MacTech

ClickFix attack uses Script Editor instead of Terminal on macOS

Jamf Threat Labs has discovered a ClickFix-style macOS attack that abuses the applescript:// URL scheme to launch Script ...

Mac users beware — experts say this attack stood out immediately by making a major change

ClickFix on Macs is evolving yet again and is no longer abusing Terminal.
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...

"ClickFix" attacks on macOS now also via Script Editor

An ongoing malware campaign is using Apple's Script Editor instead of the Terminal to inject the Atomic Stealer data thief onto Macs.
Tidbits

macOS 26.4’s Script Editor Won’t Open Some Older AppleScripts

Shortly after the release of macOS 26.4 Tahoe (see “ OS 26.4 Adds AI-Generated Playlist Playground, Separates Family Sharing Purchases,” 25 March 2026), several TidBITS Talk users began reporting ...
TidBITS

#1797: OS 26.4 updates, Mac Pro discontinued, Script Editor issues in macOS 26.4, Input Source-related login failures, US router ban

Apple has discontinued the Mac Pro with no replacement planned. The move ends a 20-year run for Apple’s most expandable desktop, though the Mac Studio and Thunderbolt 5 have made its PCIe-based ...