SecurityWeek

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers used AppleScript and ClickFix in recent attacks targeting macOS systems at financial organizations.

macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Mactrast

ClickFix-Style macOS Attack Abuses Applescript:// URL Scheme to Deliver Infostealer Payload

Jamf Threat Labs, a team of Mac and mobile security experts, have identified a new ClickFix-style attack that ditches the ...

North Korea targets macOS users in latest heist

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...

Mac users beware — experts say this attack stood out immediately by making a major change

ClickFix on Macs is evolving yet again and is no longer abusing Terminal.
Ars Technica

Need an Applescript command (If statement)

I have an Applescript command that basically just mounts a network drive. I want to add a line that first checks to see if the drive is mounted. Does anyone know how to go about doing that? What ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
Cult of Mac

Numbers App Adds Back Applescript Support, And More

Do you hear that tinkling, rattling sound? That’s the sound of a million teeth skittering across the floor tiles as their previous owners relax their legs after smashing the teeth out of their own ...