A widespread scam operation on GitHub involves thousands of repositories distributing malware disguised as game mods and cracked software. The malware, known as Redox stealer, collects sensitive data including passwords, crypto wallets, and gaming accounts from victims' computers, then sends it to Discord servers for exploitation.
Kaspersky discovered a critical hardware backdoor in five generations of Apple mobile silicon (A12-A16), enabling complete remote device control through Operation Triangulation malware. The intentionally designed backdoor, affecting iPhones, iPads, Watches, and TVs, required insider knowledge to exploit and has since been patched as CVE-2023-38606. The sophistication of the backdoor and attack chain suggests high-level involvement, though Apple's purpose for implementing it remains unknown.