Collecting Cyber-News from over 60 sources

Tag: macOS

macOS Sploitlight flaw leaks Apple Intelligence data

Jul 28, 2025 8:27 PM

Tags: apple, control, data, flaw, intelligence, leak, macOS, microsoft, vulnerability

Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-macos-sploitlight-flaw-leaks-apple-intelligence-data/
Atomic macOS Stealer Upgraded with Remote Access Backdoor

Jul 28, 2025 2:27 PM

Tags: access, apple, backdoor, cyber, cybersecurity, macOS, malware

The Atomic macOS Stealer (AMOS), a notorious infostealer malware targeting Apple’s macOS ecosystem, has undergone a significant upgrade by incorporating a sophisticated backdoor mechanism that facilitates persistent access and remote command execution on infected systems. This enhancement, detailed in a recent report by Moonlock Lab, a cybersecurity arm of MacPaw, transforms AMOS from a mere…
Supply chain attack compromises npm packages to spread backdoor malware

Jul 25, 2025 5:27 AM

Tags: attack, authentication, backdoor, control, cybercrime, cybersecurity, data, defense, email, linux, macOS, malicious, malware, mfa, phishing, software, supply-chain, threat, tool, update, vulnerability, windows

is npm JavaScript type testing utility with malware that went unnoticed for six hours. The bad news was delivered by maintainer Jordan Harband in a post on Bluesky:”Heads up that v3.3.1 of npmjs.com/is has malware in it, due to another maintainer’s account being hijacked,” he wrote.The infected version was removed by npm admins and v3.3.0…
Hackers Selling macOS 0-Day LPE Exploit on Dark Forums

Jul 22, 2025 2:40 PM

Tags: apple, cyber, cybercrime, exploit, hacker, macOS, threat, vulnerability, zero-day

A threat actor claiming to possess a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system has emerged on underground cybercriminal forums, offering the vulnerability for sale at a substantial price point. The alleged exploit, if genuine, represents a significant security concern for macOS users across multiple operating system versions, potentially allowing attackers…
âš¡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Jul 21, 2025 2:41 PM

Tags: attack, browser, chrome, encryption, exploit, macOS, nvidia, rce, remote-code-execution, spyware, tool, zero-day

Even in well-secured environments, attackers are getting in”, not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected.These attacks don’t depend on zero-days. They work by staying unnoticed”, slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious…
‘Daemon Ex Plist’ Vulnerability Grants Root Access on macOS

Jul 18, 2025 10:40 AM

Tags: access, cyber, exploit, flaw, macOS, malicious, vulnerability

A newly disclosed vulnerability dubbed >>Daemon Ex Plist
Office-Supportende: Makro-Desaster verhindern

Jul 18, 2025 6:40 AM

Tags: access, antivirus, api, apple, attack, cyberattack, Internet, macOS, mail, malware, microsoft, office, open-source, phishing, ransomware, risk, software, tool, windows

Das Support-Ende für Office 2016 und 2019 naht. Wie steht’s um Ihre Makro-Richtlinien?Das bevorstehende Ende des Lebenszyklus von Windows 10 hält die IT-Teams in Unternehmen derzeit auf Trab. Allerdings stehen weitere wichtige End-of-Life-Termine für Microsoft-Produkte an, die IT- und Security-Teams auf dem Zettel haben sollten.Denn im Oktober endet sowohl der Support für Office 2016 und…
NimDoor MacOS Malware Abuses Zoom SDK Updates to Steal Keychain Credentials

Jul 16, 2025 1:42 PM

Tags: credentials, crypto, cyber, exploit, macOS, malware, north-korea, social-engineering, tactics, threat, update

SentinelOne researchers have discovered NimDoor, a sophisticated MacOS malware campaign ascribed to North Korean-affiliated attackers, most likely the Stardust Chollima gang, in a notable increase in cyber threats targeting the bitcoin industry. Active since at least April 2025, NimDoor exploits social engineering tactics by masquerading as Zoom SDK updates to infiltrate Web3 and crypto organizations,…
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes

Jul 15, 2025 10:40 AM

Tags: cve, cvss, cyber, exploit, linux, macOS, remote-code-execution, vulnerability

