Legacy app whitelist can be abused to bypass latest macOS security defenses, expert warns

Three words to ruin an Apple engineer’s day: ‘Patrick Wardle disclosure’ Malware can bypass protections in macOS Mojave, and potentially access user data as well as the webcam and mic – by exploiting a hole in Apple’s legacy app support.… The Register – Security

Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware

Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. […] BleepingComputer