Tag: macOS
-
Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities
by
in SecurityNewsApple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-security-fixes-ios-15-16/
-
Apple Backports Zero-Day Patches to Older Devices in Latest Security Update
by
in SecurityNewsApple has released a series of critical security updates to address vulnerabilities that were actively exploited as zero-day threats. These updates include backported patches for older versions of iOS, iPadOS, macOS, and watchOS, aiming to secure devices that may still be running outdated software. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apple-backports-zero-day-patches/
-
Apple backported fixes for three actively exploited flaws to older devices
by
in SecurityNewsApple backports three critical vulnerabilities actively exploited in attacks against older iOS and macOS models. Apple has backported fixes for three actively exploited vulnerabilities to older devices and OS versions. The three vulnerabilities are: Apple released the following updates: that are available for the following devices: Follow me on Twitter:@securityaffairsandFacebookandMastodon PierluigiPaganini (SecurityAffairs hacking, newsletter) First seen on…
-
Altgeräte bedrohen Sicherheit in Unternehmen
by
in SecurityNews
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices
by
in SecurityNewsApple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.The vulnerabilities in question are listed below -CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on…
-
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
by
in SecurityNewsApple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.The vulnerabilities in question are listed below -CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on…
-
Volume of attacks on network devices shows need to replace end of life devices quickly
by
in SecurityNews
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
New ReaderUpdate macOS Malware Loader Variants Emerge
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-readerupdate-macos-malware-loader-variants-emerge
-
New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants
by
in SecurityNewsSecurity researchers at SentinelOne have discovered that ReaderUpdate, a macOS malware loader platform that has been active since at least 2020, has significantly evolved with new variants written in multiple programming languages. The malware, which previously went relatively unnoticed by many vendors, now includes versions written in Crystal, Nim, Rust, and most recently Go, in…
-
New ReaderUpdate malware variants target macOS users
by
in SecurityNewsNew ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. ReaderUpdate is a macOS malware loader that has been active since 2020, the malicious code…
-
VMware plugs a high-risk vulnerability affecting its Windows-based virtualization
by
in SecurityNewsPatching is the only workaround: Broadcom advisory noted that the flaw does not have any workarounds and customers must apply patches rolled out on Tuesday to defend against exploitation.Affected products include all 11.x and 12.x versions of VMware tools for Windows, and are patched in the 12.5.1[1] rollout. VMware tools for Linux and macOS remain…
-
macOS Users Warned of New Versions of ReaderUpdate Malware
by
in SecurityNewsmacOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/macos-users-warned-of-new-versions-of-readerupdate-malware/
-
Take these 5 steps to protect against macOS security gaps
by
in SecurityNews
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/perspective/take-these-5-steps-to-protect-against-macos-security-gaps
-
Albabat Ransomware Expands Reach to Target Linux and macOS Platforms
by
in SecurityNewsA recent report from Trend Micro has revealed that a new variant of the Albabat ransomware now targets Linux and macOS platforms, marking a significant expansion in its capabilities. Previously limited to Windows systems, this updated strain demonstrates the evolving sophistication of ransomware threats. The malware is still under active development, with its multi-OS functionality…
-
New Phishing Campaign Targets macOS Users with Fake Security Alerts
by
in SecurityNewsLayerX Labs reports a sophisticated macOS phishing campaign, evading security measures. Learn how attackers adapt and steal credentials from Mac users. First seen on hackread.com Jump to article: hackread.com/new-phishing-campaign-targeted-at-mac-users/
-
New phishing campaign uses scareware to steal Apple credentials
by
in SecurityNewsThe campaign previously targeted Windows users: According to LayerX researchers, the campaign has been seen targeting Mac users only in the last few months. Initially, it targeted Windows users by masquerading as Microsoft security alerts.Designed to steal user credentials, threat actors have apparently shifted focus to Mac users owing to new security features being rolled…
-
Albabat Ransomware Expands Targets, Abuses GitHub
by
in SecurityNewsNew versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub. The post Albabat Ransomware Expands Targets, Abuses GitHub appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/
-
Researchers Reveal macOS Vulnerability Exposing System Passwords
by
in SecurityNewsA recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in the latest security updates for macOS Sequoia 15.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1. This vulnerability could potentially expose system passwords, emphasizing the importance of updating macOS devices to the latest versions. Background and…
-
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
by
in SecurityNewsRecent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and macOS systems. This expansion highlights the increasing sophistication of ransomware groups in exploiting multiple operating systems to maximize their impact. The Albabat group has been leveraging GitHub to streamline its operations,…
-
Albabat Ransomware Evolves to Target Linux and macOS
by
in SecurityNewsTrend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/albabat-ransomware-linux-macos/
-
Xcode Projects Targeted By New XCSSET macOS Malware Variant
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/xcode-projects-targeted-by-new-xcsset-macos-malware-variant
-
XCSSET macOS malware variant targets Xcode projects of app developers
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/xcsset-macos-malware-variant-targets-xcode-projects-of-app-developers
-
Apple Rolls Out Critical Security Fixes: iOS 18.3.2, macOS Ventura, and More Receive Important Updates
by
in SecurityNewsApple has released a series of crucial security updates designed to patch vulnerabilities across its ecosystem of devices. On March 11, 2025, the tech giant rolled the Apple security update with iOS 18.3.2, iPadOS 18.3.2, macOS Ventura, macOS Sonoma, macOS Sequoia, visionOS 2.3.2, and tvOS 18.3.1, addressing multiple security flaws that could potentially have been…
-
iPhone-Nutzer attackiert: Aktiv ausgenutzte Webkit-Lücke gefährdet Apple-Geräte
by
in SecurityNewsAngreifer können durch die Schwachstelle aus der Web-Content-Sandbox von Webkit ausbrechen. Apple verteilt Notfallupdates für iOS, MacOS und Safari. First seen on golem.de Jump to article: www.golem.de/news/iphone-nutzer-attackiert-aktiv-ausgenutzte-webkit-luecke-gefaehrdet-apple-geraete-2503-194203.html
-
macOS NULL Pointer Dereference Vulnerability Allow Attackers Exploits Kernel
by
in SecurityNewsHistorically, NULL pointer dereferences have been a significant vulnerability in operating systems, including macOS. These occur when software attempts to access memory at address 0 via a NULL pointer, leading to potential crashes or, under certain conditions, exploitation by attackers. In the past, attackers could exploit such vulnerabilities by mapping controlled memory at address 0,…
-
Linux, macOS users infected with malware posing as legitimate Go packages
Campaign is tailor-made for persistence : The repeated use of identical filenames, array-based string obfuscation, and delayed execution tactics strongly suggests a coordinated adversary who plans to persist and adapt, the researchers added.The presence of multiple malicious Hypert and Layout packages along with several fallback domains also suggests a resilient infrastructure. This setup will allow threat…
-
Typosquatting campaign targets financial sector Linux, macOS systems
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/typosquatting-campaign-targets-financial-sector-linux-macos-systems