🚨 CISA KEV 1[−]
12 May KEVUpdate to How CISA Shares Cyber-Related Alerts and NotificationsStarting May 12 , CISA is changing how we announce cybersecurity updates and the release of new guidance. These announcements will only be shared through CISA social media platforms, email, and RSS feeds and will no longer be listed on our Cybersecurity Alerts & Advisories we…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
12 MayPoC Code Published for Linux nftables Security VulnerabilitySecurity researchers have published proof-of-concept (PoC) exploit code for CVE-2024-26809, a high-severity double-free vulnerability in Linux’s nftables firewall subsystem. The flaw allows local attackers to escalate privileges and execute arbitrary code, posing significant risk…GBHACKERS.COM
12 MayMitel SIP Phone Flaws Allow Attackers to Inject Malicious CommandsA pair of vulnerabilities in Mitel’s 6800 Series, 6900 Series, and 6900w Series SIP Phones-including the 6970 Conference Unit-could enable attackers to execute arbitrary commands or upload malicious files to compromised devices, posing significant risks to enterprise communicatio…GBHACKERS.COM
12 MayVMware Tools Vulnerability Allows Attackers to Modify Files and Launch Malicious OperationsBroadcom-owned VMware has released security patches addressing a moderate severity insecure file handling vulnerability in VMware Tools, tracked as CVE-2025-22247 with a CVSS base score of 6.1. The vulnerability allows non-administrative users to manipulate files within guest vir…GBHACKERS.COM
12 MayMarbled Dust leverages zero-day in Output Messenger for regional espionageSince April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software. T…MICROSOFT.COM
12 MayRussian GRU Targeting Western Logistics Entities and Technology CompaniesExecutive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine.…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 24[−]
12 MayNew Exploit Method Extracts Microsoft Entra Tokens Through BeaconA novel exploit method leveraging Beacon Object Files (BOFs) has emerged, enabling attackers to extract Microsoft Entra (formerly Azure AD) tokens from compromised endpoints, even on non-domain-joined or BYOD devices. This technique sidesteps traditional detection mechanisms and …GBHACKERS.COM
12 MayThe rise of vCISO as a viable cybersecurity career pathFor all the talk of security skills shortages and the recession-proof nature of cybersecurity, it’s been a tough job market for many veteran security professionals over the past year. The consensus among many in the industry is that hiring standards have grown more stringent, and…CSOONLINE.COM
12 MayAudi warnt vor Gebrauchtwagenbetrügernsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/05/shutterstock_2326328263.jpg?quality=50&strip=all 5800w, https://b2b-contenthub.com/wp-content/uploads/2025/05/shutterstock_2326328263.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
12 MayHackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive DataMicrosoft’s Copilot for SharePoint, designed to streamline enterprise collaboration through generative AI, has become an unexpected weapon for cybercriminals targeting organizational secrets. Recent findings from cybersecurity researchers reveal that attackers are exploiting AI a…GBHACKERS.COM
12 MayDefendnot: A Tool That Disables Windows Defender by Registering as AntivirusCybersecurity developers have released a new tool called “defendnot,” a successor to the previously DMCA-takedown-affected “no-defender” project. This innovative utility leverages undocumented Windows Security Center APIs to disable Windows Defender by reg…GBHACKERS.COM
12 May KEV73% of CISOs admit security incidents due to unknown or unmanaged assetsOnly those who know their attack surfaces can defend against them effectively. What seems like a truism, however, appears to be causing problems for many companies. According to a survey of more than 2,000 cybersecurity executives by security provider Trend Micro , nearly three-q…CSOONLINE.COM
12 MayCybercriminals Hide Undetectable Ransomware Inside JPG ImagesA chilling new ransomware attack method has emerged, with hackers exploiting innocuous JPEG image files to deliver fully undetectable (FUD) ransomware, according to a recent disclosure by cybersecurity researchers. This technique, which bypasses traditional antivirus systems…GBHACKERS.COM
