Tag: macOS

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware

Jun 13, 2025 9:54 AM

Tags: apple, cve, cyber, exploit, flaw, macOS, spy, spyware, vulnerability

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks.The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura…
Will New AI Browser Dia Redefine How We Use the Web?

Jun 12, 2025 6:54 PM

Tags: ai, macOS

Dia, a new AI browser from the makers of Arc, is available in beta on macOS, and only to existing Arc members or individuals they’ve invited. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-arc-dia-the-browser-company/
Apple tries to contain itself with lightweight Linux VMs for macOS

Jun 10, 2025 8:55 AM

Tags: apple, framework, linux, macOS

Swift-based containerization framework aims to improve performance and security First seen on theregister.com Jump to article: www.theregister.com/2025/06/10/apple_tries_to_contain_itself/
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

Jun 6, 2025 7:55 PM

Tags: apple, cybersecurity, exploit, macOS, malware, social-engineering

Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems.The campaign, according to CloudSEK, has been found to leverage typosquat domains mimicking U.S.-based telecom provider Spectrum.”macOS users are served a…
What the Arc Browser Story Reveals About the Future of Browser Security

Jun 5, 2025 5:54 AM

Tags: ai, antivirus, api, browser, ceo, chrome, ciso, crypto, data, email, github, infrastructure, jobs, LLM, macOS, malware, password, phishing, saas, software, startup, update, vulnerability, windows

By Dakshitaa Babu, Security Researcher, SquareX In a candid letter that Joshua Miller, CEO of Arc Browser, wrote to the community, he revealed a truth the tech industry has been dancing around: “the dominant operating system on desktop wasn’t Windows or macOS anymore”Š”, “Šit was the browser.” The evidence is everywhere”Š”, “Šcloud revenue surging year…
Exploiting Clickfix: AMOS macOS Stealer Evades Security to Deploy Malicious Code

Jun 4, 2025 7:55 PM

Tags: cyber, exploit, infrastructure, Internet, macOS, malicious, social-engineering

A newly uncovered campaign involving an Atomic macOS Stealer (AMOS) variant has emerged, showcasing the evolving sophistication of multi-platform social engineering attacks. This campaign, discovered during routine attacker infrastructure analysis, leverages typo-squatted domains mimicking Spectrum, a prominent U.S.-based telecommunications provider offering cable television, internet, and managed services. By employing the Clickfix method, attackers deliver tailored…
Dark Partner Hackers Leverage Fake AI, VPN, and Crypto Sites to Target macOS and Windows Users

May 29, 2025 3:55 PM

Tags: ai, crypto, cyber, cybersecurity, group, hacker, macOS, malware, network, service, software, vpn, windows

A group dubbed >>Dark Partners
6 rising malware trends every security pro should know

May 29, 2025 8:55 AM

Tags: adobe, ai, antivirus, apple, attack, awareness, backdoor, business, captcha, cloud, corporate, cybercrime, data, defense, detection, encryption, endpoint, exploit, extortion, framework, group, hacking, incident response, infrastructure, intelligence, Internet, law, leak, macOS, malicious, malware, network, password, phishing, powershell, programming, pypi, ransom, ransomware, service, social-engineering, software, supply-chain, tactics, theft, threat, tool, update, vulnerability, worm

Malicious packages targeting developer environments: Threat actors are systematically compromising the software supply chain by embedding malicious code within legitimate development tools, libraries, and frameworks that organizations use to build applications.”These supply chain attacks exploit the trust between developers and package repositories,” Immersive’s McCarthy tells CSO. “Malicious packages often mimic legitimate ones while running harmful…
Researchers Uncover macOS ‘AppleProcessHub’ Stealer: TTPs and C2 Server Details Revealed

May 27, 2025 12:54 PM

Tags: apple, cyber, detection, macOS, malware, tactics, threat

Researchers have identified a novel information-stealing malware dubbed ‘AppleProcessHub,’ designed to infiltrate Apple systems and exfiltrate sensitive user data. This discovery sheds light on an evolving threat landscape where macOS, often considered a secure platform, is increasingly becoming a target for sophisticated adversaries. The malware employs advanced tactics, techniques, and procedures (TTPs) to evade detection…
How Google Meet Pages Are Exploited to Deliver PowerShell Malware

May 27, 2025 8:54 AM

Tags: attack, cyber, cyberattack, email, exploit, google, macOS, malicious, malware, phishing, powershell, social-engineering, tactics, windows

