Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
Apple develops operating systems and devices whose vulnerabilities, security advisories, and updates affect users, enterprises, and connected ecosystems.
Search across headline titles and summaries.
Background for this topic.
Apple’s ecosystem consists of proprietary operating systems like iOS and macOS, powering devices such as iPhones, iPads, and Macs. These platforms integrate hardware-based security features—such as secure enclaves for cryptographic operations, mandatory app sandboxing, and biometric authentication—to protect user data and system integrity. Apple’s tightly controlled app distribution through the App Store reduces exposure to malware but does not eliminate risks from zero-day exploits or sophisticated attacks targeting system vulnerabilities.
Security practitioners must prioritize timely application of Apple’s security updates, as unpatched iOS and macOS flaws are frequently targeted for privilege escalation and remote code execution. Credential attacks against Apple ID and iCloud services remain common, enabling unauthorized access to sensitive data and backups. Understanding Apple’s privacy settings, encryption mechanisms, and forensic artifact availability is critical for detecting and mitigating threats within environments that include Apple devices.
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
One vendor's zero-day is another vendor's routine patch...
As the verification technology weathers ongoing criticism from users, one anti-bot security vendor rolls out its own tool Apple last month gave hope to a large segment of the mobile device-using population when it announced that the upcoming iOS 16 operating system will eliminate the requirement to use CAPTCHAs to verify their humanity before accessing a website.…
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system
After hitting Germany, Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices. [...]