CyberSecurityBoard
Sponsor Register Login

Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs

Microsoft has issued a warning about a new variant of the XCSSET malware targeting macOS users, specifically developers using Apple's Xcode IDE. This malware variant is notable for its advanced capabilities to steal sensitive information and evade detection. It primarily targets Xcode projects by injecting malicious code, which can compromise the security of applications being developed. The malware exploits vulnerabilities to gain persistence on infected systems and can steal data such as browser cookies, screenshots, and other personal information. This new variant also includes enhancements that allow it to bypass Apple's security mechanisms more effectively than previous versions. Developers are urged to update their software regularly, avoid downloading suspicious files, and use robust security solutions to protect their development environments. The emergence of this malware highlights the increasing threat landscape for macOS users, especially those involved in software development, underscoring the need for heightened vigilance and proactive cybersecurity measures.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 25 Sep 2025 22:50:31 +0000


Cyber News related to Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs

New Variant of macOS Threat XCSSET Spotted in the Wild - To avoid downloading Xcode projects infected with XCSSET, Microsoft recommends that developers and users "always inspect and verify any Xcode projects downloaded or cloned from repositories" that potentially will spread the malware. ...
9 months ago Darkreading.com
Microsoft spots XCSSET macOS malware variant used for crypto theft - A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. XCSSET then creates a malicious Launchpad application with ...
9 months ago Bleepingcomputer.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
3 years ago
New macOS XCSSET Variant Targets Apple’s Xcode Developer Tool to Infect Apps - A new variant of the XCSSET malware has been discovered targeting macOS systems by exploiting Apple's Xcode developer tool. This sophisticated malware variant focuses on infecting applications built with Xcode, allowing attackers to inject malicious ...
2 months ago Thehackernews.com
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs - Microsoft has issued a warning about a new variant of the XCSSET malware targeting macOS users, specifically developers using Apple's Xcode IDE. This malware variant is notable for its advanced capabilities to steal sensitive information and evade ...
2 months ago Bleepingcomputer.com
New XCSSET Malware Attacking macOS Users With Enhanced Obfuscation - The malware utilizes three distinct persistence techniques, ensuring its payload launches whenever a new shell session begins, a user opens a fake Launchpad application, or a developer commits changes in Git. Microsoft recommends that users run the ...
8 months ago Cybersecuritynews.com
New XCSSET Malware Attacking macOS Users by Infecting Xcode Projects  - This modular backdoor, first documented in 2020, now employs advanced obfuscation techniques, refined persistence mechanisms, and novel infection vectors to subvert Apple’s security frameworks and compromise software supply chains. Microsoft Threat ...
9 months ago Cybersecuritynews.com
New Variant of the XCSSET Malware Discovered Targeting macOS Users - A new variant of the XCSSET malware has been discovered, targeting macOS users with enhanced capabilities and evasion techniques. This malware primarily spreads through compromised Xcode projects and malicious websites, aiming to steal sensitive ...
2 months ago Cybersecuritynews.com
Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says | The Record from Recorded Future News - Slovenia’s computer emergency response team also discovered two malware samples — BeaverTail and InvisibleFerret — that steal data from companies and individuals involved in Web3 technology, such as smart contracts, cryptocurrencies, and ...
9 months ago Therecord.media
Sophisticated macOS Infostealers Get Past Apple's Built-In Detection - Increasingly sophisticated infostealers are targeting macOS with the capability to evade Apple's built-in malware protection, as attackers are becoming more savvy about how to crack static signature-detection engines like the platform's proprietary ...
1 year ago Darkreading.com Hunters
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
RustDoor malware targets macOS users by posing as a Visual Studio Update - A new malware called RustDoor is targeting macOS users. The malware has been undetected for 3 months, and poses as a Microsoft Visual studio Update. ADVERTISEMENT. The malware was discovered by Bitdefender. Bitdefender products identify the malware ...
1 year ago Ghacks.net
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
1 year ago Pandasecurity.com
Banking malware Grandoreiro returns after police disruption - In January 2024, an international law enforcement operation involving Brazil, Spain, Interpol, ESET, and Caixa Bank announced the disruption of the malware operation, which had been targeting Spanish-speaking countries since 2017 and caused $120 ...
1 year ago Bleepingcomputer.com
Microsoft: Iranian hackers target researchers with new MediaPl malware - Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware. The attackers, a ...
1 year ago Bleepingcomputer.com APT3 APT33
The Invisible Storm: Why Cloud Malware Is Your Business's New WeatherEmergency - Protecting your business from cloud malware requires a fundamental shift in security thinking, as traditional defenses simply weren’t designed for these sophisticated airborne threats. Recent research by Cloud Storage Security identified ...
6 months ago Cybersecuritynews.com
Apple Faces New Security Dilemma as Infostealers Execute Stealthy Attacks - There is an increase in the sophistication of info thieves targeting macOS, allowing them to evade Apple's malware protection built into the operating system as these attackers have become better at cracking static signature-detection engines like ...
1 year ago Cysecurity.news
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
1 year ago Pandasecurity.com
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
2 years ago Darkreading.com
Android malware Grandoreiro returns after police disruption - In January 2024, an international law enforcement operation involving Brazil, Spain, Interpol, ESET, and Caixa Bank announced the disruption of the malware operation, which had been targeting Spanish-speaking countries since 2017 and caused $120 ...
1 year ago Bleepingcomputer.com
21 New Mac Malware Families Emerged in 2023 - A total of 21 new malware families designed to target macOS systems were discovered in 2023, according to Patrick Wardle, a researcher specializing in the security of Apple devices. Wardle has published a blog post analyzing the new malware families ...
1 year ago Securityweek.com LockBit
February 2024's Most Wanted Malware: WordPress Websites Targeted by Fresh FakeUpdates Campaign - Our latest Global Threat Index for February 2024 saw researchers uncover a fresh FakeUpdates campaign compromising WordPress websites. These sites were infected using hacked wp-admin administrator accounts, with the malware adapting its tactics to ...
1 year ago Blog.checkpoint.com
New ZuRu Malware Variant Attacking macOS Users Via Weaponized Termius App - This latest iteration, discovered in late May 2025, represents a significant evolution in the threat actor’s tactics, moving beyond their traditional Baidu search engine poisoning campaigns to directly compromise legitimate applications used by ...
4 months ago Cybersecuritynews.com
Top 10 Best Dynamic Malware Analysis Tools in 2025 - FireEye Malware AnalysisEnterprise-grade solution, zero-day detection, integration with threat intelligence, memory forensics.Enterprise-grade malware detection and forensicsPricing details not publicly available; contact for quote.Yes6. Detux ...
9 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)