Novel macOS malware launched by North Korean hackers New KANDYKORN macOS malware has been deployed by threat actors linked to North Korea's Lazarus Group in attacks against an unspecified cryptocurrency exchange's blockchain engineers since April, reports The Hacker News.

In the Security News: If an exploit falls in the forest do I still need to patch?, Reflections on trusting trust: the source code revealed, prompt injection in your resume, iPhones be updating, a deep dive into vulnerable kernel drivers and wiping SPI flash, cheap to exploit software, to ransom or steal?, oh OAuth, Florida man, door bell shenanigan...

GHOSTPULSE malware loader deployed via fraudulent MSIX app packages Windows systems are being targeted by a new attack campaign leveraging fraudulent MSIX Windows app packages for widely used software to facilitate the deployment of the new GHOSTPULSE malware loader, The Hacker News reports.

BleepingComputer reports that Israeli companies had their Linux systems subjected to attacks involving the new BiBi-Linux wiper malware amid the ongoing conflict between Israel and Palestinian military group Hamas.

Dr. Who, iLeakage, Canada, AI, Killnet, NuGet, You might be a North Korean, More News, and Jason Wood, on this Halloween edition of the Security Weekly News.

Malicious Android apps on Google Play that included adware have been downloaded more than two million times, reports BleepingComputer.

New IMAPLoader malware attacks deployed by Iranian threat operation New watering hole attacks have been launched by Iranian state-sponsored advanced persistent threat operation Tortoiseshell, also known as TA456, Imperial Kitten, Yellow Liderc, and Crimson Sandstorm, to facilitate the distribution of the IMAPLoader malware, The Hacker News reports.

More than a million Windows and Linux systems have been compromised by the sophisticated StripedFly malware framework between 2017 and 2022, according to BleepingComputer.