A new variant of XCSSET, a modular macOS malware, has been reported by Microsoft Threat Intelligence to infect Apple developers’ Xcode projects. This sophisticated attack steals and exfiltrates system and user data, presenting serious supply chain risks. The malware exhibits new infection strategies and obfuscation methods, making it hard to detect. Researchers underscore the need for real-time code scanning, advanced threat detection tools, and multi-layered security approaches to protect against such attacks.

AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware
Tenable Research has revealed that open-source AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware. Initially refusing to write malicious code, researchers