Tag: macOS
-
BlueNoroff APT Launches AI-Enhanced Espionage on macOS, Using GPT-4o Images in Fake GhostCall Meetings
The post BlueNoroff APT Launches AI-Enhanced Espionage on macOS, Using GPT-4o Images in Fake GhostCall Meetings appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/bluenoroff-apt-launches-ai-enhanced-espionage-on-macos-using-gpt-4o-images-in-fake-ghostcall-meetings/
-
AI browsers can be abused by malicious AI sidebar extensions: Report
‘Dumpster fires’: David Shipley, head of Canadian employee security awareness training firm Beauceron Security, agrees.”I think if CISOs are bored and want to spice up their lives with an incident, they should roll out these AI-powered hot messes to their users,” he said .”But, if they’re like most CISOs and they have lots of problems,…
-
Google ads for fake Homebrew, LogMeIn sites push infostealers
A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-ads-for-fake-homebrew-logmein-sites-push-infostealers/
-
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems.”UNC5142 is characterized by its use of compromised WordPress websites and ‘EtherHiding,’ a technique used…
-
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposé delves into the tactics, infrastructure, and impact of this alarming…
-
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposé delves into the tactics, infrastructure, and impact of this alarming…
-
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposé delves into the tactics, infrastructure, and impact of this alarming…
-
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
-
AWS Client VPN for macOS Hit by Critical Privilege Escalation Vulnerability
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during log rotation. CVE ID Affected Products Impact Exploit Prerequisites CVSS 3.1 Score CVE-2025-11462 AWS Client VPN Client…
-
Windows und Android: Google schließt schwerwiegende Lücken in Chrome
Ein Pufferüberlauf in Chrome für Windows, MacOS, Linux und Android erlaubt unter Umständen eine Remotecodeausführung. First seen on golem.de Jump to article: www.golem.de/news/windows-und-android-google-schliesst-schwerwiegende-luecken-in-chrome-2510-200916.html
-
Unity Warns Developers of Security Vulnerability Affecting Games on Android, Windows, and Linux Platforms
A recently disclosed security vulnerability in Unity has prompted security updates and, in some cases, game removals across platforms like Steam. The issue affects Unity versions 2017.1 and later, spanning a wide range of games and applications released over the last several years. According to Unity, this Unity vulnerability impacts software built for Android, Windows, macOS,…
-
Apple strengthens storage flexibility with new disk image formats
Apple’s release of macOS 26 Tahoe introduced a new disk image format and updated an older one, both of which are drawing attention from system testers and forensic examiners. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/03/apple-disk-image-format/
-
Hohes Sicherheitsrisiko: BSI warnt vor kritischer Lücke in Apples iOS, iPadOS und macOS
First seen on t3n.de Jump to article: t3n.de/news/sicherheitsrisiko-bsi-luecke-apples-ios-ipados-macos-1710284/
-
Google Adds AI-Powered Ransomware Protection and Recovery to Drive for Desktop
This new ransomware detection is available in beta in Google Drive for desktop on Windows or macOS, with a general release expected by the end of the year. The post Google Adds AI-Powered Ransomware Protection and Recovery to Drive for Desktop appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-drive-ai-ransomware-detection/
-
Apple Security Update Addresses Critical Font Parser Vulnerability Across Multiple Platforms
Apple has rolled out a series of important security updates across multiple platforms, addressing a vulnerability affecting the system font parser. These Apple security updates cover iOS, iPadOS, macOS, visionOS, watchOS, and tvOS. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apple-security-updates/
-
Apple Font Parser Vulnerability Allowing Memory Corruption Attacks
Apple has released a security update for macOS Sequoia 15.7.1 to address a serious vulnerability in its font parser. The flaw, tracked as CVE-2025-43400, allows a maliciously crafted font file to trigger an out-of-bounds write. Exploitation could cause unexpected application crashes or corrupt process memory on affected systems. Apple patched this issue on September 29, 2025, as…
-
WhatsApp 0-Click Flaw Abused via Malicious DNG Image File
A newly discoveredzero-click remote code execution (RCE)vulnerability in WhatsApp is putting millions of Apple users at risk. Researchers from DarkNavyOrg have demonstrated a proof-of-concept (PoC) exploit that leverages two distinct flaws to compromise iOS, macOS, and iPadOS devices without any user interaction. The attack chain begins with CVE-2025-55177, a critical logic error in WhatsApp’s message…
-
New ModStealer Evades Antivirus, Targets macOS Users to Steal Sensitive Data
A sophisticated new malware strain targeting macOS users has emerged, capable of bypassing traditional antivirus solutions while specifically targeting developers and cryptocurrency holders. The cross-platform threat, dubbed ModStealer, represents the latest evolution in macOS-focused cybercrime, highlighting the growing security challenges facing Apple users in 2024. ModStealer was first identified by cybersecurity firm Mosyle and reported through…
-
Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass
Google Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerability Overview The vulnerability exploits a technique that leverages pointer-keyed data structures in Apple’s NSKeyedArchiver serialization framework to leak…
-
Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass
Google Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerability Overview The vulnerability exploits a technique that leverages pointer-keyed data structures in Apple’s NSKeyedArchiver serialization framework to leak…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Brewing Trouble, Dissecting a macOS Malware Campaign Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware Prompts as Code & Embedded Keys – The Hunt for LLM-Enabled […]…
-
Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks
Microsoft Threat Intelligence researchers found a new XCSSET macOS malware variant used in limited attacks. Microsoft Threat Intelligence researchers have discovered a new version of the macOS malware XCSSET that has been employed in limited attacks. Trend Micro first spotted the malware in 2020 when it was spreading through Xcode projects and exploiting two zero-day vulnerabilities…
-
Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects
Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/microsoft_xcsset_macos/
-
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module
Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks.”This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the Microsoft Threat Intelligence team said in a Thursday report.”It employs sophisticated encryption and obfuscation First seen…
-
New XCSSET Malware Variant Targets macOS App Developers
Cybersecurity researchers have discovered an advanced variant of the XCSSET malware specifically targeting macOS developers through infected Xcode projects, introducing sophisticated clipboard hijacking and enhanced data exfiltration capabilities. Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules beyond those detailed in previous security analyses. The…
-
Zorin OS 18 beta makes Linux look like anything but Linux
Windows, macOS, Cinnamon, even iPadOS all just a layout switch away First seen on theregister.com Jump to article: www.theregister.com/2025/09/24/zorin_os_18_beta/
-
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-warns-of-new-xcsset-macos-malware-variant-targeting-xcode-devs/
-
LastPass: Fake password managers infect Mac users with malware
LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lastpass-fake-password-managers-infect-mac-users-with-malware/