A new wave of cyberattacks exploits user trust in Google Meet by deploying meticulously crafted fake meeting pages that trick victims into running malicious PowerShell commands. This campaign, dubbed ClickFix, leverages advanced social engineering tactics, bypassing traditional security measures and targeting Windows and macOS systems. The attack begins with phishing emails containing links that closely…
Arms Cyber Expands Ransomware Protection to macOS Devices

May 23, 2025 10:55 PM

Tags: cyber, macOS, ransomware

First seen on scworld.com Jump to article: www.scworld.com/news/arms-cyber-expands-ransomware-protections-to-macos-devices
Novel macOS malware campaign involves fraudulent Ledger apps

May 23, 2025 10:55 PM

Tags: macOS, malware

First seen on scworld.com Jump to article: www.scworld.com/brief/novel-macos-malware-campaign-involves-fraudulent-ledger-apps
Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

May 23, 2025 7:55 PM

Tags: crypto, cyber, hacker, macOS, malicious, malware, password

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application for managing crypto assets via Ledger cold wallets. Since August 2024, Moonlock Lab has been tracking a malware campaign that initially focused on stealing passwords and wallet details but has now evolved to extract seed phrases, enabling attackers to drain…
Apple XNU Kernel Flaw Enables Attackers to Escalate Privileges

May 23, 2025 11:55 AM

Tags: apple, cve, cvss, cyber, flaw, macOS, vulnerability

Apple has released urgent security patches addressing CVE-2025-31219, a high-severity vulnerability in its XNU kernel that underpins macOS, iOS, iPadOS, tvOS, watchOS, and visionOS. The flaw, which carries a CVSS score of 8.8 (vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), enables local attackers to escalate privileges and potentially execute arbitrary code with kernel-level access. The vulnerability was discovered by Michael…
Hackers use fake Ledger apps to steal Mac users’ seed phrases

May 22, 2025 7:55 PM

Tags: access, crypto, cybercrime, hacker, macOS, malware

Cybercriminal campaigns are using fake Ledger apps to target macOS users and their digital assets by deploying malware that attempts to steal seed phrases that protect access to digital cryptocurrency wallets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-use-fake-ledger-apps-to-steal-mac-users-seed-phrases/
Additional findings on FrigidStealer macOS malware emerge

May 16, 2025 10:54 PM

Tags: macOS, malware

First seen on scworld.com Jump to article: www.scworld.com/brief/additional-findings-on-frigidstealer-macos-malware-emerge
Frigidstealer Malware Targets macOS Users to Harvest Login Credentials

May 16, 2025 9:54 PM

Tags: credentials, cyber, login, macOS, malicious, malware, threat, update

An macOS users, a new information-stealing malware dubbed FrigidStealer has emerged as a formidable threat since January 2025. This insidious malware capitalizes on user trust by masquerading as routine browser updates, luring unsuspecting individuals into downloading a malicious disk image file (DMG) from compromised websites. Unlike conventional malware, FrigidStealer bypasses macOS Gatekeeper protections by coercing…
FrigidStealer Malware Hits macOS Users via Fake Safari Browser Updates

May 15, 2025 3:54 PM

Tags: crypto, dns, macOS, malware, password, update

FrigidStealer malware targets macOS users via fake browser updates, stealing passwords, crypto wallets, and notes using DNS-based data… First seen on hackread.com Jump to article: hackread.com/frigidstealer-malware-macos-fake-safari-browser-update/
New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution

May 14, 2025 5:39 PM

Tags: adobe, bug-bounty, cve, cyber, flaw, macOS, risk, update, vulnerability, windows

Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in Photoshop 2024 and 2025 that could enable arbitrary code execution on Windows and macOS systems. The flaws, discovered by external researcher yjdfy through Adobe’s HackerOne bug bounty program, involve memory corruption risks stemming from integer manipulation and uninitialized pointer access. While…
Severe Adobe Illustrator Flaw Allows Remote Code Execution

May 14, 2025 5:39 PM

Tags: adobe, cve, cvss, cyber, flaw, macOS, remote-code-execution, software, update, vulnerability, windows

Adobe has issued an urgent security update for its widely used graphic design software, Adobe Illustrator, following the discovery of a critical heap-based buffer overflow vulnerability tracked as CVE-2025-30330. This flaw, which allows arbitrary code execution on affected systems, impacts both Windows and macOS versions of Illustrator 2024 and 2025. Rated with a CVSS score…
PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)

May 13, 2025 3:38 PM

Tags: apple, cve, cyber, exploit, flaw, macOS, vulnerability

Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied by a proof-of-concept (PoC) exploit demonstrating partial sandbox bypass via Apple’s RemoteViewServices framework. The flaw, discovered by researcher wh1te4ever, exposes weaknesses in macOS’s inter-process communication (IPC) mechanisms that could enable attackers to execute arbitrary code outside application sandbox constraints. With the…
Hackers Abuse PyInstaller to Deploy Stealthy macOS Infostealer

