Skip to main content

Tag: macos

47 articles

Concerned person sits in front of laptop with blank screen, surrounded by everyday objects.

ClickLock Malware Forces macOS Users to Reveal Login Passwords

Beware: a sneaky new malware called ClickLock has already compromised over 100 macOS systems in 33 countries, tricking users into revealing their login passwords. This stealthy threat has been hiding in plain sight since May, leaving a trail of vulnerable systems in its wake.

Analyst 207
Person sitting at desk with obscured hands and blurred computer screen.

ClickLock Malware Targets macOS Users with Coercive Password Theft Tactic

Beware: a new malware called ClickLock is coercing macOS users into handing over their login passwords by rendering their desktop unusable until they comply. This sneaky tactic has already hit at least 100 targets across 33 countries since May.

Analyst 207
Cluttered home office workspace with Mac computer on desk displaying a blurred download page, with cityscape visible…

PamStealer Targets Mac Users with Fake Maccy Sites and PAM Checks

Researchers have uncovered PamStealer, a sneaky macOS information stealer that tricks users into downloading it from fake Maccy sites, and it can even slip past Apple's security measures. This clever malware uses a two-stage delivery method to steal sensitive info from unsuspecting Mac users.

Analyst 207
Laptop on office desk with blurred CAPTCHA on screen, surrounded by papers and supplies.

Cybercriminals Exploit ClickFix to Deliver Malware

Don't assume macOS is safe from cyber threats - a recent report warns that it now requires the same level of monitoring and protection as Windows to prevent malware attacks. Cybercriminals are using the ClickFix technique to deliver malware, tricking victims into running malicious commands.

Analyst 207
Modern tech facility with sleek building and laptop in foreground.

Apple Bolsters Security with AI-Discovered WebKit Flaw Patches

Apple is stepping up its security game by releasing patches for over three dozen WebKit flaws, discovered with the help of AI, to protect its users from potential hacking threats. By speeding up its update process, Apple aims to outpace malicious hackers who are leveraging AI to develop exploits at an alarming rate.

Analyst 207
Cluttered home office desk with Mac laptop, coffee cup, and papers, conveying everyday use and vulnerability.

macOS Flaw Enables Users to Disable EDR, MDM Tools

A security flaw in macOS has been discovered that allows users to quietly disable crucial enterprise security tools, including EDR and MDM, without needing administrator privileges. This gap in endpoint security models could leave businesses vulnerable to attacks.

Analyst 207
MacBook on a desk with a softly lit modern workspace background and coding elements on the screen.

MacOS Update Exposes New Artifact for Tracing Digital Intent

The latest macOS update has introduced a game-changing digital trail: the App.MenuItem stream, which meticulously logs every menu selection you make, complete with exact timestamps. This new artifact reveals a detailed narrative of your interactions with the operating system interface.

Analyst 207
Cluttered home office desk with Mac computer and blurred screen, suburban neighborhood visible through window.

Malvertising Campaign Spreads FlutterShell Backdoor to macOS Users

macOS users beware: a sneaky malware called FlutterShell is spreading through malicious ads and infected desktop apps, allowing hackers to take control of your device and steal sensitive data. This stealthy backdoor can execute commands, access files, and even siphon off browser session info - all while masquerading as legitimate software.

Analyst 207
Brightly-lit operation center with multiple workstations and cityscape background, hinting at network infrastructure.

Malvertising Campaign Targets macOS with FlutterShell Backdoor

Google swiftly suspended advertiser accounts linked to a massive malvertising campaign that spread a new macOS backdoor, known as FlutterShell, after researchers sounded the alarm. The culprits, tracked by Palo Alto Networks as CL-CRI-1089, used hundreds of verified Google ads and a web of shell companies to deceive ad networks.

Analyst 207
Laptop on a home office desk with a blank screen, smartphone, and notebook nearby.

Google Chrome Bolsters Defenses with Cookie Theft Protection Rollout

Google's new Cookie Theft Protection is a game-changer, tying session cookies to device hardware to prevent hackers from using stolen cookies to access your accounts. This cutting-edge tech binds user sessions to a machine's security chip, making it virtually impossible for thieves to get in.

Analyst 207
Cluttered home office desk with a Mac computer, papers, notebook, and pen.

ExifTool Flaw Exposes Macs to Arbitrary Command Execution

A newly discovered vulnerability in ExifTool, known as CVE-2026-3102, left Macs open to hackers who could exploit it to run malicious commands by hiding them in image metadata. This flaw allowed attackers to take control by slipping instructions into seemingly harmless image files.

Analyst 207
MacBook on a desk with Microsoft Teams open, surrounded by office items.

Microsoft Teams Hit by macOS Update Glitch

If you're a macOS user of Microsoft Teams, you might have encountered a frustrating glitch - a location-permission dialog that just won't go away, no matter how many times you click "Don't Allow". This annoying issue started surfacing on May 11, with some users reporting they had to click "Don't Allow" up to 20 times in a row.