12 MayHackers Exploit Legacy Protocols in Microsoft Entra ID to Bypass MFA and Conditional AccessA sophisticated and highly coordinated cyberattack campaign came to light, as tracked by Guardz Research. This operation zeroed in on legacy authentication protocols within Microsoft Entra ID, exploiting outdated methods to sidestep modern security measures like Multi-Factor Auth…GBHACKERS.COM
12 MayUS Announces Botnet Takedown, Charges Against Russian AdministratorsAnyproxy and 5socks, websites offering proxy services through devices ensnared by a botnet, have been disrupted in a law enforcement operation. The post US Announces Botnet Takedown, Charges Against Russian Administrators appeared first on SecurityWeek .SECURITYWEEK.COM
12 MayGoogle Researchers Use Mach IPC to Uncover Sandbox Escape VulnerabilitiesGoogle Project Zero researchers have uncovered new sandbox escape vulnerabilities in macOS using an innovative approach that leverages Mach Interprocess Communication (IPC) mechanisms-core components of Apple’s operating system. Their public research details how low-level message…GBHACKERS.COM
12 MayOne-Click RCE in ASUS’s Preinstalled Driver Softwaresubmitted by kid to cybersecurity 1 points | 0 comments https://mrbruh.com/asusdriverhub/SH.ITJUST.WORKS
12 MayMetasploit Update Adds Erlang/OTP SSH Exploit and OPNSense ScannerThe open-source penetration testing toolkit Metasploit has unveiled a major update, introducing four new modules, including a highly anticipated exploit targeting Erlang/OTP SSH servers and a scanner for OPNSense firewalls. The release also enhances diagnostic tools and addresses…GBHACKERS.COM
12 MayAsus DriverHub Vulnerabilities Expose Users to Remote Code Execution AttacksTwo vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution. The post Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
12 May437,000 Impacted by Ascension Health Data BreachAscension Health has notified the HHS that more than 437,000 people were affected by a recently disclosed data breach. The post 437,000 Impacted by Ascension Health Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
12 May⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered ScamsWhat do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks—because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking …THEHACKERNEWS.COM
12 MayPhishing Campaign Uses Blob URLs to Bypass Email Security and Avoid DetectionCybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email security measures. Blob URIs, typi…GBHACKERS.COM
12 May20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each WeekA 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s Black Lotus Labs, the U.S. Department of Justice, the Federal Bureau of Investigation (FBI), and the Dutch National Police. This botnet, operational since 2004 according to its own…GBHACKERS.COM
12 MayOpen Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core Update 194, packed with security enhancements, performance improvements, and new features to safeguard networks of all sizes. Renowned for its robust feature set, IPFire continues to de…GBHACKERS.COM
12 MayASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini FilesASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that's designed to automatically detect the motherboa…THEHACKERNEWS.COM
12 MayOutput Messenger flaw exploited as zero-day in espionage attacksA Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. [...]BLEEPINGCOMPUTER.COM
12 MayAPT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control OperationsThe North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear phishing campaign targeting activists focused on North Korean issues. Named “Operation: ToyBox Story” by Genians Security Center (GSC), this campaign exploited legitimate c…GBHACKERS.COM
12 MayNew Noodlophile Malware Spreads Through Fake AI Video Generation PlatformsCybercriminals have unleashed a new malware campaign using fake AI video generation platforms as a lure. Dubbed Noodlophile Stealer, this previously undocumented infostealer targets unsuspecting users by exploiting their enthusiasm for AI-powered content creation tools. Disguised…GBHACKERS.COM
12 MayCan You Hack Christmas Without Breaking the Law?When a cybersecurity expert uses his HackRF1 to intercept and replay signals from his own Christmas tree, things get legally… fuzzy. Is it hacking? Definitely. But is it illegal? That’s where it gets interesting. This short dives into RF frequencies, FCC rules, and what counts as…YOUTUBE.COM
