macOS
Coverage of macOS in the Nexus archive.
- New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS
Cybersecurity researchers have identified QuimaRAT, a Java-based remote access trojan (RAT) capable of targeting Windows, Linux, and macOS systems. The malware is offered as a malware-as-a-service (MaaS) model with subscription tiers ranging from $150 per month to $1,200 for lifetime access.
- Command and Conquer Generals natively ported to macOS, iPhone, iPad using Fable
Command and Conquer Generals has been natively ported to macOS, iPhone, and iPad using the Fable tool. The project's GitHub repository and Hacker News comments provide additional details and community discussion.
- PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
Cybersecurity researchers identified PamStealer, a macOS information stealer distributed via fake Maccy AppleScript files. It uses PAM checks to steal Mac login passwords, discovered by Jamf Threat Labs.
- Gemini Spark comes to Google's Gemini app for macOS
The Gemini macOS app now includes Google's Spark agentic AI assistant. This update adds new AI capabilities to the Gemini app for macOS users.
- Moves of the Diamond Hand is an unfinished, irresistibly weird dice-based RPG
Moves of the Diamond Hand is an unfinished dice-based RPG in Early Access, developed by musician and game designer Cosmo D. It features grimy, blocky environments reminiscent of 2000s-era first-person RPGs and emphasizes strange conversations and dice-rolling mechanics.
- Logitech’s awesome MX Master 3S mouse drops to under $100
The Logitech MX Master 3S wireless mouse is discounted to $89.99 at Amazon, featuring a second scroll wheel, cross-platform compatibility, and customizable buttons. It is praised for comfort and functionality, with a newer MX Master 4 model available at a higher price.
- macOS Container Machines
Apple has open-sourced container machines for macOS, a virtualization technology. The documentation is available on GitHub, and the article has 46 points with 9 comments on Hacker News.
- WWDC 2026: All the news from Apple’s developers conference
Apple’s WWDC 2026 event begins June 8th with a keynote announcing updates to iOS, macOS, and other operating systems. The event may feature a delayed Siri overhaul supported by Google Gemini and a dedicated Siri app, along with Tim Cook’s final CEO address before his September 1st departure and replacement by John Ternus.
- macOS Needs Its Grid Back
The article argues that macOS should reintroduce a grid-based interface feature, referencing user feedback and engagement metrics. It includes a blog post link and Hacker News discussion with 36 points and 18 comments.
- Show HN: Textile – A desktop app for weaving together bits of text
Textile is a macOS desktop app that combines text from computer commands, clipboard content, and user-provided strings to dynamically build and modify strings. It was created to automate assembling dynamic URLs and store static text like fractions, using Electron for desktop development. The app is open-source, free, and currently only available for macOS.
- AI helped researchers bypass Apple M5 defenses
A security startup named Calif claims researchers used Anthropic's AI model Claude Mythos to develop a macOS kernel exploit bypassing Apple's M5 chip protections, including Memory Integrity Enforcement (MIE), in under a week. The exploit grants root access from a local user account, highlighting concerns about AI accelerating the discovery of software vulnerabilities.
- A respectable port of Age of Empires II: Definitive Edition invades macOS
Age of Empires II: Definitive Edition is now available on macOS via Steam, with existing Windows owners receiving the Mac version automatically. A future release on the Mac App Store is also planned.
- Pardon MIE?
The article discusses methods to bypass Apple's Memory Integrity Enforcement (MIE), a security feature in macOS, as detailed in a blog post by IronPeak. Hacker News users have commented on the technical implications of the bypass.
- Microsoft blames macOS update for undismissible Teams location prompts
Microsoft's Teams app is displaying non-dismissible location prompts on some macOS systems due to a recent update. The issue has been confirmed by Microsoft. Users are affected by this bug.
- Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them
A new macOS stealer variant called Reaper targets users by spoofing Apple, Microsoft, and Google, stealing credentials and accessing cryptocurrency wallets. The malware uses macOS Script Editor to execute its payload and bypasses Terminal defenses. Reaper also backdoors infected devices and steals business and financial information.
- SHub macOS infostealer variant spoofs Apple security updates
A new variant of the SHub macOS infostealer has been discovered, using AppleScript to display a fake security update message and installing a backdoor on affected systems. This malware targets macOS devices, posing as a legitimate security update from Apple. The goal is to steal sensitive information from compromised machines.
- Show HN: We missed Winamp, so we built an audio player for macOS
The article discusses a new audio player built for macOS due to the lack of Winamp. The player was created by Advanced Research and has received comments on Y Combinator. It currently has 19 points and 11 comments.
- asp-classic-emulator: Run ASP Classic on macOS, Linux and BSD
The asp-classic-emulator allows users to run ASP Classic on macOS, Linux, and BSD operating systems. The project is hosted on GitHub and has been shared on news.ycombinator.com. The emulator has received 3 points but no comments so far.
- Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Claim
Researchers from security startup Calif exploited an Apple Mac M5 system using a preview version of Anthropic's Claude Mythos AI to build a macOS kernel exploit. This achievement demonstrates the potential capabilities of AI in cybersecurity. The exploit was made possible by the AI's ability to assist in building the kernel exploit.
- OpenAI asks macOS users to update after TanStack npm supply chain attack
OpenAI is asking macOS users to update due to a supply chain attack impacting TanStack and other npm and PyPI packages tied to AI companies. The attack is part of an expanding campaign affecting several AI companies. Users are being warned to take action to protect themselves.
- First public macOS kernel memory corruption exploit on Apple M5
A public macOS kernel memory corruption exploit has been released on Apple M5, marking a significant vulnerability. The exploit was published on a blog and discussed on a news website. This is the first public exploit of its kind for the Apple M5.
