All news with #hackbrowserdata tag

XCSSET Evolves: New Clipboard, Firefox, Persistence Modules

🔍 Microsoft Threat Intelligence describes a new XCSSET variant that infects Xcode projects and expands capabilities to include clipboard hijacking, Firefox data theft, and additional persistence via LaunchDaemon entries. The actor uses run-only compiled AppleScripts, AES-based encryption, and layered obfuscation to evade analysis. A bnk submodule monitors and can replace wallet addresses in the clipboard while a new Mach-O binary targets Firefox data. Organizations are advised to patch promptly, inspect Xcode project sources, and deploy Microsoft Defender for Endpoint.