Security News
The vulnerability, which the researchers named iLeakage, enables threat actors to read Gmail messages, reveal passwords and uncover other personal information. The iLeakage vulnerability has not yet been exploited in the wild as of October 27.
Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day...
Regular tune-ups help protect Macs, both desktop and laptop models, from potential data loss, needlessly slow performance and other issues. Just what steps should a macOS tune-up checklist include? Check out the steps below, from TechRepublic Premium, to ensure you get proper, consistent results during each macOS tune-up.
A set of memory corruption flaws have been discovered in the ncurses programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions," Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse said in a technical report published today.
Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. Dmg - and the inclusion of words such as "Official Brief Description" indicate that the malware peddlers are going specifically after enterprise macOS users.
A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers. Although the malware has some similarities with Atomic Stealer, another Go-based macOS targeting info-stealer, the code overlap is limited, and the delivery methods are different.
A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posing as fake clients in order to socially engineer victims into launching malicious payloads," SentinelOne security researcher Phil Stokes said in a Monday analysis.
A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer, indicating that it's being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light in April 2023.
A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system's Gatekeeper, Malwarebytes researchers have discovered. "Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in," says Malwarebytes researcher Jérôme Segura.
A new variant of malware called XLoader is targeting macOS users. A new report from cybersecurity company SentinelOne shows how the XLoader malware evolved.