Shlayer Strikes Again Through Zero-Day in MacOS 11.3


Shlayer macOS Apple

Apple this week revealed that its new macOS 11.3 update comes with a fix for a critical vulnerability – one that hackers actively exploited with Shlayer malware that can sidestep Apple defenses.

The zero-day flaw, first discovered in March but likely in use by hackers since Jan. 9, allows unapproved software to run on Mac and is distributed via compromised websites or poisoned search engine results. Cybercriminals create web pages with content tailored to appear in results for common queries, or hijack legitimate websites. Once the malware is inside a system, it won’t be stopped by any of the Mac’s defensive tools.

Read more…