Category: Uncategorized

A number of people are feared to have been killed and injured in Nigeria after an explosion in a mosque in Borno state.

Eyewitnesses said the blast in the Gamboru market of Maiduguri, the state capital, happened during evening prayers. One report suggests seven people were killed, but there has been no official confirmation of any casualties.

Unverified footage on social media appears to show the aftermath of the explosion, with people stood in a market area with dust particles in the air.

No group has admitted carrying out the attack, but militants have previously targeted mosques and crowded places in the area with suicide and improvised explosive device (IED) attacks.

Maiduguri has been central to an insurgency by the militant Islamist group Boko Haram and its offshoot Islamic State West Africa Province.

Military operations by Boko Haram to create an Islamic caliphate in Borno state began in 2009.

Security measures against the group have failed to prevent sporadic attacks against civilians in north-east Nigeria.

Dec 24, 2025Ravie LakshmananMalware / Endpoint Security

Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple’s Gatekeeper checks.

“Unlike earlier MacSync Stealer variants that primarily rely on drag-to-terminal or ClickFix-style techniques, this sample adopts a more deceptive, hands-off approach,” Jamf researcher Thijs Xhaflaire said.

The Apple device management firm and security company said the latest version is distributed as a code-signed and notarized Swift application within a disk image (DMG) file named “zk-call-messenger-installer-3.9.2-lts.dmg” that’s hosted on “zkcall[.]net/download.”

The fact that it’s signed and notarized means it can be run without being blocked or flagged by built-in security controls like Gatekeeper or XProtect. Despite this, the installer has been found to display instructions prompting users to right-click and open the app – a common tactic used to sidestep such safeguards. Apple has since revoked the code signing certificate.

The Swift-based dropper then performs a series of checks before downloading and executing an encoded script through a helper component. This includes verifying internet connectivity, enforcing a minimum execution interval of around 3600 seconds to enforce a rate limit, and removing quarantine attributes and validating the file prior to execution.

“Notably, the curl command used to retrieve the payload shows clear deviations from earlier variants,” Xhaflaire explained. “Rather than using the commonly seen -fsSL combination, the flags have been split into -fL and -sS, and additional options like –noproxy have been introduced.”

“These changes, along with the use of dynamically populated variables, point to a deliberate shift in how the payload is fetched and validated, likely aimed at improving reliability or evading detection.”

Another evasion mechanism used in the campaign is the use of an unusually large DMG file, inflating its size to 25.5 MB by embedding unrelated PDF documents.

The Base64-encoded payload, once parsed, corresponds to MacSync, a rebranded version of Mac.c that first emerged in April 2025. MacSync, per MacPaw’s Moonlock Lab, comes fitted with a fully-featured Go-based agent that goes beyond simple data theft and enables remote command and control capabilities.

It’s worth noting that code-signed versions of malicious DMG files mimicking Google Meet have also been observed in attacks propagating other macOS stealers like Odyssey. That said, threat actors have continued to rely on unsigned disk images to deliver DigitStealer as recently as last month.

“This shift in distribution reflects a broader trend across the macOS malware landscape, where attackers increasingly attempt to sneak their malware into executables that are signed and notarized, allowing them to look more like legitimate applications,” Jamf said.

US authorities have discovered more than a million more documents potentially related to the late paedophile Jeffrey Epstein that they plan to release in the coming days and weeks, officials say.

The US Attorney for the Southern District of New York and the FBI have informed the Department of Justice (DoJ) about the discovery and turned over the documents for lawyers to review.

“We have lawyers working around the clock to review and make the legally required redactions to protect victims, and we will release the documents as soon as possible,” the DoJ said on social media on Wednesday.

The department said that given the volume of material, the process could take “a few more weeks”.

The agency said it would “continue to fully comply with federal law and President Trump’s direction to release the files”.

The statement did not specify how the FBI and New York prosecutors came across the additional material.

The news comes after the justice department released thousands of documents last week – some heavily redacted – related to their investigations into Epstein.

The files were released after Congress passed the Epstein Files Transparency Act – signed into law by US President Donald Trump – that ordered the agency to share all the documents with the public while protecting victims’ identities.

Many of the documents released last week had names and other information blacked out, including names of people who the FBI appears to cite as possible co-conspirators in the Epstein case.

The justice department has faced criticism from lawmakers on both sides of the aisle over the amount of redactions in its files, which the law only permits in the case of protecting victims’ identities and active criminal investigations.