- TradingView Premium FREE — 100% Working Version
A fully working version of TradingView Premium is available for free, offering features like up to 8 charts in one workspace and real-time market data. The project is actively maintained and updated weekly by its author. It can be used on both desktop and mobile devices.
- Griffin PowerMate driver for modern macOS
A new driver for Griffin PowerMate has been developed for modern macOS, available on GitHub. The driver was created by James Lockman and has garnered attention on news.ycombinator.com. The project has received 14 points and 5 comments.
- iOS, macOS, and iPadOS 26.5 updates arrive with encrypted RCS messaging and more
Apple has released version 26.5 of its operating systems, including iOS, macOS, and iPadOS, which adds end-to-end encryption for the RCS messaging standard. This update provides green-bubble messages with security and privacy advantages similar to iMessage users. The encrypted RCS messaging is currently limited to a subset of supported cellular carriers.
- ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
A Linux rootkit and a macOS crypto stealer were discovered, along with WebSocket skimmers and other security threats. These threats exploited old vulnerabilities and lazy access paths. The security issues were reported in a weekly recap.
- Windows 11 is getting a macOS-like speed boost
Microsoft is testing a new speed boost feature in Windows 11 called Low Latency Profile to improve app launch times and responsiveness. The feature increases CPU frequency in short bursts to speed up menus, flyouts, and apps. This results in significant speed improvements when launching File Explorer, the Start menu, and certain apps.
- Liquid Glass tweaks are reportedly coming in the next macOS
Apple is planning to introduce Liquid Glass tweaks in the next macOS update to improve legibility issues. The changes aim to enhance user experience, particularly with lists and text-heavy areas. This move indicates Apple's effort to refine its operating system.
- Show HN: Building a web server in assembly to give my life (a lack of) meaning
A developer has created a static file web server called ymawky for MacOS using ARM64 assembly, supporting various HTTP requests and features. The server is designed to serve custom error pages and mitigate slowloris-like attacks. It also supports directory listing and decodes percent-encoded URLs.
- Linux, Windows or macOS: Which Operating System to Use in 2026?
The article discusses the choice of operating system to use in 2026, considering Linux, Windows, and macOS. It provides a comparison of these systems, aiming to help readers decide which one suits their needs best. The discussion is based on an article from Lucas Aguiar's website.
- Hands off my trademark! Notepad++ dev threatens legal action against macOS port
Notepad++ developer Don Ho threatens legal action against a macOS port of the app, stating it's not official and attempts to make it look official are the problem. The original Notepad++ remains Windows-only under that name. The macOS port was created by a third party.
- Hands off my trademark! Notepad++ dev threatens legal action against macOS port
Notepad++ developer Don Ho threatens legal action against a macOS port of the text editor, citing trademark infringement and misleading presentation. The port, created by Andrey Letov, uses the Notepad++ logo and branding without permission. Ho demands that Letov change the project's name and logo to avoid confusion.
- How fast is a macOS VM, and how small could it be?
The article examines the performance speed and potential minimal size of macOS virtual machines (VMs), exploring technical aspects of optimization. It references a Hacker News discussion with 27 points and 3 comments.
- Show HN: Drive any macOS app in the background without stealing the cursor
Cua Driver is a macOS tool developed by Francesco from Cua that enables background automation of apps without disrupting the user's cursor, focus, or active workspace. It addresses limitations in existing methods like CGEventPost and CGEvent.postToPid, offering use cases such as demo recording, QA automation, and personal assistant workflows.
- North Korea's Lazarus Targets macOS Users via ClickFix
North Korea's Lazarus hacking group is exploiting the ClickFix vulnerability to target macOS users, particularly Mac-centric organizations and high-value leaders, for initial access and data theft. The attack highlights ongoing cyber threats leveraging known vulnerabilities against specific platforms and targets.
- Show HN: Tolaria – open-source macOS app to manage Markdown knowledge bases
Luca, a writer and developer, created Tolaria, an open-source macOS app designed to manage Markdown knowledge bases. The app emphasizes offline-first functionality, git integration, and structured organization of notes with types and relationships.
- ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
The ThreatsDay Bulletin highlights a $290M DeFi hack, macOS Living Off the Land (LotL) abuse, ProxySmart SIM farms, and 25 new security incidents. Recurring vulnerabilities in supply chains and system-level attacks are emphasized, with attackers exploiting unpatched bugs and unmonitored packages.
- Microsoft issues emergency update for macOS and Linux ASP.NET threat
Microsoft released an emergency patch for a high-severity vulnerability (CVE-2026-40372) in ASP.NET Core, which could allow unauthenticated attackers to gain SYSTEM privileges on macOS and Linux devices. The flaw stems from a cryptographic signature verification error in the Microsoft.AspNetCore.DataProtection NuGet package, and even after patching, forged credentials may persist if not manually purged.
- Lazarus-linked macOS malware hits crypto and fintech firms
Security researchers identified a new macOS malware called 'Mach-O Man' linked to the Lazarus hacking group, targeting cryptocurrency and fintech companies to steal credentials and infiltrate corporate systems.
- Lazarus Group Malware Targets Crypto, Business Execs via macOS
The Lazarus Group is using malware targeting macOS to attack cryptocurrency and business executives. The threat highlights increased cybersecurity risks for these sectors.
- Lazarus-linked macOS malware hits crypto and fintech firms
Security researchers have linked a new macOS malware called 'Mach-O Man' to a Lazarus cyber campaign. The malware uses fake meeting invites and ClickFix prompts to steal credentials and access systems in crypto and fintech firms.