Collecting Cyber-News from over 60 sources

Tag: macOS

LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile

Feb 25, 2025 7:23 PM

Tags: apple, control, cybersecurity, data, linux, macOS, mobile, spyware, windows

Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram.LightSpy is the name given to a modular spyware that’s capable of infecting both Windows and Apple systems with an aim to harvest…
Parallels Desktop: Zero-Day-Exploit verleiht Angreifern Root-Zugriff auf MacOS

Feb 25, 2025 1:23 PM

Tags: access, bug, exploit, macOS, zero-day

Eigentlich gibt es für die Sicherheitslücke längst einen Patch. Effektiv ist dieser aber wohl nicht. Ein Forscher zeigt, wie er sich umgehen lässt. First seen on golem.de Jump to article: www.golem.de/news/patch-laesst-sich-umgehen-root-luecke-in-parallels-desktop-gefaehrdet-mac-nutzer-2502-193685.html
Poseidon Stealer Targets Mac Users via Fake DeepSeek Website

Feb 25, 2025 12:23 PM

Tags: apple, attack, cyber, cybersecurity, infection, macOS, malware, social-engineering, tactics

Cybersecurity researchers uncovered a sophisticated malware campaign targeting macOS users through a fraudulent DeepSeek.ai interface. Dubbed >>Poseidon Stealer,
Parallels Desktop: Zero-Day-Exploit verleiht Angreifern unter MacOS Root-Rechte

Feb 25, 2025 12:23 PM

Tags: bug, exploit, macOS, zero-day

Eigentlich gibt es für die Sicherheitslücke längst einen Patch. Effektiv ist dieser aber wohl nicht. Ein Forscher zeigt, wie er sich umgehen lässt. First seen on golem.de Jump to article: www.golem.de/news/patch-laesst-sich-umgehen-root-luecke-in-parallels-desktop-gefaehrdet-mac-nutzer-2502-193685.html
LightSpy Malware Expands With 100+ Commands to Target Users Across All Major OS Platforms

Feb 25, 2025 10:23 AM

Tags: android, cyber, framework, infrastructure, linux, macOS, malware, router, windows

The LightSpy surveillance framework has significantly evolved its operational capabilities, now supporting over 100 commands to infiltrate Android, iOS, Windows, macOS, and Linux systems, and routers, according to new infrastructure analysis. First documented in 2020, this modular malware has shifted from targeting messaging applications to focusing on social media database extraction and cross-platform surveillance, marking…
Parallels Desktop 0-Day Exploit Enables Root Privileges PoC Released

Feb 24, 2025 8:23 AM

Tags: cve, cyber, exploit, macOS, software, vulnerability, zero-day

A critical zero-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed after seven months of unresolved reporting, enabling attackers to escalate privileges to the root level on macOS systems. The proof-of-concept (PoC) exploit code demonstrates two distinct bypass methods that circumvent existing patches for CVE-2024-34331, a previously addressed privilege escalation flaw. Technical Overview…
Zero Trust World: MacOS malware risks and protections

Feb 21, 2025 10:24 PM

Tags: macOS, malware, risk, zero-trust

First seen on scworld.com Jump to article: www.scworld.com/resource/zero-trust-world-macos-malware-risks-and-protections
Novel FrigidStealer macOS malware spread via bogus browser updates

Feb 19, 2025 9:48 PM

Tags: macOS, malware, update

First seen on scworld.com Jump to article: www.scworld.com/brief/novel-frigidstealer-macos-malware-spread-via-bogus-browser-updates
Russian cyberespionage groups target Signal users with fake group invites

Feb 19, 2025 7:46 PM

Tags: access, android, api, attack, communications, computer, cyber, cyberespionage, data, espionage, google, group, intelligence, linux, macOS, malicious, malware, military, mobile, password, phishing, phone, powershell, qr, russia, service, spyware, tactics, threat, ukraine, update, windows

QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
New FrigidStealer infostealer infects Macs via fake browser updates

Feb 19, 2025 7:46 PM

Tags: cybercrime, group, macOS, malware, update

The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-frigidstealer-infostealer-infects-macs-via-fake-browser-updates/
New FrigidStealer macOS Malware Distributed as Fake Browser Update

Feb 19, 2025 1:46 PM

Tags: macOS, malware, update

A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update. The post New FrigidStealer macOS Malware Distributed as Fake Browser Update appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-frigidstealer-macos-malware-distributed-as-fake-browser-update/
Microsoft warns that the powerful XCSSET macOS malware is back with new tricks

Feb 18, 2025 10:46 PM

Tags: macOS, malware, microsoft

XCSSET has been targeting Mac users since 2020. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks/
Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says

Feb 18, 2025 10:46 PM

Tags: apple, crypto, hacker, intelligence, macOS, malware, microsoft, threat

In a report released on Monday, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices. First seen on therecord.media Jump to article: therecord.media/hackers-use-macos-malware-to-steal-crypto
New Variant of macOS Threat XCSSET Spotted in the Wild