A critical vulnerability in Git’s command-line interface has been disclosed with public proof-of-concept exploits available, allowing arbitrary file writes and remote code execution on Linux and macOS systems. CVE-2025-48384 affects Git installations usinggit clone recursiveon weaponized repositories, exploiting improper handling of carriage return characters in.gitmodulesfiles to bypass security controls. Field Details CVE ID CVE-2025-48384 CVSS…
BSI warnt vor Supportende: Windows 10 wird unsicher, Wechsel empfohlen

Jul 15, 2025 9:40 AM

Tags: bsi, macOS, windows

Das Ende des Windows-10-Supports rückt näher. Das BSI drängt auf einen zügigen Wechsel – etwa auf Windows 11, MacOS oder Linux. First seen on golem.de Jump to article: www.golem.de/news/bsi-warnt-vor-supportende-windows-10-wird-unsicher-wechsel-empfohlen-2507-198104.html
âš¡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More

Jul 14, 2025 4:40 PM

Tags: compliance, cybersecurity, exploit, fortinet, macOS, malware, rce, remote-code-execution, risk, tool

In cybersecurity, precision matters”, and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real…
Fake Gaming and AI Companies Target Windows and macOS Users with Drainer Malware Attacks

Jul 13, 2025 12:40 AM

Tags: ai, attack, cyber, cybersecurity, macOS, malware, social-engineering, startup, threat, windows

The cybersecurity company Darktrace has uncovered a persistent, intricate social engineering campaign that targets bitcoin users, building on earlier findings by Cado Security Labs in December 2024. Threat actors are fabricating elaborate startup companies themed around AI, gaming, video conferencing, Web3, and social media to lure victims into downloading malware disguised as legitimate software. These…
Infostealers Targeting macOS Users in Active Campaigns to Steal Sensitive Data

Jul 11, 2025 5:40 PM

Tags: credentials, cyber, data, macOS, malware, ransomware, service, threat, windows

MacOS infostealers are becoming a powerful and underappreciated method of data exfiltration in a world where Windows-centric threats predominate. They act as predecessors to ransomware deployments and significant breaches. These malware variants, often distributed via Malware-as-a-Service (MaaS) models, meticulously harvest sensitive host data, including installed applications, browser-stored credentials, session cookies, and autofill details. This pilfered…
Palo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Access

Jul 11, 2025 6:40 AM

Tags: access, cve, cvss, cyber, macOS, network, software, vulnerability

Palo Alto Networks has disclosed a significant security vulnerability in its Autonomous Digital Experience Manager software that could allow attackers to gain root-level access on macOS systems. The vulnerability, tracked as CVE-2025-0139, affects versions 5.6.0 through 5.6.6 of the software and has been assigned a CVSS base score of 6.3, though the company’s internal scoring…
Weaponized Termius App Delivers Latest ZuRu Malware to macOS Users

Jul 10, 2025 10:40 PM

Tags: attack, china, cyber, macOS, malware, microsoft, tool

A sophisticated variant of the macOS.ZuRu malware, first identified by a Chinese blogger in July 2021, has resurfaced with a new method of attack targeting macOS users through a trojanized version of the popular cross-platform SSH client Termius. Initially spread via poisoned Baidu search results for tools like iTerm2, SecureCRT, and Microsoft Remote Desktop for…
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

Jul 10, 2025 6:40 PM

Tags: ai, crypto, macOS, malicious, malware, social-engineering, startup, windows

Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems.”These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion…
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App

Jul 10, 2025 2:40 PM

Tags: apple, cybersecurity, hacker, macOS, malware, tool

Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software.SentinelOne, in a new report shared with The Hacker News, said the malware has been observed masquerading as the cross”‘platform SSH client and server”‘management tool Termius in late May 2025.”ZuRu malware…
MacOS Infostealer AMOS Evolves with Backdoor for Persistent Access

Jul 9, 2025 6:39 PM

Tags: access, backdoor, macOS, threat

The addition of a backdoor to the Atomic macOS Stealer marks a pivotal shift in one of the most active macOS threats, said Moonlock First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/macos-infostealer-amos-backdoor/
Atomic macOS Info-Stealer Updated with New Backdoor for Persistent Access

