Researchers have uncovered significant vulnerabilities in macOS privacy protection. According to researchers Csaba Fitzl and Wojciech Regula with Offensive Security and SecuRing respectively, applications that are allowed to run on Apple’s operating system can exceed the permissions granted to them by the user. This allows for potential privacy attacks, such

Compromised WordPress websites have been enlisted by threat actors in a campaign targeting macOS users. WildPressure is the group of threat actors that have added a macOS malware variant to their campaign targeting energy sector businesses. Compromised WordPress websites are being utilized to carry out attacks.  Novel malware, named Milum,

The M1 chip is the latest processor for Apple Macs. Malware authors have already created Mac-specific binaries that can target the ARM64 architecture used by these M1 processors. One of the malware downloaders is called Silver Sparrow and can use the MacOS installer’s JavaScript API to create communication with a

Apple has recently released three critical security updates affecting macOS Big Sur 11.0, macOS High Sierra 10.13.6, and macOS Mojave 10.14.6. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced the patches in a notice released earlier this week urging consumers to update their devices as soon

A recently released tool allows any user to exploit a Mac vulnerability that leads to bypassing the T2 security chip, gaining deep system access. The flaw is commonly used among researchers to jailbreak older iPhone models, however, the fact that the T2 chip is similarly vulnerable in Mac devices as

In February, Apple began to notarize all macOS applications in an extensive vetting process that was designed purposefully to weed out malicious apps. All software distributed outside of the Mac App Store requires a notarization now, or the programs will be unable to run on devices. However, researchers have discovered

MacOS users could be vulnerable to a new form of ransomware discovered by security professionals at the firm SentinelOne. MacOS owners have been warned to monitor device security closely after the new malware variant known as ThiefQuest began to target victims, encrypting entire systems, and stealing personal data from the

Researchers have used a new fuzzing tool to uncover a total of 26 vulnerabilities in operating systems Linux, macOS, Windows, and FreeBSD. The research team consists of individuals from Purdue University and the Swiss Federal Institute of Technology Lausanne. The fuzzing tool was created by the researchers and has been

Lazarus Group, a cyberthreat group with known links to North Korea, has added a new variant of the Dacls remote-access trojan (RAT) that specifically targets the macOS operating system. The Dacls RAT has been created from an existing Linux version and was first discovered last December when it targeted Windows

Security researchers have reported a new macOS malware that traces back to the malicious North Korean hacking group Lazarus. The threat has a low detection rate and is capable of retrieving a payload from a remote location. Malware researcher Dinesh Devadoss provided a hash for the malware sample that had