The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready ...

North Korean hackers used AppleScript and ClickFix in recent attacks targeting macOS systems at financial organizations.

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic Stealer. ClickFix malware campaigns are evolving again, with threat actors ...

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest protections and streamlines the attack.

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...

An ongoing malware campaign is using Apple's Script Editor instead of the Terminal to inject the Atomic Stealer data thief onto Macs.

A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade ...

ClickFix on Macs is evolving yet again and is no longer abusing Terminal.

When a victim clicks an “Execute” button, the site calls the applescript:// URL scheme, prompting the browser to open Script Editor with malicious code already filled in. That removes the need for the ...

Command-line interfaces are having a moment, and the great MacWhisper transcription app is here for it. MacWhisper CLI has ...

In a small but very welcome move, Apple has added a message in Terminal in macOS 26.4 that warns when a user tries to paste an instruction that might be malware. Usually the danger comes from either ...