Jul 8, 2025 1:34 PM

Tags: access, apple, backdoor, cyber, cybersecurity, macOS, malware, update

The Atomic macOS Stealer (AMOS), a notorious piece of info-stealing malware targeting Apple users, has undergone a significant update, introducing an embedded backdoor for the first time. This development, reported by Moonlock a cybersecurity division of MacPaw marks a critical escalation in the malware’s capabilities, allowing attackers to maintain persistent access to compromised macOS systems.…
macOS SMBClient Flaw Enables Remote Code Execution and Kernel Crashes

Jul 8, 2025 10:34 AM

Tags: apple, cyber, flaw, macOS, remote-code-execution, risk, vulnerability

A critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code execution (RCE) and potentially catastrophic kernel crashes. Tracked as CVE-2025-24269, this flaw is rated with a CVSS score of 9.8, marking it as one of the most severe security issues to affect the macOS platform in recent…
End of life for Microsoft Office puts malicious macros in the security spotlight

Jul 8, 2025 9:34 AM

Tags: api, apple, attack, business, macOS, malicious, microsoft, network, office, tool, windows

Attack Surface Reduction rules to abide by: Implementing Attack Surface Reduction rules can greatly limit the scope and impact of most malicious macros.If you’ve completely disabled macros in your organization, then ASR rules are not needed. But if you still rely on macros, the following rules are worth setting:Block all Office applications from creating child…
DPRK macOS ‘NimDoor’ Malware Targets Web3, Crypto Platforms

Jul 7, 2025 11:34 PM

Tags: crypto, macOS, malicious, malware, north-korea, threat

Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dprk-macos-nimdoor-malware-web3-crypto-platforms
Atomic macOS infostealer adds backdoor for persistent attacks

Jul 7, 2025 9:34 PM

Tags: access, attack, backdoor, macOS, malware

Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as ‘AMOS’) that comes with a backdoor, to attackers persistent access to compromised systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/atomic-macos-infostealer-adds-backdoor-for-persistent-attacks/
âš¡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Jul 7, 2025 2:34 PM

Tags: browser, chrome, crypto, exploit, ivanti, macOS, password, threat, tool, zero-day

Everything feels secure”, until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don’t start with alarms”, they sneak in through the little things we overlook. A tiny bug, a reused password, a quiet connection”, that’s all it takes.Staying safe…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

Jul 6, 2025 2:34 PM

Tags: crypto, international, macOS, malware, threat

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 10 Things I Hate About Attribution: RomCom vs. TransferLoader macOS NimDoor – DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group) Dissecting Kimsuky’s…
Security Affairs newsletter Round 531 by Pierluigi Paganini INTERNATIONAL EDITION

Jul 6, 2025 7:34 AM

Tags: email, international, korea, macOS, malware, north-korea, threat, update, WeeklyReview

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Critical Sudo bugs expose…
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Jul 5, 2025 7:34 PM

Tags: backdoor, crypto, hacker, korea, macOS, malware, north-korea, phishing, threat, update

North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram.…
Novel macOS malware leveraged to compromise crypto, Web3 orgs

Jul 3, 2025 10:34 PM

Tags: crypto, macOS, malware

First seen on scworld.com Jump to article: www.scworld.com/brief/novel-macos-malware-leveraged-to-compromise-crypto-web3-orgs
North Korean Hackers Target Crypto Firms with Novel macOS Malware

Jul 3, 2025 2:34 PM

Tags: crypto, hacker, macOS, malware, north-korea, programming

SentinelLabs observed North Korean actors deploying novel TTPs to target crypto firms, including a mix of programming languages and signal-based persistence First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-crypto-macos-malware/
N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates

Jul 3, 2025 1:34 PM

Tags: crypto, exploit, hacker, korea, macOS, malware, north-korea, update

SentinelLabs uncovers NimDoor, new North Korea-aligned macOS malware targeting Web3 and crypto firms. Exploits Nim, AppleScript, and steals Keychain, browser, shell, and Telegram data. First seen on hackread.com Jump to article: hackread.com/n-korean-hackers-nimdoor-macos-malware-fake-zoom-updates/