New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more
Apple develops operating systems and devices whose vulnerabilities, security advisories, and updates affect users, enterprises, and connected ecosystems.
Search across headline titles and summaries.
Background for this topic.
Apple’s ecosystem consists of proprietary operating systems like iOS and macOS, powering devices such as iPhones, iPads, and Macs. These platforms integrate hardware-based security features—such as secure enclaves for cryptographic operations, mandatory app sandboxing, and biometric authentication—to protect user data and system integrity. Apple’s tightly controlled app distribution through the App Store reduces exposure to malware but does not eliminate risks from zero-day exploits or sophisticated attacks targeting system vulnerabilities.
Security practitioners must prioritize timely application of Apple’s security updates, as unpatched iOS and macOS flaws are frequently targeted for privilege escalation and remote code execution. Credential attacks against Apple ID and iCloud services remain common, enabling unauthorized access to sensitive data and backups. Understanding Apple’s privacy settings, encryption mechanisms, and forensic artifact availability is critical for detecting and mitigating threats within environments that include Apple devices.
Weekly headline count for the current query.
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices
Total figure for fraudulent transactions Apple has blocked since 2020 now stands at over $11bn
Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5
Apple patches iOS flaw that retained deleted notifications, exposing message data
macOS 26.4 update introduced security warnings into Terminal to prevent ClickFix attacks, so attackers have shifted to Script Editor instead
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit
Exploit kit "Coruna" targets iPhones running iOS 13.0 to 17.2.1, focusing on financial data theft
iOS 26.4 Beta adds end-to-end encryption for RCS messaging and enhanced Memory Integrity Enforcement
ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access
A newly discovered macOS malware mimics legitimate apps code-signed and notarized by Apple
Apple has doubled its top bug bounty reward to $2m but with bonuses it could reach $5m
One third of Android and over half iOS apps shown to be leaking insecure APIs and hardcoded secrets
Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency
Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps
A massive IPTV privacy network has been uncovered distributing unlicensed content from major brands including Apple TV, Disney+, HBO, Netflix and more
All Apple users are encouraged to update their iPhones, iPads and macOS devices
US director of national intelligence, Tulsi Gabbard, stated that her government persuaded the UK to withdraw its controversial demand
A bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be made public
iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users