XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory

Microsoft Threat Intelligence has identified yet another XCSSET variant in the wild that introduces further updates and new modules beyond those detailed in our March 2025 blog post. The XCSSET malware is designed to infect Xcode projects, typically used by Read More …

WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware

WhatsApp said on Friday that it fixed a security bug in its iOS and Mac apps that was being used to stealthily hack into the Apple devices of “specific targeted users.” The Meta-owned messaging app giant said in its security Read More …

A critical Docker Desktop security flaw puts Windows hosts at risk of attack – patch now

Docker has patched a critical severity vulnerability in its Desktop app for Windows and macOS which could have allowed threat actors to fully take over vulnerable hosts, exfiltrate sensitive data, and more. The vulnerability is described as a server-side request Read More …

All Apple users should update after company patches zero-day vulnerability in all platforms

Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability (a vulnerability which Apple was previously unaware of) that is reportedly being used in targeted attacks. Apple has acknowledged reports that attackers may have already Read More …

macOS NimDoor, DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware

In April 2025, Huntabil.IT observed a targeted attack on a Web3 startup, attributing the incident to a DPRK threat actor group. Several reports on social media at the time described similar incidents at other Web3 and Crypto organizations. Analysis revealed Read More …

Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape

In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. An attacker could create an exploit to escape the App Sandbox without user interaction Read More …

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild during routine threat hunting. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, Read More …

Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

Microsoft Threat Intelligence discovered a new macOS vulnerability that could allow attackers to bypass Apple’s System Integrity Protection (SIP) in macOS by loading third party kernel extensions. SIP is a security technology that restricts the performance of operations that may Read More …

Cracking the Code: How Banshee Stealer Targets macOS Users

Since September, Check Point Research (CPR) has been monitoring a new version of the Banshee macOS Stealer, a malware that steals browser credentials, cryptocurrency wallets, and other sensitive data. Undetected for over two months, Banshee’s latest version introduced string encryption Read More …