Malware bypassed macOS Gatekeeper by abusing Apple's notarization proccess

A new variant of the MacSync Stealer uses a code-signed Swift application to get around Apple's macOS Gatekeeper protections.
iDrop News

Don’t Trust the Double-Click: This Mac Malware Was ‘Approved’ by Apple

A new version of the MacSync Stealer malware has been found masquerading as a legitimate, notarized app. It bypasses standard macOS security warnings to harvest credentials and crypto wallets.
SecurityWeek

MacSync macOS Malware Distributed via Signed Swift Application

New MacSync Stealer version is executed via a signed and notarized Swift application, eliminating the need for direct ...

MacSync Stealer variant finds a way to bypass Apple malware protections

We’ve recently seen how ChatGPT was used to trick Mac users into installing MacStealer, and now a different tactic ...
CSO Online

MacSync Stealer malware bypasses macOS Gatekeeper security warnings

MacSync Stealer, by contrast, is downloaded from an ordinary-looking utility URL as a code-signed and notarized Swift ...
Bleeping Computer

New 'PowerDrop' PowerShell malware targets U.S. aerospace industry

A new PowerShell malware script named 'PowerDrop' has been discovered to be used in attacks targeting the U.S. aerospace defense industry. PowerDrop was discovered by Adlumin, who last month found a ...
eWeek

Google Apps Script Vulnerability Exposes Malware Risks

Security firm Proofpoint on Jan. 4 warned of a new attack vector that could enable hackers to abuse Google Apps Script to exploit cloud users. Google Apps Script is a JavaScript-based language used ...
Direct Marketing News

Script kiddies targeted by fake malware builder

Tension: Inexperienced hackers crave shortcuts to power, yet the very tools that promise a shortcut often flip and claim the hackers as victims. Noise: Forums and YouTube tutorials glamorize “plug-and ...