Kaspersky revealed details about the new “SparkCat” malware affecting a handful of iOS apps on Wednesday, leading to Apple promptly removing the compromised apps from the App Store following the report. Juli Clover for MacRumors: ‎ Some of the apps that had hidden malware included ComeCome, WeTink, and AnyGPT. 11 apps were removed in total, but when removing the apps, Apple found another 89 with the same code that had been previously rejected or removed from the ‌App Store‌ for violating Apple’s fraud policies. When an app is removed for fraud, Apple terminates the associated developer account. As outlined by Kaspersky, the apps used a malicious framework with OCR capabilities designed to suss out sensitive information in images and screenshots…

Kaspersky researchers have uncovered malware apps on Google’s Play Store and, for the first time, on Apple’s App Store that harbor a malicious framework aimed at stealing crypto wallet recovery phrases. These phrases are crucial for accessing cryptocurrency in digital wallets. Dubbed “SparkCat” by researchers, this malware is thought to have been in circulation since March 2024. Jake Peterson for LifeHacker: ‎ If you downloaded one of these apps on either iOS or Android, the app would likely ask permission to access your photo library, then the malicious framework would launch an optical character recognition (OCR) plug-in to scan and identify text in your images. If the program found text that matched certain keywords, it would then send those images…

Macworld All attention might be on iOS 17 and macOS Sonoma, but Apple hasn’t stopped working on its current crop of operating systems. And if you’re not running the betas, you need to know that Apple just shipped a slew of updates to fix some critical security holes. In all, Apple pushed 10 updates on Wednesday: iOS 16.5.1 and iPadOS 16.5.1; iOS 15.7.7 and iPadOS 15.7.7; macOS Ventura 13.4.1, macOS Monterey 12.6.7, and macOS Big Sur 11.7.8; Safari 16.5.1; and watchOS 9.5.2 and watchOS 8.8.1. That covers more than a decade of devices going back to 2013 and includes the iPhone 6s, Apple Watch Series 3, and the original 12-inch MacBook. All of the OS updates fix the same vulnerability:…

Macworld All attention might be on iOS 17 and macOS Sonoma, but Apple hasn’t stopped working on its current crop of operating systems. And if you’re not running the betas, you need to know that Apple just shipped a slew of updates to fix some critical security holes. All told, Apple pushed eight updates on Wednesday: iOS 16.5.1 and iPadOS 16.5.1; iOS 15.7.7 and iPadOS 15.7.7; macOS Ventura 13.4.1, macOS Monterey 12.6.7, and macOS Big Sur 11.7.8; and watchOS 9.5.2 and watchOS 8.8.1. That covers more than a decade of devices going back to 2013 and includes the iPhone 6s, Apple Watch Series 3, and the original 12-inch MacBook. All of the updates fix the same vulnerability: Kernel Impact: An…

Macworld Apple on Wednesday released macOS Ventura 13.4.1, an update that includes a couple of critical zero-day security patches. The release notes merely state that the update includes “important security fixes and is recommended for all users.” It’s unclear whether this update includes any other fixes, but Apple has recently promised that a fix would be coming to correct a storage issue with the new Mac Pro. According to the security notes, the update includes the same two security patches as the iOS 16.5.1 update: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.Description: An…

Macworld Apple has released a minor operating system update in the form of iOS 16.5.1 and iPadOS 16.5.1. As is typical with an x.x.1 point release, the list of changes is very small. The release notes consist of two sentences: This update provides important security fixes and is recommended for all users. It also fixes an issue that prevents charging with the Lightning to USB 3 Camera Adapter. That second bit is good news for people who rely on the Lightning to USB 3 Camera Adapter (and charge while using it), but it’s the first sentence that matters most here. The two security updates in this release are substantial: Kernel Impact: An app may be able to execute arbitrary code…