MACOS Archives - Cybersecurity News Everyday

Albabat Ransomware Expands Targets, Abuses GitHub

Summary: Trend Micro reports that newly identified versions of the Albabat ransomware are now configured to target Windows, Linux, and macOS systems, with capabilities to retrieve components from a private GitHub repository. Active since 2023, Albabat utilizes advanced techniques to evade detection and shares infrastructure details that indicate its ongoing development.…

Cyber Security News

Albabat Ransomware Evolves to Target Linux and macOS

March 22, 2025 Cyware

Summary: New variants of the Albabat ransomware have been developed to target multiple operating systems, including Windows, Linux, and macOS. Researchers from Trend Micro have found that version 2.0 incorporates a GitHub account to enhance operational efficiency and track infections, with evidence suggesting a subsequent version, 2.5, is also under development.…

Threat Research

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations

March 21, 2025 TrendMicro

Trend Research has identified new versions of the Albabat ransomware targeting Windows, Linux, and macOS platforms. The group is utilizing GitHub to facilitate their ransomware operations. Organizations are advised to enhance security protocols and implement preventive measures to mitigate potential ransomware attacks. Affected: Windows, Linux, macOS

Keypoints :

New versions of Albabat ransomware have been discovered, indicating a potential expansion of targets.…

Threat Research

GrassCall Campaign: The Hackers Behind Job Recruitment Cyber Scams

March 20, 2025March 20, 2025 Securonix

The “GrassCall” malware campaign is an advanced social engineering attack targeting job seekers in the cryptocurrency and Web3 sectors, orchestrated by the Russian cybercriminal organization “Crazy Evil.” Utilizing fake job interviews, the attackers compromise systems to steal cryptocurrency assets, resulting in hundreds of victims. Affected: cryptocurrency sector, job seekers

Keypoints :

The GrassCall malware campaign is led by the Russian-speaking cyber-criminal organization “Crazy Evil.”…

Threat Research

Securonix Threat Labs Monthly Intelligence Insights – February 2025

March 19, 2025 Securonix

The Monthly Intelligence Insights report from Securonix Threat Labs analyzes significant cybersecurity threats from February 2025, including sophisticated campaigns such as DEEP#DRIVE by Kimsuky and various ransomware activities. Key findings include the emergence of new threat actors and tactics targeting critical sectors through phishing and exploiting vulnerabilities.…

Threat Research

ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery

March 18, 2025 SekoiaIO

ClearFake is a sophisticated malicious JavaScript framework launched in July 2023, targeting users through fake download prompts and deceptive social engineering tactics. Its latest variant, detected in February 2025, leverages fake CAPTCHA challenges and integrates with the Binance Smart Chain to enable direct malware delivery to compromised systems.…

Threat Research

New XCSSET Malware Adds New Obfuscation and Persistence Techniques to Infect Xcode Projects | Microsoft Security Blog

March 18, 2025March 18, 2025 microsoft

A new variant of XCSSET malware has been discovered, which is specifically designed to infect macOS Xcode projects. This sophisticated malware utilizes advanced obfuscation, updated persistence techniques, and novel infection strategies to exfiltrate sensitive information, including digital wallet data. It operates in a stealthy manner, often remaining fileless, which complicates detection and removal efforts.…

Cyber Security News

THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

March 17, 2025 CybersecurityNews

Summary: This week’s cybersecurity report highlights the evolving landscape of cyber threats, including advanced techniques used by threat groups and rising supply chain vulnerabilities. Law enforcement efforts against cybercriminal networks show promise, while new exploits and vulnerabilities demand prompt attention from organizations. The report includes notable incidents, emerging attack methods, and critical vulnerabilities that security teams should prioritize.…

Interesting Stuff

Mastering iOS Pentesting with otool

March 17, 2025March 17, 2025 Infosecwriteups

This article explores how otool can be utilized for security analysis of iOS applications. It provides a comprehensive checklist for conducting security checks on iOS binaries to identify vulnerabilities and potential exploits, including inspections of libraries, protections, and system calls. Affected: iOS applications

