Tag: macOS
-
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild.The vulnerabilities in question are listed below -CVE-2025-31200 (CVSS score: 7.5) – A memory corruption vulnerability in the Core Audio framework that could allow code execution…
-
UNC5174 Deploys SNOWLIGHT Malware in Linux and macOS Attacks
A threat group believed to have ties with China’s state-sponsored cyber operations, identified as UNC5174, has launched a stealthy and technically advanced cyber campaign aimed at Linux and macOS environments. According to new research published by Sysdig, the group is… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/unc5174-snowlight-malware-linux-macos/
-
BSidesLV24 Breaking Ground Chrome Cookie Theft On macOS, And How To Prevent It
Author/Presenter: Nick Frost Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/bsideslv24-breaking-ground-chrome-cookie-theft-on-macos-and-how-to-prevent-it/
-
Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities
Apple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-security-fixes-ios-15-16/
-
Apple Backports Zero-Day Patches to Older Devices in Latest Security Update
Apple has released a series of critical security updates to address vulnerabilities that were actively exploited as zero-day threats. These updates include backported patches for older versions of iOS, iPadOS, macOS, and watchOS, aiming to secure devices that may still be running outdated software. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apple-backports-zero-day-patches/
-
Apple backported fixes for three actively exploited flaws to older devices
Apple backports three critical vulnerabilities actively exploited in attacks against older iOS and macOS models. Apple has backported fixes for three actively exploited vulnerabilities to older devices and OS versions. The three vulnerabilities are: Apple released the following updates: that are available for the following devices: Follow me on Twitter:@securityaffairsandFacebookandMastodon PierluigiPaganini (SecurityAffairs hacking, newsletter) First seen on…
-
Altgeräte bedrohen Sicherheit in Unternehmen
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.The vulnerabilities in question are listed below -CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on…
-
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.The vulnerabilities in question are listed below -CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on…
-
Volume of attacks on network devices shows need to replace end of life devices quickly
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
New ReaderUpdate macOS Malware Loader Variants Emerge
First seen on scworld.com Jump to article: www.scworld.com/brief/new-readerupdate-macos-malware-loader-variants-emerge
-
New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants
Security researchers at SentinelOne have discovered that ReaderUpdate, a macOS malware loader platform that has been active since at least 2020, has significantly evolved with new variants written in multiple programming languages. The malware, which previously went relatively unnoticed by many vendors, now includes versions written in Crystal, Nim, Rust, and most recently Go, in…
-
New ReaderUpdate malware variants target macOS users
New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. ReaderUpdate is a macOS malware loader that has been active since 2020, the malicious code…
-
VMware plugs a high-risk vulnerability affecting its Windows-based virtualization
Patching is the only workaround: Broadcom advisory noted that the flaw does not have any workarounds and customers must apply patches rolled out on Tuesday to defend against exploitation.Affected products include all 11.x and 12.x versions of VMware tools for Windows, and are patched in the 12.5.1[1] rollout. VMware tools for Linux and macOS remain…
-
macOS Users Warned of New Versions of ReaderUpdate Malware
macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/macos-users-warned-of-new-versions-of-readerupdate-malware/
-
Take these 5 steps to protect against macOS security gaps
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/perspective/take-these-5-steps-to-protect-against-macos-security-gaps
-
Albabat Ransomware Expands Reach to Target Linux and macOS Platforms
A recent report from Trend Micro has revealed that a new variant of the Albabat ransomware now targets Linux and macOS platforms, marking a significant expansion in its capabilities. Previously limited to Windows systems, this updated strain demonstrates the evolving sophistication of ransomware threats. The malware is still under active development, with its multi-OS functionality…
-
New Phishing Campaign Targets macOS Users with Fake Security Alerts
LayerX Labs reports a sophisticated macOS phishing campaign, evading security measures. Learn how attackers adapt and steal credentials from Mac users. First seen on hackread.com Jump to article: hackread.com/new-phishing-campaign-targeted-at-mac-users/
-
New phishing campaign uses scareware to steal Apple credentials
The campaign previously targeted Windows users: According to LayerX researchers, the campaign has been seen targeting Mac users only in the last few months. Initially, it targeted Windows users by masquerading as Microsoft security alerts.Designed to steal user credentials, threat actors have apparently shifted focus to Mac users owing to new security features being rolled…
-
Albabat Ransomware Expands Targets, Abuses GitHub
New versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub. The post Albabat Ransomware Expands Targets, Abuses GitHub appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/
-
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in the latest security updates for macOS Sequoia 15.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1. This vulnerability could potentially expose system passwords, emphasizing the importance of updating macOS devices to the latest versions. Background and…
-
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
Recent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and macOS systems. This expansion highlights the increasing sophistication of ransomware groups in exploiting multiple operating systems to maximize their impact. The Albabat group has been leveraging GitHub to streamline its operations,…
-
Albabat Ransomware Evolves to Target Linux and macOS
Trend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/albabat-ransomware-linux-macos/
-
Xcode Projects Targeted By New XCSSET macOS Malware Variant
First seen on scworld.com Jump to article: www.scworld.com/brief/xcode-projects-targeted-by-new-xcsset-macos-malware-variant
-
XCSSET macOS malware variant targets Xcode projects of app developers
First seen on scworld.com Jump to article: www.scworld.com/news/xcsset-macos-malware-variant-targets-xcode-projects-of-app-developers
-
Apple Rolls Out Critical Security Fixes: iOS 18.3.2, macOS Ventura, and More Receive Important Updates
Apple has released a series of crucial security updates designed to patch vulnerabilities across its ecosystem of devices. On March 11, 2025, the tech giant rolled the Apple security update with iOS 18.3.2, iPadOS 18.3.2, macOS Ventura, macOS Sonoma, macOS Sequoia, visionOS 2.3.2, and tvOS 18.3.1, addressing multiple security flaws that could potentially have been…