Category: Apple

Apple blocked over $11 billion in App Store fraud in 6 years Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent App Store transactions in 2025 alone. […] Sergiu Gatlan Go to bleepingcomputer

Apple fixes bug that let the FBI recover deleted Signal messages Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. […] Lawrence Abrams Go to bleepingcomputer

Apple account change alerts abused to send phishing emails Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple’s servers, increasing legitimacy and potentially allowing them to bypass spam filters. […] Lawrence Abrams Go to bleepingcomputer

Apple expands iOS 18 updates to more iPhones to block DarkSword attacks Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit. […] Lawrence Abrams Go to bleepingcomputer

CISA orders feds to patch DarkSword iOS flaws exploited attacks CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. […] Sergiu Gatlan Go to bleepingcomputer

Apple pushes first Background Security Improvements update to fix WebKit flaw Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade. […] Lawrence Abrams Go to bleepingcomputer

Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks Apple has released security updates to fix a zero-day vulnerability that was exploited in an “extremely sophisticated attack” targeting specific individuals. […] Lawrence Abrams Go to bleepingcomputer

New Apple privacy feature limits location tracking on iPhones, iPads Apple is introducing a new privacy feature that lets users limit the precision of location data shared with cellular networks on some iPhone and iPad models. […] Sergiu Gatlan Go to bleepingcomputer

New MacSync malware dropper evades macOS Gatekeeper checks The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application. […] Bill Toulas Go to bleepingcomputer

Apple fixes two zero-day flaws exploited in ‘sophisticated’ attacks Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an “extremely sophisticated attack” targeting specific individuals. […] Lawrence Abrams Go to bleepingcomputer

Google ads for fake Homebrew, LogMeIn sites push infostealers A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. […] Bill Toulas Go to bleepingcomputer

Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. […] Lawrence Abrams Go to bleepingcomputer

Fake Mac fixes trick users into installing new Shamos infostealer A new infostealer malware targeting Mac devices, called ‘Shamos,’ is targeting Mac devices in ClickFix attacks that impersonate troubleshooting guides and fixes. […] Bill Toulas Go to bleepingcomputer

Apple fixes new zero-day flaw exploited in targeted attacks Apple has released emergency updates to patch another zero-day vulnerability that was exploited in an “extremely sophisticated attack.” […] Sergiu Gatlan Go to bleepingcomputer

Kali Linux can now run in Apple containers on macOS systems Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple’s new containerization framework. […] Lawrence Abrams Go to bleepingcomputer

Graphite spyware used in Apple iOS zero-click attacks on journalists Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. […] Bill Toulas Go to bleepingcomputer

Apple ‘AirBorne’ flaws can lead to zero-click AirPlay RCE attacks ​A set of security vulnerabilities in Apple’s AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code execution. […] Sergiu Gatlan Go to bleepingcomputer

Apple fixes two zero-days exploited in targeted iPhone attacks Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an “extremely sophisticated attack” against specific targets’ iPhones. […] Lawrence Abrams Go to bleepingcomputer

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in “extremely sophisticated” attacks. […] Sergiu Gatlan Go to bleepingcomputer

Apple pulls iCloud end-to-end encryption feature in the UK Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers’ encrypted cloud data. […] Sergiu Gatlan Go to bleepingcomputer

New FrigidStealer infostealer infects Macs via fake browser updates The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. […] Bill Toulas Go to bleepingcomputer

Microsoft spots XCSSET macOS malware variant used for crypto theft A new variant of the XCSSET macOS modular malware has emerged in attacks that target users’ sensitive information, including digital wallets and data from the legitimate Notes app. […] Bill Toulas Go to bleepingcomputer

Apple fixes zero-day exploited in ‘extremely sophisticated’ attacks Apple has released emergency security updates to patch a zero-day vulnerability that the company says was exploited in targeted and “extremely sophisticated” attacks. […] Sergiu Gatlan Go to bleepingcomputer

Apple fixes this year’s first actively exploited zero-day bug ​Apple has released security updates to fix this year’s first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. […] Sergiu Gatlan Go to bleepingcomputer

Phishing texts trick Apple iMessage users into disabling protection Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. […] Lawrence Abrams Go to bleepingcomputer