Apple is pushing signature updates to its on-device malware tool, XProtect, to block malware variants associated with North Korea’s “Contagious Interview” campaign. This malware, part of the macOS Ferret family, tricks targets into installing it under the guise of a job interview process. Currently undetected by XProtect, it can steal sensitive data through a Python backdoor. New malware samples named “FlexibleFerret” were detected by SentinelOne researchers.
CISA Adds Apache, Microsoft Bugs to Know Exploited Vulnerabilities Database
The U.S. CISA updated its Known Exploited Vulnerabilities (KEV) Catalog, highlighting several critical vulnerabilities including Apache OFBiz (CVE-2024-45195), Microsoft .NET Framework (CVE-2024-29059), and Paessler PRTG
