Tech

Apple Warns of Two macOS Zero-Day Vulnerabilities

Apple has issued a critical security advisory after uncovering and addressing two Mac-OS zero-day vulnerabilities actively exploited in the wild. The vulnerabilities, identified as CVE-2024-44308 and CVE-2024-44309, affect macOS Sequoia and were patched in the latest update, macOS Sequoia version 15.1.1. These exploits underscore the growing cybersecurity threats targeting macOS devices, particularly as their adoption in corporate and personal environments continues to rise.

The vulnerabilities were discovered by Clément Lecigne and Benoît Sevens, researchers from Google’s Threat Analysis Group (TAG). Apple has credited them for their role in identifying these flaws, which highlight a growing trend of threat actors focusing on macOS as a target for sophisticated attacks.

The Mac-OS zero-day Exploitation

What Are the macOS Sequoia Vulnerabilities?

Apple has described the two vulnerabilities and their potential impact:

CVE-2024-44308: This vulnerability resides in JavaScriptCore, the engine that powers web content in macOS. Exploitation of this flaw allows arbitrary code execution, enabling attackers to take control of an affected system. The exploit is triggered when a user interacts with a malicious webpage, making this a particularly dangerous vulnerability for users who browse the web without additional protections.

CVE-2024-44309: Found in WebKit, the core engine for Safari and other Apple applications, this vulnerability enables cross-site scripting (XSS) attacks. Exploiting this flaw, attackers can inject malicious scripts into trusted websites, potentially stealing sensitive information or compromising user sessions. Apple identified the root cause as a cookie-related issue and resolved it by improving state management.

Both vulnerabilities are confirmed to have been exploited in the wild, particularly targeting Intel-based Mac systems, though Apple has not disclosed specific details about the attack campaigns.

Apple Pay, Cash App, and Other Digital Wallets Face Bank-Like Regulations

Patches and Affected Versions

Apple has rolled out patches across its ecosystem to address these vulnerabilities. The updates include:

macOS Sequoia 15.1.1

Safari 18.1.1
iOS 17.7.2 and 18.1
iPadOS 18.1

visionOS 2.1

Apple urges users and organisations to update their devices immediately to mitigate the risk of exploitation.

The Mac-OS zero-day Exploitation

macOS: A New Focus for Cyber Threats

macOS has long enjoyed a reputation as a secure platform, leading many users to believe it is immune to malware and cyberattacks. However, 2024 has shattered this myth, with a sharp rise in macOS-targeted attacks.

What’s Driving the Surge in macOS Threats?

Increased Adoption: More organisations are deploying macOS devices for their workforce, making them attractive targets for cybercriminals.
Sophisticated Threat Actors: Advanced persistent threat (APT) groups, such as Lazarus Group, have shifted their focus to macOS, particularly targeting sectors like cryptocurrency and finance.

Rising Malware Variants: Security researchers have identified a surge in macOS-specific malware, including Atomic Stealer, Poseidon Stealer, and Cthulhu Stealer.

In a recent blog post, Trellix researchers highlighted how threat actors are adapting to exploit macOS vulnerabilities, particularly as corporate usage grows. They noted that threat actors are even using valid Apple developer accounts to notarise their malware, bypassing macOS’s built-in security protections.

Insights from the Cybersecurity Community

Cybersecurity experts have weighed in on the significance of these developments:

Laura Brosnan, a senior information security specialist at Red Canary, emphasised the urgency of addressing misconceptions about macOS security:“Many people still hold the belief that macOS is immune to malware—a dangerous misconception. However, 2024 has shattered that illusion.”
Researchers at SentinelOne observed that North Korea-affiliated threat actors are actively targeting macOS, particularly organisations in the cryptocurrency sector. Their analysis revealed a troubling trend: attackers are manipulating legitimate Apple developer accounts to bypass security measures.

Protecting macOS Users from Emerging Threats

With macOS under increasing attack, both individual users and organisations need to take proactive steps to safeguard their systems:

Update All Devices Immediately: Ensure that macOS Sequoia, Safari, and all other Apple devices are updated to the latest versions. Updates include critical patches for the vulnerabilities described above.
Implement Advanced Security Solutions: Use endpoint protection tools to detect and mitigate malware threats.
Educate Teams on Security Risks: Organisations should conduct training sessions to inform employees about the rising risks of macOS-targeted malware.

