MacOS
Delve into the world of macOS with our dedicated news section. Stay updated on the latest operating system updates, software releases, productivity tools, and insider perspectives on Apple’s ecosystem. Explore practical tips, troubleshooting advice, and feature highlights to optimize your macOS experience.
Apple pushes first Background Security Improvements update to fix WebKit flaw
Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade. The CVE-2026-20643 flaw allows malicious web content to bypass the browser’s Same Origin Policy. Apple says the flaw is a cross-origin issue in the Navigation API that was addressed […]
Apple fixes zero-day flaw used in ‘extremely sophisticated’ attacks
Apple has released security updates to fix a zero-day vulnerability that was exploited in an “extremely sophisticated attack” targeting specific individuals. Tracked as CVE-2026-20700, the flaw is an arbitrary code execution vulnerability in dyld, the Dynamic Link Editor used by Apple operating systems, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. Apple’s security bulletin warns […]
North Korean hackers use new macOS malware in crypto-theft attacks
North Korean hackers are running tailored campaigns using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the cryptocurrency sector. The threat actor’s goal is financial, as suggested by the role of the tools used in an attack on a fintech company investigated by Google’s Mandiant researchers. During […]
New GlassWorm attack targets macOS via compromised OpenVSX extensions
A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems. The threat actor gained access to the account of a legitimate developer (oorzc) and pushed malicious updates with the GlassWorm payload to four extensions that had been downloaded 22,000 times. GlassWorm attacks first appeared […]
New Windows updates replace expiring Secure Boot certificates
Microsoft has started automatically replacing expiring Secure Boot certificates on eligible Windows 11 24H2 and 25H2 systems. Secure Boot is a security feature that blocks malicious software (like rootkit malware) from executing during the system startup sequence by ensuring that only trusted bootloaders can load on computers with UEFI firmware. This is done by checking the software’s digital signature […]
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted vulnerabilities became publicly known. In attacks from December 2025 analyzed by Huntress, managed security company, the hackers used a sophisticated virtual machine (VM) escape that likely exploited three VMware […]
Logitech Options+, G HUB macOS apps break after certificate expires
Logitech’s Options+ and G Hub apps on macOS stopped working after their code-signing certificate expired, leaving users unable to launch them on Apple systems. Options+ is Logitech’s input device configuration app, while G HUB is a similar app focused on customizing compatible Logitech G gaming peripherals. Both allow setting app profiles, button remapping, lighting options, […]
New MacSync malware dropper evades macOS Gatekeeper checks
The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application. Security researchers at Apple device management platform Jamf say that the distribution method constitutes a significant evolution from past iterations that used less sophisticated “drag-to-Terminal” or ClickFix tactics. “Delivered as a code-signed and notarized Swift application within […]
Lost iPhone? Don’t fall for phishing texts saying it was found
The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. When iPhone customers lose their phone or it is stolen, they can set a custom message in Apple’s Find My app that appears on […]
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. XCSSET is a modular macOS malware that acts as an infostealer and cryptocurrency stealer, stealing Notes, cryptocurrency wallets, and browser data from […]