Xcode projects weaponized to distribute Mac malware
A sneaky strain of malware dubbed XCSSET is doing the rounds via poisoned Xcode projects, mostly affecting Safari and other browsers running on a victim’s Mac.
Macros vs macOS: advanced exploit chain targeting Macs
Well-known researcher unveils a new powerful exploit that allows executing malicious Office macros on a Mac computer with zero user interaction.
Researcher unveils a new macOS security flaw
A developer has found a vulnerability that allows an attacker to bypass privacy protections in macOS Mojave and later versions of the operating system.
Safari 14 will introduce Face ID and Touch ID for the web
Apple is bridging the gap between its proprietary biometric authentication features and websites for a seamless sign-in experience not relying on passwords.
Malware authors use a new trick to circumvent macOS Catalina defenses
Security researchers discovered an unusual malware campaign targeting Mac computers that gets around the security mechanisms built into macOS Catalina.
Apple launches a new project to boost password security
Apple is up to enhancing its users’ authentication practices by releasing a list of password criteria for developers and password management services.
Apple pays researcher $100,000 for reporting a new security bug
A developer earns a bug bounty reward for reporting a Sign in with Apple zero-day vulnerability that could allow a hacker to access users’ online accounts.
Apple sends 11 email advisories alerting users to security loopholes
Apple has issued email advisories covering 11 security flaws in its software and hardware products, with the fixes being available through the latest updates.
Apple is at odds with DOJ over evidence posing “national security concerns”
Apple is confronted with U.S. government intervention in the newsmaking copyright infringement lawsuit against virtualization services provider Corellium.
Critical Zoom zero-days are up for sale on the dark web
Cybercriminals are reportedly selling two undocumented critical Zoom exploits that allow an attacker to infect systems and eavesdrop on users’ communications.