Update now – Apple confirms vulnerabilities are already being exploited

Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. The updates for iOS and Intel-based Mac systems are especially important, as they tackle vulnerabilities that are being actively exploited by cybercriminals. Read More …

New macOS vulnerability, “HM Surf”, could lead to unauthorized data access

Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as Read More …

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

From infostealer development to data exfiltration, cloud service providers are increasingly being abused by threat actors for malicious schemes. While in this case the ransomware samples we examined contained hard coded AWS credentials, this is specific to this single threat Read More …

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

Unit 42 researchers have been tracking the activity of an ongoing poisoned Python packages campaign delivering Linux and macOS backdoors via infected Python software packages. Unit 42 researchers named these infected software packages PondRAT. They’ve also found Linux variants of Read More …

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat

In June 2024, Kaspersky discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples Kaspersky found almost exactly replicate the functionality of the Windows Read More …

Report finds Apple devices fare the worst when it comes to full takeover risks

A worrying number of environments are vulnerable to complete takeover via escalated privileges, a new report from Picus Security has found. Environments were tested in simulated attacks, with the average organization managing to defend against 7 out of 10 attacks, but Read More …

Millions of iOS apps could have been hit by cyberattack due to a worrying flaw

A key tool used primarily in iOS and macOS app development was vulnerable in a way that opened up millions of Mac apps to supply chain attacks, experts have warned. Cybersecurity researchers EVA Information Security claim a dependency manager for Read More …

Unmasking Mac malware – strategies for a growing threat

In recent years, cybercriminal groups have been ramping up their efforts to find vulnerabilities and create malware that will exploit the iOS or macOS. Jamf’s latest annual threat landscape research tracked 300 malware families designed for macOS, and 21 newly Read More …