Adopt Additional Security Layers: Implement firewalls, sandboxing tools, and multi-factor authentication (MFA) to reduce attack surfaces.
Monitor System Activity: Regularly review logs and system activity to identify unusual behaviour that might indicate a breach.

The Road Ahead for macOS Security

Apple’s swift response to these vulnerabilities demonstrates its commitment to addressing emerging threats, but it also highlights the need for vigilance among users and organisations. As macOS adoption continues to grow, so too will the interest of cybercriminals in exploiting the platform.

The increasing sophistication of attacks, coupled with the perception of macOS as a secure system, creates a dangerous scenario where users may underestimate risks. By staying informed, applying updates promptly, and adopting robust security practices, users can significantly reduce their exposure to these threats.

For more updates on technology and cybersecurity in the UAE, visit What’s Hot in UAE.

Up Next

Snap’s AR Spectacles Take On Meta’s Orion

Don't Miss

What’s Special About iOS 18.2? Apple’s Latest Features Unveiled

Tech

How to Hide Files and Folders on macOS

Keeping your private files secure on a Mac is essential, especially when you share your device with family or friends. While macOS has built-in security features like password protection, Touch ID, and Apple Watch authorization, there’s always a chance that someone might stumble upon sensitive files while browsing through your system. We look into How to Hide Files on macOS.

Fortunately, macOS provides several ways to hide files and folders, ensuring that your personal data remains out of sight. Whether you use Finder, Terminal, or third-party encryption software, here’s how to keep your data private on macOS.

Method 1: Hide Files and Folders Using Finder

macOS allows you to hide files and folders by renaming them with a period (.) at the beginning of the file name. However, before you start hiding files, you’ll need to enable visibility for hidden files so you can see what’s already concealed.

Step 1: View Hidden Files in Finder

🔹 Press Shift + Cmd + . (period) in Finder.
🔹 Hidden files and folders will appear faded but visible.

Step 2: Hide a File or Folder in Finder

1️⃣ Select the file or folder you want to hide.
2️⃣ Click on the name to edit it.
3️⃣ Add a period (.) at the beginning of the name.
4️⃣ Press Enter, then select Use Dot to confirm.

🔹 The file or folder will remain visible but faded. To fully hide it, press Shift + Cmd + . (period) again.

Step 3: Unhide Files in Finder

🔹 Rename the file or folder removing the period.
🔹 Restart Finder by opening Terminal and typing:

bashCopyEditkillall Finder

🔹 Press Enter to apply the changes.

Method 2: Hiding Files Using Terminal

If you prefer not to rename files manually, macOS Terminal provides a command-based method to hide and unhide files.

Step 1: Hide a File or Folder

1️⃣ Open Terminal (Cmd + Space, type “Terminal,” and press Enter).
2️⃣ Type the following command:

bashCopyEditchflags hidden

3️⃣ Drag the file or folder you want to hide into the Terminal window (this automatically adds the file path).
4️⃣ Press Enter to hide it.
5️⃣ Restart Finder using:

bashCopyEditkillall Finder

🔹 The file is now hidden.

Step 2: Unhide a File or Folder

1️⃣ Open Terminal and enter:

bashCopyEditchflags nohidden

2️⃣ Drag the hidden file or folder into Terminal and press Enter.
3️⃣ If the file remains hidden, press Shift + Cmd + . (period) to reveal it in Finder.

🔹 Note: This method is quick and easy but not entirely secure—anyone familiar with macOS can still reveal hidden files.

Method 3: Using Third-Party Software for Extra Security

If you need stronger protection than Finder or Terminal, consider third-party tools that offer password-protected file encryption.

1️⃣ Funter (Basic File Hiding Tool – Free)

Funter is a menu bar utility that allows you to hide and unhide files with a single toggle switch.

🔹 Key Features:
✔️ Quickly hide/unhide files from the menu bar.
✔️ Search for hidden files on your Mac.
✔️ Works similarly to the Shift + Cmd + . shortcut but with a simpler interface.

🔹 Limitations:
❌ Files can still be revealed without a password, meaning it’s not a fully secure solution.

2️⃣ Encrypto (Password-Protected File Encryption – Free)

For maximum security, Encrypto allows you to encrypt and lock files with a password.

How to Use Encrypto to Secure Files on macOS

1️⃣ Download and install Encrypto.
2️⃣ Open the Encrypto app.
3️⃣ Drag and drop the file or folder you want to hide into the app.
4️⃣ Enter a password to encrypt the file.
5️⃣ Click Encrypt to lock it.
6️⃣ Save the encrypted file anywhere on your system.

🔹 To decrypt the file, simply double-click it, enter the password, and retrieve your data.

💡 Pro Tip: For extra security, use Finder or Terminal to hide the Encrypto-protected file so that even if someone finds it, they won’t be able to open it without the password.

Final Thoughts: Which Method Should You Use?

🔹 If you just want to temporarily hide files, use Finder or Terminal.
🔹 If you need quick access to hidden files, try Funter.
🔹 If you require serious security and password protection, Encrypto is the best option.

By following these methods, you can effectively hide and secure your files on macOS, ensuring your privacy remains intact. Whether you’re protecting personal documents, sensitive work files, or private media, macOS offers multiple ways to keep your data safe from prying eyes.

Tech

Akai And Native Instruments Collab for MPC 3

Native Instruments has just made a groundbreaking announcement at NAMM 2025, unveiling its Native Kontrol Standard (NKS) Hardware Partner Program. Designed to streamline and enhance music production, this initiative bridges the gap between hardware and software, offering music producers unparalleled creative possibilities. Major industry players like Akai Professional, Novation, Nektar, Korg, and M-Audio have joined the program, ensuring seamless integration of their renowned controllers with Native Instruments’ software ecosystem.

Akai And Native Instruments MPC 3 Collection — Akai MPC 3 Collection of Instruments

This marks a significant evolution for Native Instruments’ vision of creating an open and connected platform for music creators. With over 2,000 NKS-compatible instruments and effects from 250+ brands, producers now have access to a diverse and premium library of sounds—all at their fingertips.

Pioneering a Unified Music Production Ecosystem

At the core of this development is the Native Kontrol Standard (NKS), a technology that unifies virtual instruments, effects, and hardware. This integration allows music makers to bypass complex setups, delivering an intuitive workflow that keeps their focus squarely on creativity.

Simon Cross, Chief Product Officer at Native Instruments, underscores the collaborative spirit of this expansion, stating:

“This expansion highlights the impact of collaboration. It marks an important milestone in our mission to provide musicians with an open, connected platform, making professional-grade tools, instruments, and technology more accessible to creators everywhere.”

What the NKS Hardware Partner Program Offers

The NKS Hardware Partner Program enables basic integration for partner controllers, giving users access to Native Instruments’ Komplete Kontrol desktop software. With this, musicians can fully explore the 2,000+ NKS-compatible instruments and effects library. Supported hardware now benefits from:

Intuitive Mappings: Supported controllers offer plug-and-play functionality, allowing hands-on control without the need for extensive configuration.

Future-Ready Features: The program sets the stage for advanced functionality in upcoming products, ensuring creators remain at the forefront of innovation.
Streamlined Workflows: Producers can stay immersed in their music-making process without unnecessary distractions.

Akai And Native Instruments Expansion Packs Are Available Now.

Industry Leaders Joining the NKS Ecosystem

The partnership with Akai Professional, Novation, Nektar, Korg, and M-Audio is a game-changer for music production. Here’s how each brand’s hardware integrates with NKS:

Akai Professional:
The MPK Mini Series (MPK Mini, MPK Mini Play, and MPK Mini Plus) now features NKS compatibility, bringing Akai’s widely loved compact controllers into the Native Instruments fold.
Novation:
NKS integration enhances the Launchkey MK3 and MK4, FLkey, and SL MK3 controllers, expanding their already exceptional DAW workflows. The addition of NKS compatibility means creators can now combine Novation’s ease of use with Komplete Kontrol’s powerful sound library.
Nektar:
The LX MK3 Series gains velocity-sensitive NKS functionality, enabling producers to enjoy expressive control and streamlined creative workflows.

Korg:
With MIDI 2.0-ready Keystage controllers, Korg brings its signature innovation into the NKS ecosystem. These controllers cater to both live performers and studio producers, offering advanced sound design possibilities.
M-Audio:
The Oxygen Series keyboards now boast NKS integration, empowering music makers with cutting-edge tools for studio and stage performances alike.

akai x ni 1 — Akai And Native Instruments

Why This Matters

For producers, this expansion eliminates the frustration of incompatible hardware and software. By integrating their favourite controllers with Native Instruments’ Komplete Kontrol platform, music makers gain a seamless and expressive workflow that fosters creativity and innovation. The addition of industry-leading hardware ensures that the NKS ecosystem continues to set the standard for music production.

What’s Next for Native Instruments?

This launch is just the beginning. Native Instruments has hinted at upcoming advanced features and hardware updates within the NKS framework, promising even greater possibilities for musicians. As the ecosystem grows, users can expect enhanced tools to further connect their creative processes.

Explore the future of music production with Native Instruments and its NKS Hardware Partner Program.
Read more in our online magazine: 😎
https://whatshotinuae.com

Tech

Blockchain Beyond Bitcoin: How the UAE is Using Crypto in Real Estate and Fashion

Blockchain technology has become synonymous with cryptocurrencies like Bitcoin, but its potential stretches far beyond digital currencies. The UAE has embraced blockchain’s versatility, pioneering its use in sectors such as real estate and fashion. These innovative applications are transforming industries, enhancing transparency, and redefining how businesses operate in the digital age. Crypto in Real Estate and Fashion is here to stay.

Revolutionising Real Estate with Blockchain

In the UAE, blockchain is redefining the real estate sector by introducing property tokenisation. This process divides real estate assets into digital tokens, allowing fractional ownership that can be traded seamlessly on blockchain platforms. By lowering entry barriers, property tokenisation makes real estate investment more accessible, even to those with limited capital.

One standout player in this arena is Propchain, a UAE-based company tackling issues like high transaction costs and liquidity constraints in traditional property markets. Their blockchain-based solutions allow investors to trade tokens representing portions of real estate assets, bringing unprecedented flexibility to property transactions.

Dubai Land Department (DLD) has also been instrumental in integrating blockchain technology. It uses a decentralised database to record property transactions, lease registrations, and contracts. This approach eliminates intermediaries, reduces fraud, and provides an unparalleled level of transparency for buyers and sellers alike. By streamlining these processes, blockchain not only saves time but also builds trust among stakeholders in the real estate industry.

Crypto in Real Estate and Fashion in the UAE

Transforming Fashion with Blockchain

Blockchain’s impact isn’t confined to real estate; the technology is making waves in the fashion industry too. Leading the charge is the Aura Blockchain Consortium, a global alliance of luxury brands including Dior, Prada, and Cartier. This initiative provides digital identities for luxury goods, ensuring authenticity and traceability throughout the product’s lifecycle.

Through blockchain, consumers can access detailed information about a product’s origin, including the materials used, ethical sourcing, and sustainability practices. This level of transparency is crucial in combating counterfeit goods and aligns with the increasing demand for ethical fashion choices.

Blockchain’s use in fashion is also shaping the resale market for luxury goods. By guaranteeing authenticity and verifying ownership history, blockchain enhances consumer confidence, thereby boosting the value of pre-owned items. This innovation aligns perfectly with the UAE’s luxury retail market, which thrives on trust and exclusivity.

Blockchain’s Wider Implications

Blockchain adoption in the UAE reflects the country’s forward-thinking approach to technology. Beyond real estate and fashion, the nation is exploring blockchain’s potential in healthcare, education, and even public services. These initiatives are part of the UAE’s broader vision to become a global leader in blockchain technology, as evidenced by the Dubai Blockchain Strategy.

The UAE’s openness to blockchain innovation fosters a vibrant digital economy. The government’s regulatory frameworks, combined with a strong focus on infrastructure and technology, provide an ideal environment for blockchain to flourish. The UAE’s push for blockchain adoption not only strengthens its position as a global business hub but also inspires other nations to explore the transformative potential of this technology.

The Future of Blockchain in the UAE

By integrating blockchain into real estate and fashion, the UAE demonstrates how this technology can enhance efficiency, transparency, and accessibility across industries. The use of blockchain in these sectors is just the beginning; its potential applications are boundless, promising further innovation in the years to come. Whether it’s reshaping property investments or redefining luxury goods, blockchain is set to remain a cornerstone of the UAE’s digital transformation.