Hackers Are Targeting Apple Devs With This Tricky New Malware - 1

Image by Drazen Zigic, from Freepik

Hackers Are Targeting Apple Devs With This Tricky New Malware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Microsoft has warned of a new version of the XCSSET malware, the first update to this Mac-based threat since 2022.

In a Rush? Here are the Quick Facts!

  • The malware spreads through infected Xcode projects used by Apple developers.
  • It can steal digital wallet data, notes, and system files.
  • The malware now hides better and stays active using new persistence tricks.

The malware, which spreads through infected Xcode projects, has improved ways to hide and stay on an infected system, making it harder to detect and remove.

XCSSET mainly targets Apple developers by sneaking into Xcode, the software used to build Mac and iPhone apps. If a developer unknowingly downloads an infected project, the malware can steal sensitive information like digital wallet data, notes, and system files. It can also allow attackers to spy on the system and potentially take control.

The latest version has three major upgrades: better hiding techniques, stronger persistence, and new infection methods.

To avoid detection, the malware scrambles its code in random ways so security programs have a harder time identifying it. It now also uses multiple encoding techniques, making it even more difficult to spot.

To ensure it stays on a device, XCSSET has new tricks. One method alters a system file called .zshrc, which makes the malware run automatically whenever the Terminal app is opened.

Another method involves manipulating the Mac dock by creating a fake version of the Launchpad app. When users click on it, the real app still opens, but the malware secretly runs in the background.

The malware has also improved how it infects Xcode projects, using different strategies to hide its payload. This makes it harder for developers to notice something is wrong.

Microsoft urges Mac users—especially developers—to be cautious when downloading Xcode projects from the internet, as this is the primary way the malware spreads. They also recommend only installing apps from trusted sources, such as the Mac App Store or official developer websites.

The New York Times Approves AI Tools For Newsroom Use - 2

Image by ajay_suresh, from Flickr

The New York Times Approves AI Tools For Newsroom Use

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

The New York Times has given the green light for its newsroom staff to use artificial intelligence tools in editing, summarizing, coding, and even writing.

In a Rush? Here are the Quick Facts!

  • The New York Times approved AI tools for editing, summarizing, coding, and writing.
  • The newsroom will use AI for SEO, research, content creation, and brainstorming.
  • The Times introduced Echo, an in-house AI tool for summarizing articles and briefings.

According to an internal email reported by Semafor , both product and editorial teams will receive AI training as the publication introduces new AI-powered resources to assist journalists.

Semafor reports that one of the biggest additions is Echo, an in-house AI tool designed to summarize articles, briefings, and other internal materials.

The company has also approved several external AI tools for its staff, including GitHub Copilot for coding, Google’s Vertex AI for product development, and OpenAI’s non-ChatGPT API—though access to the latter requires legal approval.

The Times sees AI as a way to enhance journalism rather than replace human work. Semafor reports that its editorial guidelines state:

“Generative AI can assist our journalists in uncovering the truth and helping more people understand the world. Machine learning already helps us report stories we couldn’t otherwise, and generative AI has the potential to bolster our journalistic capabilities even more.”

Beyond reporting, Semafor reports that AI tools will help staff with various newsroom tasks. Journalists are encouraged to use them for generating SEO-friendly headlines, crafting summaries, brainstorming ideas, and improving audience engagement.

In an internal training video, the Times demonstrated AI’s role in journalism, including how reporters could use it to develop interview questions for a startup CEO.

AI tools may also assist in producing social media content, quote cards, and multilingual translations, making the publication more accessible to global audiences, as noted by Semafor. However, the company emphasizes that AI is not a “magical solution” but a tool to support its mission.

The New York Times has had a tense history with generative AI. It was among the first news outlets to block OpenAI’s web crawler from accessing its content.

This decision later escalated into a lawsuit against OpenAI and its key investor, Microsoft, accusing ChatGPT of reproducing its articles verbatim, damaging its relationship with readers, and cutting into its revenue.

It’s uncertain how much AI-edited content The New York Times will permit in published articles. The publication has maintained that its journalism will remain in human hands, stating last year that Times journalism will always be reported, written, and edited by journalists, as noted by The Verge .

The company reiterated this commitment a few months later, emphasizing the continued role of human oversight.

While AI can speed up processes and enhance efficiency, human journalists will remain at the heart of reporting. The Times continues to explore AI’s potential, but with careful oversight to maintain its journalistic integrity.