Yesterday Apple released OS X 10.11 El Capitan to end users.
Patrick Wardle, director of research at security firm Synack, has discovered a worryingly simple way to bypass OS X's Gatekeeper defense mechanism: just bundle up a legitimate Apple-signed app with a malicious, unsigned one placed in the same directory, and wrap it all up in an Apple disk image file.
Malwarebytes researcher Adam Thomas has made an interesting discovery: an adware installer created by Genieo, a well-known distributor of unwanted software, is taking advantage of an OS X feature to access information stored in the "Safari Extension List" in the users' keychain.
Italian security researcher Luca Todesco has published PoC exploit code for a newly discovered zero-day privilege escalation flaw affecting OS X Yosemite (v10.10) and Mavericks (v10.9).
Apple has pushed out updates for OS X Yosemite, OS X Server, iOS and Safari, fixing a bucketload of critical and less critical vulnerabilities.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.