-
North Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Russian-speaking threat actor attributed to the username “koneko” has resurfaced with a sophisticated new botnet named Tsundere, discovered by Kaspersky GReAT around mid-2025. This marks a significant evolution from a previous supply chai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new macOS malware campaign dubbed “Nova Stealer” has emerged, targeting cryptocurrency users through an elaborate scheme that replaces legitimate wallet applications with malicious counterparts designed to harvest sensitive …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jamf Threat Labs has identified a new family of malicious stealers tracked as DigitStealer, representing a significant evolution in macOS-targeted malware. Unlike traditional infostealers that follow linear execution paths, DigitStealer introduced soph…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across Windows and macOS platforms. The campaign demonstrates how threat actors are…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since Apple removed the popular “right-click and open” Gatekeeper override in August 2024, threat actors have shifted their tactics to deliver malware on macOS. Among emerging techniques, attackers are increasingly leveraging AppleScript (….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden maliciou…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during l…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A team of security researchers has released an in-depth technical report on CVE-2025-32463, a critical local privilege escalation flaw in the widely used Linux sudo utility. The vulnerability, which affects sudo versions 1.9.14 through 1.9.17, allows a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new malware strain targeting macOS users has emerged, capable of bypassing traditional antivirus solutions while specifically targeting developers and cryptocurrency holders. The cross-platform threat, dubbed ModStealer, represents the …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
