Advertisement
Axios npm Package Hijacked: Cross-Platform Malware Distribution
Analysis of the Axios npm package hijack distributing remote access trojans to Linux, Windows, and macOS systems. Learn to protect your software supply chain.
macOS Terminal ClickFix Protections: Blocking Malicious Shell Commands
Apple introduces Terminal warnings in macOS Sequoia 15.2 to combat ClickFix social engineering attacks that trick users into executing malicious shell scripts.
Infinity Stealer macOS Malware: Analyzing ClickFix Lures and Payloads
Infinity Stealer targets macOS via ClickFix social engineering. Learn how this Nuitka-compiled malware steals browser data, crypto wallets, and Keychain info.
ClickFix Social Engineering Drops Infiniti Stealer on macOS
Attackers use fake Cloudflare CAPTCHA pages and ClickFix tactics to deliver the Python-based Infiniti Stealer to macOS systems via terminal commands.
Apple Addresses 85 Vulnerabilities in Recent OS Updates
Apple released significant security updates patching 85 vulnerabilities across macOS, iOS, iPadOS, tvOS, watchOS, and visionOS, with no active exploitation reported.
CVE-2026-20643: Apple Patches WebKit Same-Origin Policy Bypass
Apple addresses CVE-2026-20643, a critical WebKit Navigation API flaw allowing Same-Origin Policy bypass on iOS and macOS. Deploy updates immediately.
Apple CVE-2026-20643: WebKit Flaw Fixed via Background Update
Apple deploys the first Background Security Improvements update to address a critical WebKit vulnerability (CVE-2026-20643) across iOS and macOS platforms.
Apple Patches CVE-2023-43010 WebKit Vulnerability in Older Devices
Apple backports fixes for CVE-2023-43010 in older iOS and macOS versions to defend against the Coruna exploit kit targeting WebKit memory corruption.
npm Malware @openclaw-ai/openclawai: macOS Credential Theft Alert
Security alert for @openclaw-ai/openclawai, a malicious npm package targeting macOS users to deploy remote access trojans and steal sensitive credentials.
macOS coreaudiod Type Confusion Exploitation: CVE-2024-54529
Analysis of CVE-2024-54529, a critical type confusion vulnerability in macOS coreaudiod, detailing its exploitation and necessary mitigations.