Cybercriminals are using fake Ledger apps to steal seed phrases for cryptocurrency wallets from macOS users. The malware impersonates the genuine app, prompting the user to enter their seed phrase on a phishing site. This technique allows the criminals to empty victims’ wallets. Researchers advise only downloading the Ledger Live app from the official website and only entering the seed phrase when restoring the wallet, directly on the physical Ledger device.
Critical Tableau Server Flaws Allows Malicious File Uploads
Salesforce has addressed multiple critical security vulnerabilities in Tableau Server and Desktop that could enable attackers to upload malicious files and execute arbitrary code. The
