Mac Users Spied On with Microsoft Apps

April 11, 2025

No one likes the idea that their device may be watching them. And now, Apple recently revealed that could be the case with their MacOS users. It was discovered hackers are spying on Mac users through certain Microsoft apps and potentially overtaking their device. All Mac fans should know what’s going on with this latest security vulnerability.

The cybersecurity pros at Cisco Talos found eight vulnerabilities in various popular Microsoft apps including Word, Outlook, and PowerPoint. The problem is, hackers are injecting malware into the apps with malicious code that gives access to user-given permissions. That access lets them use the app’s camera and microphone, send emails from the victims account, access sensitive information, and escalate their privileges. With all of this going on, hackers can ultimately take over a device.

Phishing with Your Name

When a hacker accesses a device through the Microsoft apps, they can send emails from the stolen accounts in the victim’s name, making it difficult, if not impossible for the recipient to tell if it’s real or if it’s Memorex. And when it comes to emails from people we know, we’re more likely to open them and click on links or attachments—especially when compared to emails from strangers or spam emails. Knowing this, sending phishing emails using a hijacked name gives hackers a big advantage getting infected links and attachments opened.

Giving permissions to an app should be carefully considered, especially when it comes to what the app needs to function. With Microsoft Word, most users don’t need to access the camera and microphone, so it doesn’t make sense to grant the permissions. And now knowing the security risk some Microsoft’s apps have, it may not make sense to do it at all.

Microsoft says they’ve released updates for increased protection, reminding users to keep their software updated. You can access permissions through the app’s preferences, so it would help to take a look and see what you’ve agreed to, and what you can change for better security.

Scams & Phishing

Mac Users Targeted by Poseidon's Trident

Mac users are in the crosshairs again. Recently, a new campaign distributing malware targeting them via malicious Google ads for the Arc browser was observed and reported by Malwarebytes. This is the second such instance in recent months, highlighting Arc's growing use in the Mac world. Cybercriminals are riding the Arc popularity wave and pointing their cyber-trident right at MacOS users. This latest campaign involves a macOS stealer, branded as "Poseidon." READ FULL STORY

Mobile Security

Overlays For Androids For Criminal Convenience

Android Overlays are a powerful feature in the Android operating system. Theses allow apps to display content over other apps or over the system user interfaces. Ultimately this results in the user experience being more, well, user-friendly. So why is it important? This is useful in many ways, such as for displaying persistent notifications, those cheeky Android chat heads that float around the screen, or for using accessibility features. But those handy capabilities can also be misused by cybercriminals to create deceptive interfaces, tricking you. READ FULL STORY

Mobile Security

53% In U.S. Use Digital Wallets, But Are They Safe?

Digital wallets became a preferred way of paying for purchases since the coronavirus outbreak put them on the map. This easy way of making touch-free, germ-free payments morphed into the method of choice for 53% of shoppers in the U.S., according to a Forbes Advisor survey. But storing credit and other payment cards in a digital wallet raises concerns about the security of these payment apps. Let’s take a closer look so you can decide if using these, such as Apple Pay or Google Pay are a good choice for you. READ FULL STORY

Your Security

Bootleg Apple Software Hides Cryptomining Malware On Macs

For those keeping up with technology news, it’s not often Macs make hacking headlines. And for those who are simply Mac lovers, it’s not wise to think hacks happen only to Androids since both are vulnerable. A recent finding linking bootleg Apple software, malware, and cryptomining is a lesson all users can learn from. After all, a successful attack on Macs can end up targeting Androids, too. Security researchers at Jamf Threat Labs found a bootleg version of Final Cut Pro Apple software hiding cryptomining malware. READ FULL STORY

Mobile Security

Digital Wallet Security — Learn Before You Leap

It wasn’t long before the success of digital wallets led to the same idea for storing your sensitive information. But there’s a big difference between storing credit cards versus storing your driver’s license, passport, and other sensitive, personal info. After all, it’s uber-convenient keeping this information in one “identity” wallet. The reality is, the risks can outweigh the rewards and any cybercriminal can tell you that — or would they? READ FULL STORY

Email Address

Create a new Verification Phrase Enter any word or words you like.
The email newsletter will arrive from news@stickleyonsecurity.com Please wait...