apple
-
Forensic Investigation Reveals Pegasus Spyware Compromise of MEP Stelios Kouloglou
On July 3, 2026, Citizen Lab published a comprehensive forensic report documenting the unauthorized infection of former Greek Member of…
Read More » -
Technical Breakdown: The De-anonymization Vulnerability in Apple’s Hide My Email
Apple’s Hide My Email, a cornerstone of the iCloud+ privacy suite, is currently facing a critical architectural flaw that threatens…
Read More » -
Digital Repression: How Russian Authorities Breached an Activist’s iPhone
A technical investigation into the digital footprint of detained human rights activist Andrey Pivovarov has uncovered evidence that Russian state…
Read More » -
Technical Analysis: Deconstructing the FlutterShell macOS Backdoor via Operation FlutterBridge
The CL-CRI-1089 threat cluster, identified as part of Operation FlutterBridge, represents a sophisticated evolution in macOS-targeted endpoint exploitation. By repurposing…
Read More » -
The iOS LLM Security Gap: How 282 AI Apps are Leaking Critical API Credentials
As Large Language Models (LLMs) become deeply integrated into the mobile ecosystem, a new and systemic security vulnerability has emerged.…
Read More » -
Exploiting Trust: How Malvertisers Leveraged GitLab and Claude.ai for In-Memory RAT Deployment
A highly sophisticated malvertising and social engineering campaign has recently emerged, showcasing a tactical pivot from weaponized GitLab Pages to…
Read More » -
Technical Analysis: Sapphire Sleet’s Cascading AppleScript Payload Chain on macOS
Recent threat intelligence has uncovered a sophisticated macOS campaign attributed to the North Korean actor Sapphire Sleet. The campaign leverages…
Read More » -
Operation FlutterBridge: The Evolution of macOS Malvertising via the FlutterShell Backdoor
The macOS threat landscape is undergoing a tactical shift as threat actors pivot from simple adware to sophisticated, modular backdoors.…
Read More » -
From AUDIOFIX to MINIRAT: JINX-0164’s macOS and Supply Chain Compromise Lifecycle
A sophisticated new threat actor, tracked as JINX-0164, has emerged with a highly specialized focus on the cryptocurrency sector. Unlike…
Read More » -
JINX-0164: The Orchestrated Targeting of Crypto-Development Pipelines
A sophisticated new threat actor, identified as JINX-0164, has emerged with a specialized focus on infiltrating cryptocurrency organizations. Unlike broad-spectrum…
Read More » -
FROST: Exploiting OPFS and SSD Timing for Cross-Browser Fingerprinting
Modern web browsers are designed with rigorous sandboxing to ensure that a website in one tab cannot “reach out” and…
Read More » -
VaultJacking: How a Single 6-Digit PIN Can Compromise an Entire Google Credential Ecosystem
A sophisticated new phishing methodology, identified by researchers as “VaultJacking,” is sending shockwaves through the cybersecurity community. The vulnerability demonstrates…
Read More » -
Cybersecurity Alert: Sophisticated Phishing Campaign Targets SBI YONO Users via Aadhaar Compliance Pretext
The State Bank of India (SBI), the nation’s largest public sector lender, has issued a critical security advisory regarding an…
Read More » -
New Zero-Click Exploit Chain Targeting WhatsApp on iOS 16
A sophisticated new zero-click exploit chain has been identified targeting iPhone users running iOS 16, enabling threat actors to hijack…
Read More » -
Security Analysis: Unencrypted WhatsApp Databases and Cross-App Data Exposure on Apple Platforms
Recent security audits by researchers at Mysk have uncovered significant architectural vulnerabilities regarding how WhatsApp manages message databases on macOS…
Read More » -
Anatomy of Reaper: Fileless macOS Infostealing via AppleScript, Geofencing, and Persistent Backdoors
A sophisticated new evolution of the SHub macOS infostealer, identified by researchers as “Reaper,” is currently active in the wild.…
Read More »