macOS Archives - Security Affairs

Pierluigi Paganini July 05, 2025

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram. […]

Pierluigi Paganini May 13, 2025

Apple released security updates to fix multiple flaws in iOS and macOS

Apple released security updates to address easily exploitable vulnerabilities impacting iOS and macOS devices. Apple released urgent iOS and macOS security updates to patch critical flaws that could allow attackers to execute malicious code just by opening a crafted image, video, or website: Apple’s iOS 18.5 update addressed multiple critical flaws in AppleJPEG, CoreMedia, and […]

Pierluigi Paganini January 15, 2025

CVE-2024-44243 macOS flaw allows persistent malware installation

Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection (SIP). SIP in macOS safeguards the system by […]

Pierluigi Paganini January 10, 2025

Banshee macOS stealer supports new evasion mechanisms

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called […]

Pierluigi Paganini October 18, 2024

macOS HM Surf flaw in TCC allows bypass Safari privacy settings

Microsoft disclosed a flaw in the macOS Apple’s Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulnerability, tracked as CVE-2024-44133 and code-named ‘HM Surf’, in Apple’s Transparency, Consent, and Control (TCC) framework in macOS. Apple’s Transparency, Consent, and Control framework in macOS […]

Pierluigi Paganini August 16, 2024

Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claim it can steal a broad range of data from compromised systems, including browser […]

Pierluigi Paganini May 30, 2024

Experts found a macOS version of the sophisticated LightSpy spyware

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, […]

Pierluigi Paganini April 01, 2024

Info stealer attacks target macOS users

Experts warn of info stealer malware, including Atomic Stealer, targeting Apple macOS users via malicious ads and rogue websites. Jamf Threat Labs researchers analyzed info stealer malware attacks targeting macOS users via malicious ads and rogue websites. One of the attacks spotted by the researchers relied on sponsored ads proposed to the users while searching […]

Pierluigi Paganini February 10, 2024

macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. RustDoor is written in Rust language and supports multiple features. The malware impersonates a Visual Studio […]

Pierluigi Paganini January 22, 2024

Backdoored pirated applications targets Apple macOS users

Researchers warned that pirated applications have been employed to deliver a backdoor to Apple macOS users. Jamf Threat Labs researchers warned that pirated applications have been utilized to distribute a backdoor to Apple macOS users. The researchers noticed that the apps appear similar to ZuRu malware, they allow operators to download and execute multiple payloads […]

macOS

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Apple released security updates to fix multiple flaws in iOS and macOS

CVE-2024-44243 macOS flaw allows persistent malware installation

Banshee macOS stealer supports new evasion mechanisms

macOS HM Surf flaw in TCC allows bypass Safari privacy settings

Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

Experts found a macOS version of the sophisticated LightSpy spyware

Info stealer attacks target macOS users

macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Backdoored pirated applications targets Apple macOS users

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Critical Sudo bugs expose major Linux distros to local Root exploits

Google fined $314M for misusing idle Android users' data

A flaw in Catwatchful spyware exposed logins of +62,000 users

China-linked group Houken hit French organizations using zero-days

QUICK LINKS

macOS

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!