ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
New macOS malware CrashStealer, built in native C++, poses as Apple's crash-reporting tool to steal credentials, keychain data, and crypto wallets. It bypasses Gatekeeper using a signed, notarized dropper from domain werkbit.io. The malware encrypts stolen data with AES-GCM before exfiltration and targets roughly 80 wallet extensions and 14 password managers.
Tap to vote and see what everyone thinks.
AppleInsider leads with data theft, The Hacker News with bypassing security, BleepingComputer with the fake crash tool vector.
Summary by ByteBrief