North Korean advanced persistent threat actor Lazarus is leveraging the current popularity of the blockchain and cryptocurrency industry to target organizations and individuals running Apple and Intel-based systems. The cyber espionage campaign recently identified consists of Lazarus deploying fake job postings for Coinbase. The job posting contains a malicious Mac

Researchers have reportedly uncovered a new strain of macOS malware that is being distributed in attacks against visitors to a Hong Kong pro-democracy radio station website. The website was used to facilitate a watering hole-style attack and serve a Safari browser to exploit to visitors. Therefore, the malware was deployed

Cybersecurity researchers have discovered a new malware that has the capability to create backdoors on Windows, Linux, and macOS operating systems. Therefore, hackers using the malware could achieve full access to compromised systems on a range of devices. Intezer released more information about the malware, which it has named SysJoker.

Google’s Threat Analysis Group (TAG) has discovered attackers targeting visitors to websites in Hong Kong were using a previously unknown zero-day flaw in macOS to capture keystrokes and take screengrabs. Apple patched the bug in September, tracked as CVE-2021-30869, roughly a month after it was discovered by Google Researchers. Apple

Researchers have uncovered significant vulnerabilities in macOS privacy protection. According to researchers Csaba Fitzl and Wojciech Regula with Offensive Security and SecuRing respectively, applications that are allowed to run on Apple’s operating system can exceed the permissions granted to them by the user. This allows for potential privacy attacks, such

Compromised WordPress websites have been enlisted by threat actors in a campaign targeting macOS users. WildPressure is the group of threat actors that have added a macOS malware variant to their campaign targeting energy sector businesses. Compromised WordPress websites are being utilized to carry out attacks.  Novel malware, named Milum,

The M1 chip is the latest processor for Apple Macs. Malware authors have already created Mac-specific binaries that can target the ARM64 architecture used by these M1 processors. One of the malware downloaders is called Silver Sparrow and can use the MacOS installer’s JavaScript API to create communication with a

Apple has recently released three critical security updates affecting macOS Big Sur 11.0, macOS High Sierra 10.13.6, and macOS Mojave 10.14.6. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced the patches in a notice released earlier this week urging consumers to update their devices as soon

A recently released tool allows any user to exploit a Mac vulnerability that leads to bypassing the T2 security chip, gaining deep system access. The flaw is commonly used among researchers to jailbreak older iPhone models, however, the fact that the T2 chip is similarly vulnerable in Mac devices as

In February, Apple began to notarize all macOS applications in an extensive vetting process that was designed purposefully to weed out malicious apps. All software distributed outside of the Mac App Store requires a notarization now, or the programs will be unable to run on devices. However, researchers have discovered