New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
Windows Report

Microsoft Warns of macOS Attack Using Fake Job Interviews and AppleScript Malware

Microsoft reveals a targeted macOS attack using fake job interviews and AppleScript malware to steal credentials and sensitive data.

Mac Script Editor becomes new entry point for ClickFix malware

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...

New WhatsApp malware campaign uses renamed Windows tools to evade detection

Microsoft warns users that multi-stage malware exploits trusted messaging apps to steal information and run hidden system ...

Mac users beware — experts say this attack 'stood out immediately' by making a major change

ClickFix on Macs is evolving yet again and is no longer abusing Terminal.
Arabian Post

Script Editor becomes Mac malware gateway

When a victim clicks an “Execute” button, the site calls the applescript:// URL scheme, prompting the browser to open Script Editor with malicious code already filled in. That removes the need for the ...
Infosecurity Magazine

Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings

OS 26.4 update introduced security warnings into Terminal to prevent ClickFix attacks, so attackers have shifted to Script ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...

"ClickFix" attacks on macOS now also via Script Editor

An ongoing malware campaign is using Apple's Script Editor instead of the Terminal to inject the Atomic Stealer data thief onto Macs.