12 MayASUS DriverHub flaw let malicious sites run commands with admin rightsThe ASUS DriverHub driver management utility was vulnerable to a critical remote code execution flaw that allowed malicious sites to execute commands on devices with the software installed. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 8[−]
12 MayMicrosoft Teams to Safeguard Meetings by Blocking Screen SnapsMicrosoft has announced the upcoming release of a groundbreaking “Prevent Screen Capture” feature for Teams, designed to block unauthorized screenshots and recordings during virtual meetings. The new capability, slated for worldwide deployment in July 2025, underscore…GBHACKERS.COM
12 MayThe Silent Influence of US Tech Policies on Canadian Security 🔐Why does Canadian cybersecurity seem tied to US policies? This short explores how US executive orders and tech regulations quietly shape Canada's cyber landscape. From S-bombs to DMCA exemptions, what happens in the US often ripples across the border — making it crucial for Canad…YOUTUBE.COM
🔥 INCIDENT REPORTING 13[−]
12 MayCyber Threats Target HR, AI Tools, and Critical Infrastructure: A Comprehensive UpdateIn this episode of Cybersecurity Today, host David Shipley covers a range of cyber threats including the Venom Spider malware targeting HR professionals, the emergence of the Noodlofile info stealer disguised as an AI video generator, and misinformation campaigns amid the India-P…CYBERSECURITYTODAY.LIBSYN.COM
12 MaySecrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson... - ESW #406Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygi…YOUTUBE.COM
12 MayPopular Scraping Tool’s NPM Package Compromised in Supply Chain Attacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/popular-scraping-tools-npm-package-compromised-in-supply-chain-attack/SH.ITJUST.WORKS
12 MayUS Deportation Airline GlobalX Confirms HackGlobal Crossing Airlines is investigating a cybersecurity incident after Anonymous hackers targeted its systems. The post US Deportation Airline GlobalX Confirms Hack appeared first on SecurityWeek .SECURITYWEEK.COM
12 MayMalicious npm Packages Use Telegram to Exfiltrate BullX Credentialssubmitted by kid to cybersecurity 1 points | 0 comments https://socket.dev/blog/malicious-npm-packages-use-telegram-to-exfiltrate-bullx-credentialsSH.ITJUST.WORKS
12 May437,000 Impacted by Ascension Health Data Breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/437000-impacted-by-ascension-health-data-breach/SH.ITJUST.WORKS
12 MayThe ransomware landscape in 2025 | Kaspersky official blogHow ransomware tactics have changed in 2025, and what businesses can do in the event of a ransomware attack.KASPERSKY.COM
12 MaySecurity Firm Andy Frain Says 100,000 People Impacted by Ransomware AttackAndy Frain was targeted by the Black Basta ransomware group in 2024 and the hackers have stolen a wide range of information. The post Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
12 May“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via TelegramA new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals and enterprises. Developed in C# using the .NET framework, this 32-bit GUI-based Windows executable targets sensitive user data with a focused and efficient approach. Firs…GBHACKERS.COM
12 MayThreat Actors Leverage DDoS Attacks as Smokescreens for Data TheftDistributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded by script kiddies and hacktivists, have undergone a sophisticated transformation in today’s complex, hybrid-cloud environments. No longer just blunt instruments aimed at overwhelming sys…GBHACKERS.COM
12 MayMoldova arrests suspect linked to DoppelPaymer ransomware attacksMoldovan authorities have detained a 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021. [...]BLEEPINGCOMPUTER.COM
12 MayUnending ransomware attacks are a symptom, not the illnesssubmitted by floofloof to cybersecurity 2 points | 1 comments https://www.theregister.com/2025/05/12/opinion_column_ransomware/SH.ITJUST.WORKS
12 MayCybercriminals Use Telegram Bots to Exfiltrate Data In Phishing Kit CampaignKnowBe4 ThreatLabs has identified and analyzed a sophisticated cross-platform phishing campaign that utilizes Telegram as its primary exfiltration channel. The campaign uses a combination of security-themed phishing emails, branded phishing websites to harvest credentials, and Te…KNOWBE4.COM
