Apple released emergency updates for all platforms (iOS, macOS, etc.) to fix two WebKit zero-day flaws being actively exploited in sophisticated attacks.
Action:Apply all available iOS, iPadOS, macOS, and Safari security updates now.
A new campaign uses seemingly benign OSINT or GPT utility GitHub repositories to silently deliver the PyStoreRAT JavaScript-based Remote Access Trojan.
Action:Audit developer environments and exercise extreme caution when cloning unknown Python/OSINT GitHub repos.