There are two new reports of Mac malware in the wild, with the first of them set to be blocked by an update expected this week.Theres no word yet on a fix for the second, but youd have to be a pretty naive Mac user to fall for it Mac malware exploits Parallels vulnerabilityMacworld reports that the first was publicly revealed by security researcher Mickey Jin after he spent seven months trying to get Parallels to fix it. The exploit involves Parallels, the virtual machine that allows the Mac to run Windows, Linux, and older versions of macOS. The vulnerability is on Intel Macs running Parallels and allows an attacker to gain root access by exploiting holes in the Parallels VM creation routine.Admittedly it wasnt a major threat, as an attacker would need physical access to your Mac to apply it, but the company has now said it will plug the hole this week.Parallels has posted aknowledgebase articleabout the flaw, stating that Parallels Desktop 20.2.2 and Parallels Desktop 19.4.2, which will include fixes, will be issued within this week.FrigidStealerA second example, FrigidStealer, can be remotely exploited, and it aims to steal your passwords. However, only a naive Mac user would fall for it, as youd have to first be fooled into clicking on a link and then follow instructions to bypass Gatekeeper.The attack occurs when a user gets an email containing a URL, and when the user opens it, a webpage launches with an alert stating that the browser needs to be updated. When the Update button is clicked, an installer is saved to the Mac, and the user is instructed to open it by Control-clicking on the app icon and selecting Open from the pop-up menu. Opening the file this way bypasses Gatekeeper, macOSs built-in security that checks for malicious apps. This then installs the malware.The usual safety precautions apply. Never click on a link you werent expecting, and for sensitive sites always access using your own bookmarks. Only install software from the Mac App Store or from the websites of developers you trust.Photo byPhilipp KatzenbergeronUnsplashAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel