New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more
The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.
Search across headline titles and summaries.
Background for this topic.
Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.
For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.
Weekly headline count for the current query.
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more
A new multi-purpose backdoor allows cyber threat actors to conduct both quiet espionage activity and destructive wiping operations
Huntress found a threat actor using vibe-coded PowerShell to map an Active Directory network
Cisco Talos said China-linked APT UAT-7810 is growing its proxy relay network with new malware
Securonix said the Veil#Drop campaign abuses Google Blogspot to deliver PureLog Stealer in memory
Attackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malware
ReliaQuest report warns of a surge in ClickFix social engineering attacks against Windows and macOS users
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers
Fake AI guides hide a multi-stage chain that drops AsyncRAT, with signs of AI-assisted coding
Threat actors push fake free-software tutorials on TikTok and Instagram to spread Vidar stealer
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools
A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds
Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator
New actor Jinx-0164 hit crypto developers with fake recruiter lures and macOS malware
Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit
HiddenLayer reveals infostealer malware in a Hugging Face repository