Security News

Regular tune-ups help protect Macs, both desktop and laptop models, from potential data loss, needlessly slow performance and other issues. Just what steps should a macOS tune-up checklist include? Check out the steps below, from TechRepublic Premium, to ensure you get proper, consistent results during each macOS tune-up.

A set of memory corruption flaws have been discovered in the ncurses programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions," Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse said in a technical report published today.

Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. Dmg - and the inclusion of words such as "Official Brief Description" indicate that the malware peddlers are going specifically after enterprise macOS users.

A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers. Although the malware has some similarities with Atomic Stealer, another Go-based macOS targeting info-stealer, the code overlap is limited, and the delivery methods are different.

A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posing as fake clients in order to socially engineer victims into launching malicious payloads," SentinelOne security researcher Phil Stokes said in a Monday analysis.

A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer, indicating that it's being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light in April 2023.

A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system's Gatekeeper, Malwarebytes researchers have discovered. "Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in," says Malwarebytes researcher Jérôme Segura.

A new variant of malware called XLoader is targeting macOS users. A new report from cybersecurity company SentinelOne shows how the XLoader malware evolved.

A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the "OfficeNote" app. XLoader is a malware-as-a-service infostealer and botnet that has been active since 2015, but first appeared as a macOS variant in 2021, written in Java.

A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called "OfficeNote." "The new version of XLoader is bundled inside a standard Apple disk image with the name OfficeNote.dmg," SentinelOne security researchers Dinesh Devadoss and Phil Stokes said in a Monday analysis.