Malware bypassed macOS Gatekeeper by abusing Apple's notarization proccess

A new variant of the MacSync Stealer uses a code-signed Swift application to get around Apple's macOS Gatekeeper protections.
SecurityWeek

MacSync macOS Malware Distributed via Signed Swift Application

New MacSync Stealer version is executed via a signed and notarized Swift application, eliminating the need for direct ...
iDrop News

Don’t Trust the Double-Click: This Mac Malware Was ‘Approved’ by Apple

A new version of the MacSync Stealer malware has been found masquerading as a legitimate, notarized app. It bypasses standard macOS security warnings to harvest credentials and crypto wallets.
eWeek

Google Apps Script Vulnerability Exposes Malware Risks

Security firm Proofpoint on Jan. 4 warned of a new attack vector that could enable hackers to abuse Google Apps Script to exploit cloud users. Google Apps Script is a JavaScript-based language used ...

MacSync Stealer variant finds a way to bypass Apple malware protections

We’ve recently seen how ChatGPT was used to trick Mac users into installing MacStealer, and now a different tactic ...
Bleeping Computer

New 'PowerDrop' PowerShell malware targets U.S. aerospace industry

A new PowerShell malware script named 'PowerDrop' has been discovered to be used in attacks targeting the U.S. aerospace defense industry. PowerDrop was discovered by Adlumin, who last month found a ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...