May 13, 2025 2:38 PM

Tags: apple, cyber, cybercrime, exploit, hacker, macOS, open-source, tactics, threat, tool

Jamf Threat Labs has identified a novel macOS infostealer that exploits PyInstaller, a legitimate open-source tool used to bundle Python scripts into standalone Mach-O executables. This marks the first documented instance of PyInstaller being weaponized to deploy infostealers on macOS, highlighting a sophisticated evolution in the tactics of cybercriminals targeting Apple’s ecosystem. Discovered in April…
Google Researchers Use Mach IPC to Uncover Sandbox Escape Vulnerabilities

May 12, 2025 11:10 AM

Tags: apple, attack, cyber, google, macOS, open-source, tool, vulnerability

Google Project Zero researchers have uncovered new sandbox escape vulnerabilities in macOS using an innovative approach that leverages Mach Interprocess Communication (IPC) mechanisms-core components of Apple’s operating system. Their public research details how low-level message passing between privileged and sandboxed processes can be a dangerous attack vector, and offers open-source tools and code for the…
North Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOS

May 10, 2025 4:11 PM

Tags: attack, crypto, cyber, finance, fintech, group, korea, linux, macOS, malware, north-korea, windows

A North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and FinTech companies globally. Since 2023, their infamous Contagious Interview campaign has utilized malware such as BeaverTail and InvisibleFerret to infiltrate systems. However, in September 2024, WaterPlum introduced a sophisticated new…
Hackers Exploit PDF Invoices to Target Windows, Linux, and macOS Systems

May 9, 2025 3:10 PM

Tags: access, attack, cyber, email, exploit, hacker, incident response, linux, macOS, threat, windows

A recent discovery by the FortiMail Incident Response team has revealed a highly sophisticated email campaign targeting organizations in Spain, Italy, and Portugal. This attack distributes a potent Remote Access Trojan (RAT) known as RATty, primarily affecting Windows systems, but also posing a threat to Linux and macOS environments where the Java Runtime Environment (JRE)…
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

May 9, 2025 2:11 PM

Tags: ai, api, apple, backdoor, credentials, cybersecurity, infrastructure, intelligence, macOS, malicious, threat, tool

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor.”Disguised as developer tools offering ‘the cheapest Cursor API,’ these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor’s First seen on thehackernews.com Jump…
Researchers Uncover Remote Code Execution Flaw in macOS CVE-2024-44236

May 9, 2025 11:10 AM

Tags: apple, cve, cyber, flaw, macOS, remote-code-execution, vulnerability, zero-day

Security researchers Nikolai Skliarenko and Yazhi Wang of Trend Micro’s Research Team have disclosed critical details about CVE-2024-44236, a memory corruption vulnerability in Apple’s macOS Scriptable Image Processing System (sips). Discovered by Hossein Lotfi through Trend Micro’s Zero Day Initiative, this flaw allows arbitrary code execution via maliciously crafted ICC profile files. Patched in October…
IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

May 8, 2025 7:10 PM

Tags: attack, cve, cyber, data-breach, flaw, linux, macOS, risk, service, software, vpn, vulnerability, windows

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and macOS systems to local privilege escalation attacks, enabling non-privileged users to gain root or SYSTEM-level access. Designated as CVE-2025-26168 and CVE-2025-26169, these flaws affect versions 1.4.3 and earlier of the software, posing severe risks to industrial, enterprise, and managed service…
Over 2,800 Hacked Websites Targeting MacOS Users with AMOS Stealer Malware

May 6, 2025 5:50 PM

Tags: apple, blockchain, crypto, cyber, cybersecurity, macOS, malware, password, social-engineering, technology

Cybersecurity researcher has uncovered a massive malware campaign targeting MacOS users through approximately 2,800 compromised websites. The operation, dubbed >>MacReaper,
What is EDR? An analytical approach to endpoint security

May 2, 2025 11:50 AM

Tags: access, android, antivirus, api, attack, automation, breach, cloud, corporate, data, defense, detection, edr, email, endpoint, firewall, incident response, infection, infosec, infrastructure, intelligence, Intruder, linux, macOS, malicious, malware, network, service, siem, soar, software, threat, tool, training

EDR vs. antivirus: What’s the difference?: Antivirus software has similar goals to EDR, in that it aims to block malware from installing on and infecting endpoints (usually user PCs). The difference is that antivirus spots malicious activity by trying to match it to signatures, known patterns of code execution or behavior that the security community…