Apple iOS Patches Zero-Day Vulnerabilities
After The Cupertino company uncovered three iOS WebKit vulnerabilities, Apple patched these issues with fresh iOS 17.3 and macOS Sonoma 14.3 updates.
One of the vulnerabilities discovered “CVE-2024-23222” allowed the processing of malicious web content, which allowed threat actors to infect systems with arbitrary code.
Fake macOS Apps Used for Crypto-Stealing Malware Distribution
Kaspersky discovered a macOS Ventura vulnerability used by threat actors to distribute stealthy information-stealing malware, which if activated could lead to crypto wallet breaches and stolen credentials.
Disguised as legitimate macOS application cracks or app patching files, threat actors fool users into downloading and activating a malicious payload that runs arbitrary commands on the breached device and looks for breachable Bitcoin Core and Exodus Wallets.
Exfiltrated Info Automatically Spread on Discord Bot Channel
On an analysis published by Trellix security researcher Gurumoorthi Ramanathan, the “NS-STEALER” malware distributed via a hidden ZIP file could lead to captured data automatically displayed on the Discord bot channel “EventListener”.
The hidden malware “NS-STEALER” when deployed onto a user’s system, can automatically collect screenshots, cookies, credentials, autofill data, and system information from web browsers.
