AppleScript Archives • Daily CyberSecurity

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords ClickFix macOS Terminal Infostealer

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords

Do Son April 23, 2026

A sophisticated cross-platform social engineering campaign, dubbed ClickFix, has evolved to target macOS users with a relentless...

Beyond Gatekeeper: How Sapphire Sleet’s AppleScript Trap Hijacks macOS and Crypto Wallets Sapphire Sleet macOS TCC Bypass Malware

Beyond Gatekeeper: How Sapphire Sleet’s AppleScript Trap Hijacks macOS and Crypto Wallets

Do Son April 21, 2026

In a sophisticated shift away from traditional software exploitation, the North Korean state-sponsored threat actor Sapphire Sleet...

The Script Editor Shift: How ClickFix Evades macOS 26.4 Security to Deliver Atomic Stealer ClickFix macOS Script Editor Attack

The Script Editor Shift: How ClickFix Evades macOS 26.4 Security to Deliver Atomic Stealer

Do Son April 13, 2026

In the ever-evolving game of digital cat-and-mouse, Jamf Threat Labs has identified a clever adaptation of the...

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

Do Son February 9, 2026

Mac users, often confident in the “walled garden” security of their devices, are facing a new threat...

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets GlassWorm Wave 4, macOS Supply Chain Attack

GlassWorm Wave 4, macOS Supply Chain Attack

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets

Do Son January 6, 2026

The resilient “GlassWorm” threat actor, known for embedding malicious code into Visual Studio Code extensions, has returned...

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation macOS TCC Bypass, CVE-2025-43530

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation

Do Son January 6, 2026

Apple’s privacy fortress, the Transparency, Consent, and Control (TCC) framework, has been breached once again. Security researcher...

macOS Threat: AppleScript (.scpt) Files Emerge as New Stealth Vector for Stealer Malware AppleScript Malware, macOS Supply Chain

macOS Threat: AppleScript (.scpt) Files Emerge as New Stealth Vector for Stealer Malware

Do Son November 14, 2025

A new malware distribution trend is emerging across the macOS threat landscape, according to fresh research from...

Odyssey Stealer: macOS Under Attack by ClickFix-Driven Infostealer

Do Son June 28, 2025

A new player has emerged in the macOS malware ecosystem—Odyssey Stealer—leveraging clever social engineering and targeting cryptocurrency...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

AppleScript

Beyond Gatekeeper: How Sapphire Sleet’s AppleScript Trap Hijacks macOS and Crypto Wallets

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation

Odyssey Stealer: macOS Under Attack by ClickFix-Driven Infostealer