🕵️ THREAT INTELLIGENCE 19[−]
12 MayISC Stormcast For Monday, May 12th, 2025 https://isc.sans.edu/podcastdetail/9446, (Mon, May 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 MayFake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook LuresThreat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. "Instead of relying on traditional phishing or cracked software sites, they build convincing A…THEHACKERNEWS.COM
12 MayGermany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Datasubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/05/germany-shuts-down-exch-over-19b.htmlSH.ITJUST.WORKS
12 MayCybercriminal services target end-of-life routers, FBI warnssubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/177648/cyber-crime/malware-targets-end-of-life-routers.htmlSH.ITJUST.WORKS
12 MayiClicker site hack targeted students with malware via fake CAPTCHAsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/SH.ITJUST.WORKS
12 MayGerman Authorities Take Down Crypto Swapping Service eXchGerman authorities seized the servers of crypto-swapping service eXch for laundering approximately $1.9 billion in fraudulent assets. The post German Authorities Take Down Crypto Swapping Service eXch appeared first on SecurityWeek .SECURITYWEEK.COM
12 May7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operationsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/breaking-7000-device-proxy-botnet-using.htmlSH.ITJUST.WORKS
12 MayFlorida Backdoor Bill FailsA Florida bill requiring encryption backdoors failed to pass .SCHNEIER.COM
12 MayHackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Datasubmitted by kid to cybersecurity 3 points | 0 comments https://gbhackers.com/hackers-abuse-copilot-ai-in-sharepoint/SH.ITJUST.WORKS
12 MayDefendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solutionsubmitted by kid to cybersecurity 2 points | 0 comments https://cybersecuritynews.com/defendnot-disables-windows-defender/SH.ITJUST.WORKS
12 MayGoogle Agrees to $1.3 Billion Settlement in Texas Privacy LawsuitsGoogle has agreed to a $1.375 billion settlement with Texas in lawsuits over location and private browsing tracking, and biometric data collection. The post Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits appeared first on SecurityWeek .SECURITYWEEK.COM
12 MayIt Is 2025, And We Are Still Dealing With Default IoT Passwords And Stupid 2013 Router Vulnerabilities, (Mon, May 12th)Unipi Technologies is a company developing programmable logic controllers for a number of different applications like home automation, building management, and industrial controls. The modules produced by Unipi are likely to appeal to a more professional audience. All modules are…ISC.SANS.EDU
12 MayMicrosoft introduces huge security risk in OneDrivesubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.techzine.eu/news/security/131293/microsoft-introduces-huge-security-risk-in-onedrive/ Microsoft is rolling out a new OneDrive feature that synchronizes data from personal accounts with business accounts. The f…SH.ITJUST.WORKS
12 MayMapping the Modern Attack Surface: Fintech’s Evolving Risk Frontier - Erika Dean - CSP #212In this episode, Erika Dean dives into the evolution of attack surface management (ASM) in financial tech. From foundational strategies to future-focused threats, she explores how shifts in the fintech landscape demand deeper organizational awareness, ongoing tabletop exercises, …YOUTUBE.COM
12 MayKimsuky Hacker Group Deploys New Phishing Techniques and Malware CampaignsThe North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black Banshee,” has been active since at least 2012, targeting nations like South Korea, Japan, and the United States with sophisticated cyber espionage campaigns. Recently, new Indica…GBHACKERS.COM
12 MayMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
12 MayApple Patches Major Security Flaws in iOS, macOS PlatformsApple rolls out iOS and macOS platform updates to fix serious security bugs that could be triggered simply by opening an image or video file. The post Apple Patches Major Security Flaws in iOS, macOS Platforms appeared first on SecurityWeek .SECURITYWEEK.COM
