macOS

A critical vulnerability in macOS WorkflowKit, the framework underpinning Apple's Shortcuts app, has been disclosed. This vulnerability allows malicious applications to intercept and modify user-imported shortcuts. Identified as CVE-2024-27821, this race condition in WorkflowKit poses...

Researchers discovered a novel approach employed by the threat actor to conceal codes using Extended Attributes to avoid detection in macOS devices. Extended attributes are metadata that can be linked to different file systems' files...

North Korean threat actors, likely associated with BlueNoroff, have launched multi-stage malware attacks targeting cryptocurrency businesses, expanding their toolkit to include RustDoor/ThiefBucket and RustBucket campaigns.  Hidden Risk, a DPRK-linked threat actor, employed a novel persistence...

A remote access trojan (RAT), HZ RAT, that has been attacking Windows-based devices since at least 2020, was recently upgraded and changed to target Mac users as well.  Typically, a RAT is a type of...

Apple has released iOS 18, addressing a total of 32 security vulnerabilities across various components of its operating system. This comprehensive update is available for iPhone XS and later models, as well as iPad Pro...

Hackers target macOS as its growing user base makes it an increasingly attractive target.  Despite its reputation for strong security, macOS vulnerabilities exist, and exploiting them can give hackers access to valuable data or control...

Cisco Talos has identified eight security vulnerabilities in Microsoft applications running on the macOS operating system, raising concerns about potential exploitation by adversaries. These vulnerabilities, if exploited, could allow attackers to hijack the permissions...

International authorities have successfully seized the servers associated with the notorious Dispossessor ransomware group. This operation marks a critical step in combating ransomware attacks that have plagued individuals, businesses, and institutions worldwide. According to...

A new AMOS Mac stealer variant is circulating, distributed via a fake Loom website hosted on Google Ads, which, potentially linked to the Crazy Evil threat group, redirects users to a fraudulent download page...

The Spytech, a little-known spyware maker based in Minnesota, has been hacked, exposing sensitive data from thousands of devices worldwide. The breach has unveiled the covert surveillance activities of the company, which has compromised over...