Security Affairs
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Technical Support Scammers targets Apple users

Experts at MalwareBytes uncovered a new malvertising campaign operated by Technical Support Scammers that are targeting Apple Mac owners. Scammers are prolific and ingenious guys, this time they are targeting Mac pretending to be operators of the Apple Technical support. Technical support scammers are running aggressive malvertising also relying on legitimate ad networks. “These scams aren’t being […]

Technical Support Scammers targets Apple users

Experts at MalwareBytes uncovered a new malvertising campaign operated by Technical Support Scammers that are targeting Apple Mac owners.

Scammers are prolific and ingenious guys, this time they are targeting Mac pretending to be operators of the Apple Technical support.

Technical support scammers are running aggressive malvertising also relying on legitimate ad networks.

“These scams aren’t being done with cold calls, but by aggressive malvertising,” said Jerome Segura, a senior security researcher from Malwarebytes. 

This last malvertising campaign is targeting Mac users who browse “lower-quality websites” used by Technical support scammers to host the attack code or malicious scripts that are able to exploit vulnerabilities in the browser to hijack the user’s traffic.

With this tactic technical support scammers are able to display the victims bogus warnings that their computer is at risk, and, of course, these messages propose a telephone number to call for support.

Experts at Malwarebytes noticed that websites controlled by crooks discriminate the browser user agent to serve the proper exploit depending on the victim’s OS.  If the browser is Safari, the scammers display victims the tech support message.

“This particular case shows that tech support scammers are resorting to more elaborate ways to social engineer their victims. Perhaps Apple users are even more at risk because they may be less experienced at dealing with these kinds of “errors”.”states a blog post published by Malwarebytes.

The experts highlighted the level of sophistication implemented by the technical support scammers for this campaign.

The technical support scammers behind the campaign use a website with a URL almost identical to the one used by Apple for the legitimate technical support (ara-apple.com instead ara.apple.com) that allows its customers to share the screen for remote assistance.

“The domain name is almost the same as the official [screen sharing] one from Apple,” Segura said.

“These are definitely a threat to Mac users,” Segura added. “Mac users just aren’t as aware of the threat out there [from support scams] as are Windows users.”

technical support scammers Apple

The researchers noticed that the fake domain was also used to process payments, but giving a look to the ‘Secure Payment’ page implemented by technical support scammers is possible to verify that the process uses the HTTP protocol instead HTTPs.

Experts reported the malicious campaign to both the registrar GoDaddy and hosting provider Liquid Web to allow the shut down of the bogus websites.

B always suspicious of alarming pop ups or websites that claim your computer may be infected!

Pierluigi Paganini

(Security Affairs – Technical support scammers, cybercrime)