Fake Disk Cleanup Apps Fuel New macOS ClickFix Attack
A wave of ClickFix-style social engineering attacks that specifically target macOS users, using fake disk cleanup and system utility tips hosted on popular c...
Apple
20 articles
Taiwanese student arrested for halting high-speed trains with radio hack
The 23-year-old student, identified by his surname Lin, is accused of using software-defined radio (SDR) equipment and handheld radios to broadcast a high-pr...
Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models
The Trump administration is in early discussions about whether advanced AI models should be vetted before public release, according to reporting from the New...
The Iran War: What You Need to Know
Insikt Group tracks the cyber, physical, and geopolitical components of the US-Israeli strikes on Iran — with continuously updated threat analysis and scenar...
Risk Scenarios for the US’s Strategic Pivot
The United States (US) is shifting toward a more force-driven security strategy primarily relying on military operations and economic pressure to counter tra...
Apple Fixes iOS Notification Bug Exposing Deleted Messages
Apple patches iOS flaw that retained deleted notifications, exposing message data
MacOS Native Tools Enable Stealthy Enterprise Attacks
macOS LOTL techniques bypass detection using native tools and metadata abuse
FakeWallet crypto stealer spreading through iOS apps in the App Store
In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets.
Singer loses life savings to fake wallet downloaded from the Apple App Store
If you hold cryptocurrency, there's a very simple golden rule that you should always follow. Never hand over your seed phrase.
Iran War: Future Scenario and Business Implications
Iran War: Future Scenarios and Business Implications
Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings
macOS 26.
Securing the Supply Chain: How SentinelOne®’s AI EDR Stops the Axios Attack Autonomously
Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.
Cisco IOS XE Software Denial of Service Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected ...
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
iOS/iPadOS 18.7.
How we caught the Axios supply chain attack
Joe Desimone shares the story of how he caught the Axios supply chain attack with a proof of concept tool built in an afternoon.
Hackers Hijack Axios npm Package to Spread RATs
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn
Inside the Axios supply chain compromise - one RAT to rule them all
Elastic Security Labs analyzes a supply chain compromise of the axios npm package delivering a unified cross-platform RAT
Elastic releases detections for the Axios supply chain compromise
Hunting and detection rules for the Elastic-discovered Axios supply chain compromise.
ZDI-26-231: Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the abili...
ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this v...