A new security threat targeting Mac OS X users has been discovered disguising itself as anti-malware application “MACDefender” (which is in no way affiliated with MacDefender, creators of popular geocaching software). The malware makes use of Safari’s feature which automatically opens files which it deems “safe” after a download, triggered through JavaScript which automatically downloads the file once you visit the malicious web page.

Reports of a new security issue in both the Mac and Windows versions of Safari are stating that there is a “hole” in how Safari handles RSS feeds, which could potentially allow an attacker to capture a user’s personal information, cookies, passwords, etc. through a malicious web page. The discovery of this new vulnerability can be credited to Brain Mastenbrook, who is known for discovering many previous vulnerabilities in Mac OS X.