Skip to content
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks

CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks

Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that’s capable of harvesting sensitive data from compromised systems. Unlike other information stealers that are built on AppleScript droppers or Objective-C-based wrappers, CrashStealer is implemented in native C++, according to Jamf Threat Labs. “It validates the victim’s login passwordRead More »CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks

Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found

Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found

Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after researchers found a hidden browsing-history collector built into its official store version. The collector was dormant. An empty allow-list kept it switched off, and no proof has emerged that itRead More »Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, antibot evasion, artificial intelligence (AI)-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts. Distributed via Telegram and costing $400 a month (or $3,800 per year), attack chains leverage phishing

RabbitMQ Vulnerability Threatens Enterprise Systems

Unauthenticated attackers could obtain the broker’s confidential OAuth client secret, allowing them to take control of the broker. The post RabbitMQ Vulnerability Threatens Enterprise Systems appeared first on SecurityWeek.

Copyright © 2026 infosecintel.net