Tag: macOS
-
New XCSSET Malware Variant Targeting macOS Notes App and Wallets
Microsoft warns Apple developers about a new XCSSET malware variant targeting macOS, posing security risks through stealthy infections… First seen on hackread.com Jump to article: hackread.com/xcsset-malware-variant-targets-macos-notes-wallets/
-
New Mac Malware Poses as Browser Updates
Researchers warn of rising macOS-targeted attacks as hackers exploit fake updates to bypass security. FrigidStealer malware highlights growing enterprise risks. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/mac-malware-web-inject-proofpoint/
-
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates
by
in SecurityNewsCybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer.The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher).TA2727 is a “threat…
-
Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer
by
in SecurityNewsProofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/proofpoint-frigidstealer-new-mac/
-
XCSSET macOS malware reappears with new attack strategies, Microsoft sounds alarm
by
in SecurityNewsXcode developers targeted through infected projects: Microsoft reported that XCSSET continues to spread via compromised Xcode projects, a technique that has been in use since the malware’s discovery in 2020. Once an infected project is cloned or downloaded, the malware can embed itself within the developer’s system and further propagate when the infected code is…
-
Microsoft Warns of Improved XCSSET macOS Malware
by
in SecurityNewsMicrosoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users. The post Microsoft Warns of Improved XCSSET macOS Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/
-
XCSSET: macOS-Malware ist wieder aktiv
by
in SecurityNewsEinige Zeit war es ruhig um die Mac-Malware XCSSET. Nun hat Microsoft neue aktive Varianten entdeckt, die Xcode-Projekte befallen. First seen on heise.de Jump to article: www.heise.de/news/XCSSET-macOS-Malware-ist-wieder-aktiv-10285697.html
-
New XCSSET macOS malware variant used in limited attacks
by
in SecurityNewsMicrosoft discovered a new variant of the Apple macOS malware XCSSET that was employed in limited attacks in the wild. Microsoft Threat Intelligence discovered a new variant of the macOS malware XCSSET in attacks in the wild. XCSSET is a sophisticated modular macOS malware that targets users by infecting Xcode projects, it has been active since at…
-
The XCSSET info-stealing malware is back, targeting macOS users and devs
by
in SecurityNewsA new, improved variant of the XCSSET macOS malware has been spotted >>in limited attacks
-
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
by
in SecurityNewsMicrosoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild.”Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,” the Microsoft Threat Intelligence team said in a post shared on…
-
Microsoft Detects New XCSSET MacOS Malware Variant
by
in SecurityNewsMicrosoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-xcsset-macos-malware-variant/
-
Microsoft spots XCSSET macOS malware variant used for crypto theft
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users’ sensitive information, including digital wallets and data from the legitimate Notes app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/
-
XCSSET macOS malware returns with first new version since 2022
Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert First seen on theregister.com Jump to article: www.theregister.com/2025/02/17/macos_xcsset_malware_returns/
-
New XCSSET Malware Targets macOS Users Through Infected Xcode Projects
by
in SecurityNewsMicrosoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking its first update since 2022. This sophisticated malware continues to target macOS users by infecting Xcode projects, a critical tool for Apple developers. The latest variant introduces advanced obfuscation techniques, updated persistence mechanisms, and novel infection strategies, making it more challenging…
-
Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited
by
in SecurityNewsSecurity researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses Kernel Address Space Layout Randomization (KASLR) in macOS systems powered by Apple Silicon processors. This marks the first successful breach of KASLR on Apple’s proprietary ARM-based architecture, revealing significant vulnerabilities in the kernel hardening mechanisms of modern macOS systems. KASLR…
-
Sicherheit und mehr: Das steckt in den jüngsten Updates für Mac, iPhone und iPad
by