Feb 18, 2025 10:46 PM

Tags: apple, infection, macOS, microsoft, supply-chain, threat

Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-variant-macos-threat-xcsset
Novel XCSSET macOS Malware Variant Emerges

Feb 18, 2025 9:47 PM

Tags: macOS, malware

First seen on scworld.com Jump to article: www.scworld.com/brief/novel-xcsset-macos-variant-emerges
New XCSSET Malware Variant Targeting macOS Notes App and Wallets

Feb 18, 2025 4:46 PM

Tags: apple, macOS, malware, microsoft, risk

Microsoft warns Apple developers about a new XCSSET malware variant targeting macOS, posing security risks through stealthy infections… First seen on hackread.com Jump to article: hackread.com/xcsset-malware-variant-targets-macos-notes-wallets/
New Mac Malware Poses as Browser Updates

Feb 18, 2025 4:46 PM

Tags: attack, exploit, hacker, macOS, malware, update

Researchers warn of rising macOS-targeted attacks as hackers exploit fake updates to bypass security. FrigidStealer malware highlights growing enterprise risks. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/mac-malware-web-inject-proofpoint/
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates

Feb 18, 2025 3:46 PM

Tags: android, apple, cybersecurity, macOS, malware, threat, update, windows

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer.The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher).TA2727 is a “threat…
Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer

Feb 18, 2025 1:46 PM

Tags: macOS, threat

Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/proofpoint-frigidstealer-new-mac/
XCSSET macOS malware reappears with new attack strategies, Microsoft sounds alarm

Feb 18, 2025 12:46 PM

Tags: access, advisory, apple, attack, browser, chrome, control, credentials, cybercrime, data, detection, endpoint, exploit, infection, macOS, malicious, malware, microsoft, risk, service, software, strategy, supply-chain, tactics, threat, update, vulnerability

Xcode developers targeted through infected projects: Microsoft reported that XCSSET continues to spread via compromised Xcode projects, a technique that has been in use since the malware’s discovery in 2020. Once an infected project is cloned or downloaded, the malware can embed itself within the developer’s system and further propagate when the infected code is…
Microsoft Warns of Improved XCSSET macOS Malware

Feb 18, 2025 12:46 PM

Tags: attack, macOS, malware, microsoft

Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users. The post Microsoft Warns of Improved XCSSET macOS Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/
XCSSET: macOS-Malware ist wieder aktiv

Feb 18, 2025 12:46 PM

Tags: macOS, malware, microsoft

Einige Zeit war es ruhig um die Mac-Malware XCSSET. Nun hat Microsoft neue aktive Varianten entdeckt, die Xcode-Projekte befallen. First seen on heise.de Jump to article: www.heise.de/news/XCSSET-macOS-Malware-ist-wieder-aktiv-10285697.html
New XCSSET macOS malware variant used in limited attacks

Feb 18, 2025 9:46 AM

Tags: apple, attack, intelligence, macOS, malware, microsoft, threat

Microsoft discovered a new variant of the Apple macOS malware XCSSET that was employed in limited attacks in the wild. Microsoft Threat Intelligence discovered a new variant of the macOS malware XCSSET in attacks in the wild. XCSSET is a sophisticated modular macOS malware that targets users by infecting Xcode projects, it has been active since at…
The XCSSET info-stealing malware is back, targeting macOS users and devs

Feb 17, 2025 7:46 PM

Tags: macOS, malware, microsoft, threat

A new, improved variant of the XCSSET macOS malware has been spotted >>in limited attacks
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Feb 17, 2025 6:46 PM

Tags: apple, attack, infection, intelligence, macOS, malware, microsoft, strategy, tactics, threat

Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild.”Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,” the Microsoft Threat Intelligence team said in a post shared on…
Microsoft Detects New XCSSET MacOS Malware Variant

Feb 17, 2025 5:46 PM

Tags: macOS, malware, microsoft

Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-xcsset-macos-malware-variant/
Microsoft spots XCSSET macOS malware variant used for crypto theft

Feb 17, 2025 5:46 PM

Tags: attack, crypto, data, macOS, malware, microsoft, theft

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users’ sensitive information, including digital wallets and data from the legitimate Notes app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/
XCSSET macOS malware returns with first new version since 2022

Feb 17, 2025 3:46 PM

Tags: apple, macOS, malware, microsoft, zero-day

Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert First seen on theregister.com Jump to article: www.theregister.com/2025/02/17/macos_xcsset_malware_returns/
New XCSSET Malware Targets macOS Users Through Infected Xcode Projects

Feb 17, 2025 2:46 PM

Tags: apple, cyber, infection, intelligence, macOS, malware, microsoft, strategy, threat, tool, update

Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking its first update since 2022. This sophisticated malware continues to target macOS users by infecting Xcode projects, a critical tool for Apple developers. The latest variant introduces advanced obfuscation techniques, updated persistence mechanisms, and novel infection strategies, making it more challenging…
Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited

Feb 13, 2025 1:48 PM

Tags: apple, attack, breach, cyber, exploit, korea, macOS, vulnerability

Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary ARM-based architecture, revealing significant vulnerabilities in the kernel hardening mechanisms of modern macOS systems. KASLR…