Microsoft has uncovered a new variant of the XCSSET macOS malware, which is targeting users' sensitive data, including cryptocurrency wallets and information stored in the Notes app. Active for at least five years, this malware spreads through compromised Xcode projects. The latest attacks used its
A game listed on the Steam store was discovered to contain password-stealing malware, leading to its removal from the platform. The game, PirateFi, appeared to be a survival game but was actually designed to install the Vidar infostealer, a type of malware that can steal passwords, session cookies,
A Chinese state-backed hacking group known as Salt Typhoon has continued targeting telecommunications providers worldwide, despite recent US sanctions and cybersecurity warnings. According to a report from cybersecurity firm Recorded Future, the group has successfully breached multiple telecom
Thousands of GFI KerioControl firewall devices have remained vulnerable to a critical remote code execution (RCE) flaw, CVE-2024-52875, despite security patches being made available since December 2024. The flaw allows attackers to exploit improper input sanitization in the firewall’s web
Apple has been instructed by UK authorities to create a backdoor in its iCloud encryption, as announced by the Washington Post. The directive, issued under the Investigatory Powers Act, would grant the government access to encrypted user data, affecting iCloud users not just in the UK, but
Malicious apps designed to steal cryptocurrency have made their way into Apple’s App Store and Google Play, marking the first known case of such malware successfully bypassing Apple’s strict security review process. According to cybersecurity firm Kaspersky, which first reported the findings,
Meta has confirmed a zero-click spyware attack on WhatsApp that targeted around 90 journalists and civil society members across more than two dozen countries. The breach, detected in December 2024, involved spyware from Israeli firm Paragon Solutions, delivered via a malicious PDF file in WhatsApp
In the ever-evolving landscape of cybersecurity, the integration of generative AI has become a pivotal point of discussion. To delve deeper into this groundbreaking technology and its impact on cybersecurity, we turn to renowned cybersecurity expert Jeremiah Fowler. In this exclusive Q&A
Chinese artificial intelligence startup DeepSeek has reported a "large-scale malicious attack" on its services, forcing the company to temporarily halt new user registrations. The attack coincided with the rapid rise of DeepSeek’s AI assistant app, which recently surpassed ChatGPT as the most
Ransomware gangs have recently begun posing as tech support to infiltrate networks and carry out malicious activities. These groups have been exploiting Microsoft services and tools, such as Microsoft Teams, for initial access and subsequent attacks. Security experts warn that this evolving