-insider.de/whatsapp-sicherheitsluecke-update-ios-macos-a-b7b6ebf685cf60e3c88666f696263bc7/
Hackers Exploit macOS Security Features to Spread Malware

Sep 1, 2025 12:19 PM

Tags: apple, attack, cyber, cybercrime, defense, exploit, hacker, macOS, malware, strategy, vulnerability

A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for malware distribution, according to recent security research. As macOS continues to gain market share, cybercriminals are adapting their strategies to exploit even the most robust Apple protections. Analysts warn that relying solely on native safeguards may leave organizations vulnerable to…
Bei Digital-Produkten auch auf Ausfallrisiken achten

Sep 1, 2025 10:19 AM

Tags: apple, bsi, computer, linux, macOS, microsoft, update, windows

Das BSI empfiehlt Nutzern von digitalen Produkten darauf zu achten, wie der Hersteller mit Sicherheitsrisiken umgeht.Das Bundesamt für Sicherheit in der Informationstechnik (BSI) rät bei der Auswahl digitaler Produkte darauf zu achten, ob es Ausfallrisiken gibt. Eine Sprecherin der Behörde sagte der Deutschen Presse-Agentur auf die Frage, worauf Nutzer bei der Auswahl von Online-Bezahlsystemen achten…
Ohne Nutzerinteraktion: Apple-Nutzer über gefährliche Whatsapp-Lücke attackiert

Sep 1, 2025 9:19 AM

Tags: apple, macOS, malware

Angreifer haben über Whatsapp für iOS und MacOS ohne Zutun der Zielperson Malware eingeschleust. Meta liefert Patches und alarmiert Betroffene. First seen on golem.de Jump to article: www.golem.de/news/ohne-nutzerinteraktion-apple-nutzer-ueber-gefaehrliche-whatsapp-luecke-attackiert-2509-199670.html
Windows, macOS und Linux betroffen Sicherheitslücke ermöglicht Übernahme von Hostsystemen

Sep 1, 2025 7:19 AM

Tags: bug, docker, linux, macOS, windows

First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-docker-desktop-update-a-d1e448f4b662b128f5a11cdfd8a07334/
WhatsApp 0-Day Exploited in Attacks on Targeted iOS and macOS Users

Aug 31, 2025 6:19 PM

Tags: attack, exploit, macOS, spyware, zero-day

WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The… First seen on hackread.com Jump to article: hackread.com/whatsapp-0-day-exploit-attack-targeted-ios-macos-users/
WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices

Aug 31, 2025 5:19 PM

Tags: apple, cve, exploit, flaw, macOS, vulnerability, zero-day

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks.The vulnerability, CVE-2025-55177 (CVSS score: 8.0 [CISA-ADP]/5.4 [Facebook]), relates to a case of insufficient authorization of linked device synchronization…
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Aug 30, 2025 7:23 AM

Tags: apple, cve, exploit, flaw, macOS, update, vulnerability, zero-day

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks.The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal…
WhatsApp patches vulnerability exploited in zero-day attacks

Aug 29, 2025 7:23 PM

Tags: attack, exploit, macOS, vulnerability, zero-day

WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whatsapp-patches-vulnerability-exploited-in-zero-day-attacks/
Thousands of Developer Credentials Stolen in macOS “s1ngularity” Attack

Aug 28, 2025 6:23 PM

Tags: attack, breach, credentials, macOS, supply-chain

A supply chain attack called “s1ngularity” on Nx versions 20.9.0-21.8.0 stole thousands of developer credentials. The attack targeted… First seen on hackread.com Jump to article: hackread.com/developer-credentials-stolen-macos-s1ngularity-attack/
Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers

Aug 28, 2025 4:23 PM

Tags: apt, cyber, finance, group, intelligence, jobs, lazarus, macOS, social-engineering, tactics, theft, threat, windows

The notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix technique to penetrate Windows 11 and macOS systems in a sophisticated progression of social engineering attacks. Known for high-profile incidents like the 2014 Sony Pictures hack, Lazarus has shifted from intelligence theft to financial asset…
Odyssey Stealer umgeht macOS-Schutzmaßnahmen

Aug 28, 2025 7:23 AM

Tags: apple, macOS, malware

Sicherheitsforscher von Jamf haben eine Variante des bekannten Atomic Stealer entdeckt. Die “Odyssey Stealer” getaufte Malware nutzt eine gültige Apple Developer ID, um Apples Sicherheitssysteme zu umgehen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/odyssey-stealer-macos
First AI-Powered Ransomware PromptLock Targets Windows, Linux and macOS

Aug 28, 2025 12:23 AM

Tags: ai, linux, macOS, openai, ransomware, windows

ESET has identified PromptLock, the first AI-powered ransomware, using OpenAI models to generate scripts that target Windows, Linux… First seen on hackread.com Jump to article: hackread.com/first-ai-promptlock-ransomware-windows-linux-macos/
Experimental PromptLock ransomware uses AI to encrypt, steal data

Aug 27, 2025 11:23 PM

Tags: ai, data, linux, macOS, ransomware, threat, windows

Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows, macOS, and Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/experimental-promptlock-ransomware-uses-ai-to-encrypt-steal-data/
Docker Desktop Vulnerability Allowed Host Takeover on Windows, macOS

Aug 27, 2025 4:24 PM

Tags: docker, flaw, macOS, vulnerability, windows

A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious… First seen on hackread.com Jump to article: hackread.com/docker-desktop-vulnerability-host-takeover-windows-macos/
Critical Chrome UseFree Flaw Enables Arbitrary Code Execution

Aug 27, 2025 9:23 AM

Tags: browser, chrome, cyber, flaw, google, macOS, update, vulnerability, windows

Google has released an urgent security update for the Chrome Stable channel to address acritical use-after-free vulnerabilityin the ANGLE graphics library that could allow attackers to execute arbitrary code on vulnerable systems. The fixes arrive as part of Chrome Stable versions 139.0.7258.154/.155 on Windows and macOS, and 139.0.7258.154 on Linux. Users are advised to update immediately, as the patch…
Aktiv ausgenutzte Sicherheitslücke – Notfallupdate für iOS, iPadOS und macOS

Aug 26, 2025 7:54 AM

Tags: bug, macOS

First seen on security-insider.de Jump to article: www.security-insider.de/apple-schliesst-kritische-sicherheitsluecke-a-805ec52b0f129b2ca1e16768c2f0e1a8/
Docker fixes critical Desktop flaw allowing container escapes

Aug 26, 2025 12:55 AM

Tags: container, docker, exploit, flaw, macOS, vulnerability, windows

Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker Desktop app for Windows and macOS. An attacker can exploit the flaw to potentially escape…
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Aug 25, 2025 9:55 PM

Tags: access, container, cve, cvss, docker, flaw, macOS, malicious, vulnerability, windows

Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container.The vulnerability, tracked as CVE-2025-9074, carries a CVSS score of 9.3 out of 10.0. It has been addressed in version 4.44.3.”A malicious…
Critical Docker Desktop flaw lets attackers hijack Windows hosts

Aug 25, 2025 5:54 PM

Tags: container, docker, flaw, macOS, malicious, vulnerability, windows

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/
Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign

Aug 25, 2025 4:54 PM

Tags: macOS, malware

A variant of the Atomic macOS Stealer (AMOS) targets macOS users via fake support sites in malvertising campaign First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fake-macos-spread-infostealer/
Fake macOS help sites push Shamos infostealer via ClickFix technique

Aug 25, 2025 2:54 PM

Tags: crowdstrike, macOS

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/25/fake-macos-help-sites-push-shamos-infostealer-via-clickfix-technique/