Apple patched two zero-day vulnerabilities in macOS Sequoia that were being actively exploited. Identified as CVE-2024-44308 and CVE-2024-44309, these flaws usually got triggered when users interacted with a malicious webpage. The patches were included in several Apple software updates. These developments come as Mac-based attacks are on the rise, with threat actors increasingly targeting macOS devices, and misuse of valid Apple developer accounts to bypass security measures.
Malicious PyPi Package Mimic ChatGPT & Claude Steals Developers Data
Kaspersky’s research team discovered a supply chain attack targeting the Python Package Index (PyPI). The attack involved malicious packages posing as AI chatbot tools distributing
