macOS Archives • Page 2 of 7 • Daily CyberSecurity

“Sophisticated” Zero-Day Demystified: Public Exploit Drop Blows Cover on Critical Apple WebKit Flaw Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

“Sophisticated” Zero-Day Demystified: Public Exploit Drop Blows Cover on Critical Apple WebKit Flaw

Do Son January 8, 2026

The “black box” of a highly sophisticated Apple zero-day has just been cracked open. Security researcher jir4vv1t...

The Logitech Blackout: How an Expired Certificate Bricked Your Mac Mouse Settings Logitech macOS certificate fix, Logi Options+ G HUB manual update Logi Options+ macOS certificate error, Logitech mouse settings not working 2026

Logitech macOS certificate fix, Logi Options+ G HUB manual update Logi Options+ macOS certificate error, Logitech mouse settings not working 2026

The Logitech Blackout: How an Expired Certificate Bricked Your Mac Mouse Settings

Do Son January 7, 2026

If you use a Logitech mouse together with the companion software Logi Options+, you may have noticed...

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation macOS TCC Bypass, CVE-2025-43530

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation

Do Son January 6, 2026

Apple’s privacy fortress, the Transparency, Consent, and Control (TCC) framework, has been breached once again. Security researcher...

macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access macOS Installer Hijack, .localized LPE

macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access

Do Son December 16, 2025

A stubborn vulnerability in macOS third-party installers has resurfaced, allowing attackers to hijack privileged processes and gain...

macOS Privilege Escalation Flaw Bypasses Patch for Root Access, Poc Releases! macOS Privilege Escalation, .zprofile Exploit

macOS Privilege Escalation Flaw Bypasses Patch for Root Access, Poc Releases!

Do Son December 9, 2025

Security researcher Morris Richman has disclosed a new privilege escalation vulnerability, CVE-2025-43472, which could allow an attacker...

macOS Wallet Stealer Uncovered: “Nova” Malware Replaces Ledger/Trezor Apps with Phishing Clones for Seed Theft macOS Wallet Stealer, Trezor Ledger Phishing

macOS Wallet Stealer, Trezor Ledger Phishing

macOS Wallet Stealer Uncovered: “Nova” Malware Replaces Ledger/Trezor Apps with Phishing Clones for Seed Theft

Do Son November 19, 2025

A new macOS stealer campaign—internally dubbed “Nova” by researchers—has been uncovered by reverse engineer Bruce, revealing a...

MacBook’s Virtual Ring Light May Come to Windows 11 via PowerToys Edge Light Windows 11 FAT32 limit Microsoft OOB update January 2026, Remote Desktop login shutdown bug Windows Edge Light PowerToys Ring Light

Windows 11 FAT32 limit Microsoft OOB update January 2026, Remote Desktop login shutdown bug Windows Edge Light PowerToys Ring Light

MacBook’s Virtual Ring Light May Come to Windows 11 via PowerToys Edge Light

Do Son November 18, 2025

The forthcoming macOS 26.2 update, now in testing, introduces a new feature designed to enhance the quality...

macOS Tahoe Beta Reveals ‘Edge Light’: Apple’s New AI-Driven Virtual Ring Light for Video Calls macOS Edge Light MacBook Ring Light

macOS Tahoe Beta Reveals ‘Edge Light’: Apple’s New AI-Driven Virtual Ring Light for Video Calls

Do Son November 14, 2025

Apple has recently released the macOS Tahoe 26.2 Developer Beta, within which a new feature known as...

macOS Threat: AppleScript (.scpt) Files Emerge as New Stealth Vector for Stealer Malware AppleScript Malware, macOS Supply Chain

macOS Threat: AppleScript (.scpt) Files Emerge as New Stealth Vector for Stealer Malware

Do Son November 14, 2025

A new malware distribution trend is emerging across the macOS threat landscape, according to fresh research from...

Vibe Coding apps Vibe Coding App Store surge Vibe Coding App Store Apple 50th Anniversary hardware Brazil CADE Apple settlement, iOS third-party app stores Brazil Tim Cook Succession Apple CEO Rumors App Store Mini Apps 15% Commission Fee iOS Japan Sideloading, Third-Party App Stores Web App Store, App Discovery Apple Age Verification, Texas SB2420 Apple AI acquisitions App Store, Antitrust Apple WebKit, Japan Regulations App Store Age Ratings, Parental Controls Apple App Store, Epic Games Lawsuit

Years Late: Apple Finally Launches Full Web-Based App Store Homepage with Search & Discovery

Do Son November 4, 2025

For many years, Apple refrained from offering a web version of the Apple App Store—though that statement...

BlueNoroff APT Launches AI-Enhanced Espionage on macOS, Using GPT-4o Images in Fake GhostCall Meetings NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

BlueNoroff APT Launches AI-Enhanced Espionage on macOS, Using GPT-4o Images in Fake GhostCall Meetings

Do Son October 29, 2025

The North Korean APT group BlueNoroff — also known as Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima,...

High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server OpenVPN Script Injection CVE-2025-10680

High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server

Do Son October 28, 2025

Security researchers have disclosed a high-severity vulnerability, tracked as CVE-2025-10680 (CVSS 8.8), affecting OpenVPN 2.7_alpha1 through 2.7_beta1...