Keypoints :

otool is a command-line utility for macOS/iOS, helpful in reverse engineering.…

Interesting Stuff

How to Choose the Correct Severity or CVSS Score for a Bug: A Practical Guide

March 15, 2025March 15, 2025 Infosecwriteups

A thorough understanding of CVSS (Common Vulnerability Scoring System) is crucial for bug bounty hunters when determining the severity of vulnerabilities they encounter. By accurately scoring vulnerabilities, hunters can effectively communicate the urgency of issues to development teams. The severity levels inform teams on how to prioritize remediation efforts.…

Cyber Security News

ClickFix Widely Adopted by Cybercriminals, APT Groups

March 14, 2025 CybersecurityNews

Summary: Since August 2024, state-sponsored hackers and cybercriminals have been using a technique called ClickFix to deploy information stealer malware. This method involves social engineering through malicious JavaScript that manipulates users into executing harmful commands. Group-IB reports an increase in this attack vector, particularly targeting users on various platforms that offer free content or software.…

Cyber Security News

Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability

March 14, 2025 Cyware

Summary: Google, Apple, and Microsoft have released emergency patches to address an actively exploited zero-day vulnerability (CVE-2025-24201) affecting the GPU on Mac and the Chromium engine used in popular web browsers. The vulnerability allows attackers to bypass security measures and has already been exploited in the wild.…

Cyber Security News

North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps

March 14, 2025 CybersecurityNews

Summary: A North Korean threat actor, ScarCruft, has developed an Android surveillance tool called KoSpy that targets Korean and English-speaking users through deceptive apps on the Google Play Store. Additionally, a series of npm packages linked to another North Korean campaign are designed to deploy malware and steal sensitive information.…

Threat Research

Ramadan Scams on the Rise: Fake Giveaways, Crypto Traps & Fraudulent Donations | CloudSEK

March 13, 2025 CloudSek

This report highlights the rise of Ramadan-related cyber scams, particularly targeting charitable contributions and crypto investments. Cybercriminals are exploiting the goodwill associated with Ramadan to spread fraudulent schemes, often using social engineering tactics to deceive victims. Understanding these scams is essential for safeguarding against potential losses.…

Threat Research

Abusing with style: Leveraging cascading style sheets for evasion and tracking

March 13, 2025 Talos

Cisco Talos has identified the misuse of Cascading Style Sheets (CSS) by threat actors to evade spam filters and track user actions and preferences, posing security and privacy risks. The blog discusses various methods of CSS abuse, including hidden text and tracking capabilities that exploit the functionality of CSS in emails.…

Cyber Security News

Enhanced XCSSET Malware Targets MacOS Users with Advanced Obfuscation

March 13, 2025 Cyware

Summary: Microsoft Threat Intelligence has identified a new variant of XCSSET malware targeting macOS developers, featuring advanced obfuscation, updated persistence techniques, and new infection strategies. The malware exploits the collaborative nature of Xcode projects, employing a four-stage infection chain that makes it difficult to detect. Although currently observed in limited attacks, its capabilities pose a significant threat to developers and users of macOS systems.…

Cyber Security News

WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback

March 13, 2025 CybersecurityNews

Summary: Mozilla is urging users to update to Firefox version 128 or higher to avoid critical issues related to an expiring root certificate, which could disrupt add-on functionality and security features. The deadline for this update is March 14, 2025, and failing to update risks exposing users to security vulnerabilities.…

0Trash

Beware! Hacker Group Lazarus Deploys Malware Packages on npm Platform; SolarWinds Helpdesk Vulnerability Exposed: Attackers Can Decrypt Sensitive Passwords – Security Bull

March 13, 2025March 13, 2025 iocOne

A recent security report highlights multiple cyber threats, including the discovery of six malicious npm packages linked to the Lazarus hacker group, which are designed to steal sensitive credentials and deploy malware. Additionally, a serious vulnerability in SolarWinds’ web help desk has been uncovered, allowing attackers to decrypt sensitive credentials.…

Cyber Security News

Mozilla warns users to update Firefox before certificate expires

March 12, 2025 BleepingComputer

Summary: Mozilla is urging Firefox users to update to version 128 or later due to the upcoming expiration of a root certificate, which could jeopardize security and functionality related to add-ons. Failure to update may expose users to significant risks, including the use of malicious add-ons and compromised password alerts.…

Tag: MACOS