Mac Script Editor becomes new entry point for ClickFix malware

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...
Mactrast

ClickFix-Style macOS Attack Abuses Applescript:// URL Scheme to Deliver Infostealer Payload

Jamf Threat Labs, a team of Mac and mobile security experts, have identified a new ClickFix-style attack that ditches the ...

Mac users beware — experts say this attack stood out immediately by making a major change

ClickFix on Macs is evolving yet again and is no longer abusing Terminal.

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
Arabian Post

Script Editor becomes Mac malware gateway

When a victim clicks an “Execute” button, the site calls the applescript:// URL scheme, prompting the browser to open Script Editor with malicious code already filled in. That removes the need for the ...