OpenAI Buys Mac Automation App to Give ChatGPT System-Level Control OpenAI acquisition, agentic AI

OpenAI Buys Mac Automation App to Give ChatGPT System-Level Control

Do Son October 25, 2025

OpenAI recently announced the acquisition of a company called Software Applications, best known for its newly released...

Apple Planning Touchscreen OLED MacBook Pro with M6 Chip for Late 2026 Debut MacBook Pro OLED touch screen MacBook Pro Touchscreen, M6 Chip OLED M5 MacBook Pro, 24-Hour Battery

MacBook Pro OLED touch screen MacBook Pro Touchscreen, M6 Chip OLED M5 MacBook Pro, 24-Hour Battery

Apple Planning Touchscreen OLED MacBook Pro with M6 Chip for Late 2026 Debut

Do Son October 17, 2025

According to recent reports, Apple appears poised to break from long-standing tradition by introducing touchscreen functionality to...

Meta Retiring Messenger Desktop App on Dec 15, Redirecting Users to Web Version Messenger Desktop EOL, Web Redirect Meta Political Ads, EU Regulation Meta EU Fine, DMA Compliance Meta AI, PlayAI Acquisition bypass AI security Meta AI EU Data Privacy

Messenger Desktop EOL, Web Redirect Meta Political Ads, EU Regulation Meta EU Fine, DMA Compliance Meta AI, PlayAI Acquisition bypass AI security Meta AI EU Data Privacy

Meta Retiring Messenger Desktop App on Dec 15, Redirecting Users to Web Version

Do Son October 17, 2025

Meta has announced the official discontinuation of its Messenger desktop application for macOS and Windows, redirecting users...

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers Homebrew Spoofing, Clipboard Injection

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers

Do Son October 13, 2025

Researchers from Kandji’s Threat Intelligence team uncovered a malware campaign targeting macOS users through spoofed Homebrew installer...

Motorola Smart Feed redirect Anthropic Amazon 5GW partnership Amazon Perplexity lawsuit AWS-LC Vulnerabilities Cryptographic Bypass AWS Middle East drone strikes Amazon layoffs 2026, Amazon AI restructuring Amazon Kindle DRM Policy, Publisher Control EPUB AWS Nova Forge AI Model Customization AWS Trainium3 EC2 Trn3 UltraServer Route 53 Accelerated Recovery AWS DNS Resilience AI Browser War, Amazon Comet Amazon layoffs, cost reduction AWS outage, DynamoDB DNS AWS outage, cloud dependency AWS VPN Client, Root Privilege Escalation WSA shutdown, Amazon Appstore Amazon Wondery, Podcast Restructuring Amazon Q2 2025 Generative AI AWS Client VPN, Privilege Escalation Amazon AI, Wearable AI

Critical AWS VPN Client Flaw CVE-2025-11462 (CVSS 9.3) Allows Root Privilege Escalation on macOS

Do Son October 8, 2025

Amazon Web Services (AWS) has released an important security bulletin warning users of a critical local privilege...

PoC Exploit Details for Actively Exploited iOS Zero-Day Flaw Now Public Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

PoC Exploit Details for Actively Exploited iOS Zero-Day Flaw Now Public

Do Son September 29, 2025

Proof-of-concept exploit code is now publicly available online for a zero-day flaw in iOS/iPadOS, macOS, tvOS, watchOS,...

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users LastPass, macOS infostealer

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users

Do Son September 22, 2025

The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has issued a warning about an ongoing infostealer...

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials

Do Son September 22, 2025

Zscaler ThreatLabz has uncovered yet another supply chain attack against the Python Package Index (PyPI). In August...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

macOS

“Sophisticated” Zero-Day Demystified: Public Exploit Drop Blows Cover on Critical Apple WebKit Flaw

The Logitech Blackout: How an Expired Certificate Bricked Your Mac Mouse Settings

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation

macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access

macOS Privilege Escalation Flaw Bypasses Patch for Root Access, Poc Releases!

macOS Wallet Stealer Uncovered: “Nova” Malware Replaces Ledger/Trezor Apps with Phishing Clones for Seed Theft

MacBook’s Virtual Ring Light May Come to Windows 11 via PowerToys Edge Light

macOS Tahoe Beta Reveals ‘Edge Light’: Apple’s New AI-Driven Virtual Ring Light for Video Calls

Years Late: Apple Finally Launches Full Web-Based App Store Homepage with Search & Discovery

High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server

OpenAI Buys Mac Automation App to Give ChatGPT System-Level Control

Apple Planning Touchscreen OLED MacBook Pro with M6 Chip for Late 2026 Debut

Meta Retiring Messenger Desktop App on Dec 15, Redirecting Users to Web Version

Homebrew Spoofing: Fake Installer Sites Use Clipboard Injection to Compromise macOS Developers

Critical AWS VPN Client Flaw CVE-2025-11462 (CVSS 9.3) Allows Root Privilege Escalation on macOS

PoC Exploit Details for Actively Exploited iOS Zero-Day Flaw Now Public

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials