Lazarus releases Mach-O Man for macOS to steal keychain data and wallet credentials, targeting crypto executives via ClickFix pop-ups and compromised Telegram meetings. Abstract: The article reports that the Lazarus-linked Mach-O Man malware targets macOS to exfiltrate keychain data, browser credentials, and login sessions to access cryptocurrency wallets and exchange accounts. Distribution relies on ClickFix social engineering and compromised Telegram accounts directing victims to fake meeting links. The piece ties the operation to the April 20 Kelp DAO hack and identifies TraderTraitor as Lazarus-affiliated, noting rsETH movement across blockchains via LayerZero’s OFT standard.

Tools for Humanity launched World ID 4.0, enhancing its biometric verification system with key rotation and tiered options. With 18 million users, it integrates with Tinder and Zoom. The company supports expansion through funding, despite a 97% decline in WLD token value.

Zoom has partnered with Sam Altman's World to launch a feature detecting real participants versus AI deepfakes during video calls. This aims to combat increasing deepfake fraud, with verification options for hosts and participants.

World, a company co-founded by Sam Altman, announced new integrations with platforms like Zoom and Tinder, enhancing its World ID verification system. The upgraded protocol allows apps to use tiered identity checks, with 17.9 million users globally.

Canva AI 2.0 transforms Canva from a design tool to a comprehensive work operations platform. It uses generative AI to streamline workflows, enabling users to create and edit designs via natural language, automate tasks, and integrate with various applications.

Gate News: According to the latest Gate TradFi data, ZM (Zoom) has surged by 2% in a short period. Current volatility is significantly higher than recent averages, indicating increased market activity.

网络安全研究人员揭露了一种名为“ClickFix”的加密货币攻击手段，黑客伪装成投资公司，通过社交平台诱导用户点击恶意链接，从而劫持设备并窃取加密钱包数据。该攻击利用社会工程学，绕过传统安全防护机制，影响多个行业，风险显著上升。

Foresight News 消息，据 CertiK 监测，隐私游戏 项目 FOOMCASH 的彩票合约发生一起漏洞利用事件（或白帽救援行动），涉及金额约 180 万美元。漏洞根源可能是其 Groth16 验证器的设置，使得攻击者能够在所有其他输入都相同的情况下反复收集 ZOOM 代币。

Mandiant发现朝鲜关联的UNC1069威胁组织加大对加密货币和金融科技公司的攻击，使用七种恶意软件，包括SILENCELIFT等，通过伪造视频和入侵的Telegram账户诱骗受害者，窃取敏感数据和数字资产。