A security vulnerability (CVE-2025-31191) in macOS allows attackers to bypass App Sandbox protections by exploiting security-scoped bookmarks. This flaw enables the deletion and replacement of keychain entries, facilitating unauthorized access to sensitive files. Affected systems include macOS Ventura, Sequoia, and Sonoma. Apple has released updates to mitigate this issue, urging users to apply them promptly.
New Campaign Targets HR Departments With False Resumes
A campaign by Venom Spider, a financially-motivated threat group, is employing spear-phishing emails to target hiring managers.
