Two fresh Mac threats have been spotted recently, and one of them is getting a patch this week. The second one is still out there with no fix yet, but honestly, you’d have to be pretty unaware to get tricked by it.
A Parallels Weakness Targeted
According to Macworld, the first threat was uncovered by a security expert named Mickey Jin. He’d been pushing Parallels, a tool that lets Macs run Windows, Linux, or older macOS versions, to fix this issue for seven months. The problem affects Intel-based Macs using Parallels. It lets someone take full control of your Mac by sneaking through flaws in how Parallels sets up virtual machines.
The good news? It’s not a huge worry since the attacker would need to physically get to your Mac. Parallels has now promised to roll out a solution this week. They’ve shared details in a support article, saying updates for Parallels Desktop 20.2.2 and 19.4.2 will tackle this flaw soon.
FrigidStealer Sneaks In
The second threat, called FrigidStealer, is sneakier and can strike from afar—it’s after your passwords. But it’s not hard to avoid if you’re cautious. You’d have to click a sketchy link and then follow steps to dodge macOS’s safety net, Gatekeeper.
Here’s how it works: You get an email with a link. Click it, and a webpage pops up, warning that your browser needs an update. Hit the “Update” button, and a file downloads. The trick is that you’re told to open it by right-clicking and choosing “Open” from the menu. Doing this skips Gatekeeper, the Mac’s guard against shady apps, letting the malware slip in.
Stay Safe Out There
Stick to the basics to keep your Mac safe. Don’t click links in unexpected emails. For important websites, use bookmarks you’ve saved yourself. Only grab software from the Mac App Store or trusted developers’ sites. A little care goes a long way!