in SecurityNewsApple hat weitere Informationen zu iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5 sowie macOS 13.7.4, 14.7.4 und 15.3.1 veröffentlicht. Leider nicht sehr ausführlich. First seen on heise.de Jump to article: www.heise.de/news/Sicherheit-und-mehr-Das-steckt-in-den-juengsten-Updates-fuer-Mac-iPhone-und-iPad-10277332.html
-
iOS, iPadOS, MacOS, WatchOS und VisionOS: Apple-Betriebssysteme erhalten Sicherheitsupdates
by
in SecurityNewsiOS 18.3.1 schließt eine kritische Sicherheitslücke. Mit 8.4. soll Apple Intelligence in die EU kommen. First seen on golem.de Jump to article: www.golem.de/news/ios-ipados-macos-watchos-und-visionos-apple-betriebssysteme-erhalten-sicherheitsupdates-2502-193213.html
-
Small praise for modern compilers – A case of Ubuntu printing vulnerability that wasn’t
by
in SecurityNewsBy Aleksandar NikolichEarlier this year, we conducted code audits of the macOS printing subsystem, which is heavily based on the open-source CUPS package. During this investigation, IPP-USB protocol caught our attention. IPP over USB specification defines how printers that are available over USB can only still support network printing First seen on blog.talosintelligence.com Jump to…
-
Infostealers Aimed At MacOS Surges
by
in SecurityNews
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/brief/infostealers-aimed-at-macos-surges
-
Ghidra 11.3 Released A Major Update to NSA’s Open-Source Tool
by
in SecurityNews
Tags: cyber, cybersecurity, linux, macOS, open-source, reverse-engineering, software, tool, update, windowsThe National Security Agency (NSA) has officially released Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework. Known for its robust capabilities in analyzing compiled code across multiple platforms, including Windows, macOS, and Linux, this release introduces significant enhancements aimed at improving performance and usability for cybersecurity professionals. One of the…
-
Infostealers targeting macOS jumped by 101% in second half of 2024
by
in SecurityNews
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/news/infostealers-targeting-macos-jumped-by-101-in-second-half-of-2024
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
by
in SecurityNewsNorth Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
Password Stealing Malware Attacking macOS Users Increasing Rapidly
by
in SecurityNewsIn a concerning trend, macOS users are facing an unprecedented rise in password-stealing malware attacks. Recent cybersecurity reports reveal a 101% surge in macOS infostealers during the latter half of 2024, marking these threats as the most significant category of new malware targeting Apple devices. Infostealers such as Atomic Stealer, Poseidon Stealer, and Cthulhu Stealer…
-
FlexibleFerret malware targets the macOS via North Korea job campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/flexibleferret-malware-targets-the-macos-via-north-korea-job-campaign
-
MacOS Ferret operators add a deceptive bite to their malware family
by
in SecurityNewsThe macOS Ferret family, variants of malware used by North Korean APTs for cyber espionage, has received a new member as samples of a detection-resistant variant, Flexible-Ferret, appear in the wild.The discovery of the samples was made by SentinelOne researchers who noted the variant’s capability to evade the recent XProtect signature update that Apple pushed…
-
Apple’s macOS Kernel Vulnerability (CVE-2025-24118) Exposes Users to Privilege Escalation Attacks PoC Released
by
in SecurityNewsA critical privilege escalation vulnerability in Apple’s macOS kernel has been revealed, posing a significant risk to users. The flaw, identified as CVE-2025-24118, affects multiple versions of macOS, iPadOS, and macOS Sequoia. Security researcher Joseph Ravichandran (@0xjprx) from MIT CSAIL brought this issue to light, demonstrating how a race condition in the macOS XNU kernel could lead to…
-
State-linked hackers deploy macOS malware in fake job interview campaign
by
in SecurityNewsActors linked to North Korea bypassed Apple security using malware called FlexibleFerret. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korean-hackers–fake-interview/739165/
-
22 New Mac Malware Families Seen in 2024
by
in SecurityNewsNearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware. The post 22 New Mac Malware Families Seen in 2024 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/22-new-mac-malware-families-seen-in-2024/
-
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
by
in SecurityNewsThe North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process.”Targets are typically asked to communicate with an interviewer through a link that throws an error message and a request to install or update some…