Medium CVSS: MEDIUM report

New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

Tracked since May 6, 2026
threat-report

CVSS Breakdown

6
CVSS Base Score
MEDIUM
Attack Vector
N/A
Requires physical access to exploit.
CIA Impact
Confidentiality N/A
Integrity N/A
Availability N/A

Insurance Impact Assessment

🛡️
Moderate Impact

Medium-severity vulnerabilities generally have limited direct impact on coverage, but accumulations of unpatched medium findings can influence underwriting decisions.

Threat report published 2025-03-11T17:34:54.928Z. Types: threat-report. Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects. This latest version features enhanced obfuscation methods, updated pers

Assess your exposure

Is your organization vulnerable? Run a free domain exposure scan to check.

Scan Your Domain → Broker Scorecard

Related Threats

Twitter Feed - MichalKoczwara - 07-03-2025
CVSS 6 medium
Malware Filter - Phishing List - 07-03-2025
CVSS 6 medium
When Data Tools Become Dangerous: MS Power BI Links Used in Phishing Campaigns
CVSS 6 medium
SmokeLoader Malware Targets Ukraine's Auto & Banking Sectors via Open Directories
CVSS 6 medium
Not-so-SimpleHelp exploits enabling deployment of Sliver backdoor
CVSS 6 medium
← Back to Threat Feed