12 MayLumma Stealer Upgraded with PowerShell Tools and Advanced Evasion TechniquesSophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware has evolved with sophisticated PowerShell tools and advanced evasion tactics, leveraging fake CAPTCHA sites to deceive users. Active since mid-2022 and offered as Malware-as-a-Servi…GBHACKERS.COM
12 MayRed Flag Job Apps: Cybersecurity Edition 🚩A cybersecurity expert shares a ridiculous job application story that will have every tech pro nodding in frustration. From microscopic text boxes to banning small fonts and forcing candidates to squeeze their entire education into one field—this job post was a giant red flag. If…YOUTUBE.COM
🎙️ PODCASTS 1[−]
12 MayHow can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2)Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation and how we can fight one of the most pressing challenges facing our digital world.WELIVESECURITY.COM
📡 INFOSEC NEWS 12[−]
12 MayThe Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change ThatDetecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed comp…THEHACKERNEWS.COM
12 MayThis Training Trick Boosted Our Phishing Scores FastCybersecurity expert Summer Craze Fowler breaks down how her team improved phishing test results without burning people out. Instead of overloading with monthly exercises, they got smarter—switching to a quarterly model and mixing in new learning styles. This quick shift created …YOUTUBE.COM
12 MayMajority of Browser Extensions Pose Critical Security Risk, A New Report Reveals99% of enterprise users have browser extensions but over half carry high-risk permissions. LayerX's 2025 report reveals how everyday extensions expose sensitive data, and what security teams must do now. [...]BLEEPINGCOMPUTER.COM
12 MayGoogle to pay $1.375 billion to settle Texas data privacy violationsGoogle has agreed to a $1.375 billion settlement with the state of Texas over a 2022 lawsuit that alleged it had been collecting and using biometric data of millions of Texans without properly acquiring their consent. [...]BLEEPINGCOMPUTER.COM
12 MayCrypto = 1800s Banking With Better Wi-Fi?Back in the 1800s, you’d trust a wooden vault in the middle of nowhere with your life savings… until One-Eyed Nick and his gang rode off with it 😬. That’s the kind of Wild West energy Doug White says crypto still has today. No rules. No guarantees. Just hype, hope, and hackers. C…YOUTUBE.COM
12 MayBanks Don’t Just Protect Money—Here’s What They Really Value!Banks don’t just protect money—they protect something even more valuable! 💰🔐 From high-ranking executives to cutting-edge applications, assets come in many forms. But what truly makes something an asset in the financial world? Watch to find out! 👀💡 #BankingSecrets #FinanceExplain…YOUTUBE.COM
12 MayHackers now testing ClickFix attacks against Linux targetsA new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. [...]BLEEPINGCOMPUTER.COM
12 May“Are You Growing Weed?” No Bro, I’m Just a Hacker 😅When the state sends you a letter asking why your house uses 127% more power than your neighbors… they probably don’t expect the answer to be a basement full of old, power-hungry servers. 😂 In this clip, two cybersecurity pros joke about how their gear makes the lights flicker an…YOUTUBE.COM
12 MayThis Is How Cyber Pros Actually Use ChatGPT...Cybersecurity experts aren’t just fighting hackers—they’re also figuring out how to use AI tools like ChatGPT in their daily grind. In this clip, a group of infosec pros jokingly reveal how they rely on ChatGPT to solve tricky problems… including their kids’ homework 👀. But benea…YOUTUBE.COM
12 MayWindows 11 upgrade block lifted after Safe Exam Browser fixMicrosoft has removed an upgrade block that prevented some Safe Exam Browser users from installing the Windows 11 2024 Update due to incompatibility issues. [...]BLEEPINGCOMPUTER.COM
12 MayAWS, GCP, Azure – Are You REALLY Protected? 🤔Most businesses think their cloud data is secure—but is it really? 🤔 In this short, cybersecurity expert Jason breaks down how modern security platforms scan and protect cloud environments like AWS, GCP, and Azure. From email to on-prem servers, discover how unified security tool…YOUTUBE.COM
12 MayApple Updates Everything: May 2025 Edition, (Mon, May 12th)Apple released its expected update for all its operating systems. The update, in addition to providing new features, patches 65 different vulnerabilities. Many of these vulnerabilities affect multiple operating systems within the Apple ecosystem.
ISC.SANS.EDU