fp-4c
-
Read moreSilver Dragon, a threat group linked to APT41, is targeting government entities using Cobalt Strike, DLL sideloading, DNS tunneling, and Google Drive-based command-and-control techniques. -
Read moreZoom vulnerabilities allow unauthorized access—learn about the CVEs, risks, and urgent update needs to secure your video calls. -
Posted: October 14, 2025Comments: 1Views: 119Read moreKandji uncovers a September 2025 campaign where attackers clone Homebrew sites to inject malware like Odyssey Stealer via clipboard tricks—exploit C2 servers and bypass trust; mitigate by verifying sources and using endpoint monitoring. -
Read moreCVE-2025-43400 enables out-of-bounds writes via malicious fonts, risking app crashes and memory corruption on macOS, iOS, and more—no active exploits yet, but RCE potential. Update to Sequoia 15.7.1 immediately for protection against untrusted files. -
Read moreMicrosoft uncovers advanced XCSSET variant infecting Xcode projects for macOS devs—adds Firefox data exfiltration, crypto wallet clipboard swaps via AES-encrypted AppleScripts, and LaunchDaemon persistence. Mitigate with updates, Defender for Endpoint, and domain blocks. -
Read moreCybercriminals use a fake Microsoft Teams download site to distribute the Odyssey macOS stealer, stealing credentials, crypto wallets, and sensitive data. Learn how to protect your Mac. -
Read moreHackers are exploiting macOS security features like Keychain, TCC, SIP, and Gatekeeper to spread malware. Learn how to detect and prevent these advanced macOS attacks. -
Read moreDiscover PromptLock, the first AI-powered ransomware using OpenAI's gpt-oss:20b model, enabling sophisticated attacks across multiple platforms. -
Read moreA new variant of the macOS.ZuRu malware exploits a compromised Termius SSH client to turn developer workstations into remote access points. Learn about the risks and how to protect your systems.