Analyst 207
Dimly lit Apple laptop on cluttered desk with crypto wallet and password notes nearby, hint of backdoor vulnerability in…

Reaper Stealer Targets macOS Users with Password, Wallet Theft and Backdoor Attacks

macOS users beware: Reaper Stealer malware is on the loose, stealing passwords, crypto-wallets, and installing backdoors on infected machines. This triple-threat attack puts Apple platform users and their defenders on high alert.

Analyst 207
Cluttered home office desk with Mac laptop showing AppleScript code and fake app installer in background.

SHub Infostealer Variant Reaper Exploits macOS Security Updates

Researchers at SentinelOne have uncovered a sneaky new variant of the SHub macOS infostealer, called Reaper, which cleverly bypasses Apple's latest security updates by using a malicious AppleScript to trick users. This crafty malware uses fake installers to lure victims in, making it a serious threat to macOS users.

Analyst 207
A laptop on a simple desk in a corporate office with a blurred background of cubicles and a hint of a coding workspace on…

TanStack Supply Chain Attack Targets OpenAI, Forces macOS Updates

OpenAI sprang into action after detecting a sneaky supply chain attack targeting TanStack, quickly investigating and containing the threat to protect its systems. The attack impacted just two employee devices, with limited internal code repositories and credential material compromised.

Analyst 207
Person sitting in dark room with laptop showing fake login prompt and nearby smartphone and torn paper with credentials.

macOS ClickFix Attacks Harvest Credentials via AppleScript Stealers

macOS users beware: a sneaky ClickFix campaign is using AppleScript stealers to harvest credentials from 14 browsers, 16 cryptocurrency wallets, and over 200 extensions. This targeted attack has already made off with a staggering amount of sensitive info - and it's still on the loose.

Analyst 207

Anthropic's Claude Desktop sparks EU consent concerns

Can a single app really reach into your other software without asking for permission? The surprising behavior of Anthropic's Claude Desktop for macOS is raising eyebrows and sparking concerns about consent under EU law.

Analyst 207
Person sitting in dimly lit room with laptop and smartphone, faces obscured by shadows and fake login page.

North Korea Exploits Social Engineering to Target macOS Users

Beware of a sneaky new scam where North Korean hackers trick macOS users into handing over their credentials and cryptocurrency by posing as a fake Zoom update. They're using social engineering to get you to do the work for them, making it a low-cost but hard-to-stop threat.

Analyst 207
Broken chain link on dark background with laptop glow and scattered papers.

OpenAI Revokes macOS Certs Amid Supply Chain Breach Fallout

A recent supply chain breach has raised concerns about software trustworthiness, prompting OpenAI to revoke its macOS code-signing certificates after a malicious package was executed in its build pipeline. This swift action highlights the vulnerability of even the most secure systems to supply chain attacks.

Analyst 207
Broken padlock on cracked laptop keyboard surrounded by shattered glass and torn paper, with ominous shadow in background.

OpenAI Disrupts macOS App Signing Process After Supply Chain Breach

OpenAI recently took swift action to protect its users by revoking a macOS app certificate after discovering a malicious library had been downloaded through a GitHub Actions workflow used to sign its applications. This move highlights the vulnerability of even trusted software signing processes to supply chain breaches, and the importance of staying vigilant in macOS app security.

Analyst 207
Person in a dark room clicks on a laptop icon, surrounded by faint screens and wires.

MacOS ClickFix Attack Exploits Script Editor to Evade Apple Warnings

The cat-and-mouse game continues: after Apple added security warnings to Terminal, attackers behind the Atomic Stealer family adapted their ClickFix attack to exploit Script Editor instead. This latest move shows how adversaries constantly evolve to evade detection.

Analyst 207
Person sits in dimly lit room surrounded by broken tech, laptop displays fake error message.

macOS Users Targeted in ClickFix Malware Campaign

macOS users are being targeted in a sneaky new malware campaign called ClickFix, which tricks them into executing malicious commands by abusing the Script Editor and Terminal tools. This latest attack raises a pressing question: how can we trust our trusted tools when they're being exploited by hackers?

Analyst 207
Microsoft Grapples with Weeks-Long Exchange Online Mailbox Access Disruptions

Microsoft Grapples with Weeks-Long Exchange Online Mailbox Access Disruptions

Weeks of frustrating disruptions have left Outlook mobile and macOS users struggling to access their Exchange Online mailboxes, sparking a flurry of questions about reliability and resolution. Microsoft is actively investigating the issue, but for affected users, the wait for a fix continues.

Analyst 207
macOS Must-Have Security Stops Admin Errors Effortlessly

macOS Must-Have Security Stops Admin Errors Effortlessly

Stop administrative mistakes before they become breaches: a must-have macOS safeguard quietly blocks accidental mic/camera permissions, insecure SMB v1 shares, and other everyday missteps attackers exploit. Keep the convenience you need without handing adversaries an open door.

Analyst 207