macos apps | Breaking Cybersecurity News | The Hacker News

A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app—one of the most popular open source replacements for Mac's built-in terminal app. Tracked as CVE-2019-9535 , the vulnerability in iTerm2 was discovered as part of an independent security audit funded by the Mozilla Open Source Support Program (MOSS) and conducted by cybersecurity firm Radically Open Security (ROS). "MOSS selected iTerm2 for a security audit because it processes untrusted data, and it is widely used, including by high-risk targets (like developers and system administrators)," Mozilla says. According to a blog post published today by Mozilla, the RCE flaw resides in the tmux integration feature of iTerm2, which, if exploited, could allow an attacker to execute arbitrary commands by providing malicious output to the terminal. As shown in the video demonstration, potential attack vectors for this vulnerability include connecting

Apple is making it easier for mobile developers to port their iOS apps to the next-generation macOS Mojave desktop platform—a major step in bringing the two platforms closer together. However, at the same time, the company straightforward denied the idea of merging the iPhone and Mac operating systems into one platform, which was being speculated for years. So, Apple made it clear that iOS and macOS will continue to be separate products. Rumors of iOS apps coming to the Mac have been around since 2017, and yesterday at Apple's WWDC 2018 event, Apple senior vice president of software engineering Craig Federighi just confirmed this while concluding his keynote. Though iOS and macOS share similar underlying frameworks, both are separate operating systems with their own separate software libraries, called UIKit used by iOS and AppKit used by macOS, which have made porting iOS apps to Mac difficult, said Federighi. "iOS devices and macOS devices of course are different

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a