Actively exploited macOS 0day let hackers take screenshots of infected Macs

Gloved hands manipulate a laptop with a skull and crossbones on the display.

discovered by security firm Trend Micro last August. XCSSET used what at the time were two zerodays to infect Mac developers with malware that stole browser cookies and files; injected backdoors into websites; stole information from Skype, Telegram, and other installed apps; took screenshots; and encrypted files and showed a ransom note.

A third zeroday

Infections came in the form of malicious projects that the attacker wrote for Xcode, a tool that Apple makes available for free to developers writing apps for macOS or other Apple OSes. As soon as one of the XCSSET projects was opened and built, TrendMicro said, the malicious code would run on the developers’ Macs. An Xcode project is a repository for all the files, resources, and information needed to build an app.

Read 10 remaining paragraphs | Comments

Synergy Unleashed: the Dynamic Collaboration of SUSE and …
SUSE GUEST BLOG AUTHORED BY: Colin Griffin, Founder and CEO at Krumware The cloud-native landscape has forever... The post Synergy Unleashed: the Dynamic Collaboration of SUSE and … appeared first on LinuxPunx.
SUSE Academic Training Programme
Empowering Universities with SUSE Academic Training Programme Universities play a vital role in shaping the future... The post SUSE Academic Training Programme appeared first on LinuxPunx.

A third zeroday

Related Posts

Pakistan shut down the internet – but that didn’t stop the protests

Passkeys may not be for you, but they are safe and easy—here’s why

The Download: open vs closed AI, and Google’s uneasy demo

Discover more from WHO WILL CARE eCommerce