Security News

The XCSSET info-stealing malware is back, targeting macOS users and devs
2025-02-17 17:40

A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and...

Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
2025-02-17 16:30

Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware...

Microsoft spots XCSSET macOS malware variant used for crypto theft
2025-02-17 16:04

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. [...]

XCSSET macOS malware returns with first new version since 2022
2025-02-17 13:43

Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert Microsoft says there's a new variant of XCSSET on the prowl for Mac users – the first new iteration of the...

New FinalDraft malware abuses Outlook mail service for stealthy comms
2025-02-16 15:15

A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...]

PirateFi game on Steam caught installing password-stealing malware
2025-02-14 17:32

A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]

Malicious PirateFi game infects Steam users with Vidar malware
2025-02-14 17:32

A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]

North Korean hackers spotted using ClickFix tactic to deliver malware
2025-02-13 16:16

North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A...

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux
2025-02-13 09:11

Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The...

Delivering Malware Through Abandoned Amazon S3 Buckets
2025-02-12 12:09

Here’s a supply-chain attack just waiting to happen. A group of researchers searched for, and then registered, abandoned Amazon S3 buckets for about $400. These buckets contained software...