New macOS ClickFix Campaign Targets AppleScript Stealers
9to5Mac reported that Netskope Threat Labs has spotted a macOS ClickFix campaign using social engineering to get victims to run an AppleScript-based info stealer and a persistent remote access trojan. The outlet says the attack is designed to slip past built-in protections by targeting users directly.
According to 9to5Mac, a newly described macOS campaign is abusing user trust rather than technical exploits to compromise Apple systems. The report centers on an AppleScript-driven payload and a lingering remote access component.
This is a reminder that Macs can still be targeted through deception even when platform security is strong. For Apple users and IT teams, the story underscores the need for extra caution around prompts, downloads, and unexpected instructions.
The source text explicitly describes a Netskope Threat Labs report and a macOS ClickFix campaign, but it does not provide extra specifics beyond the attack type and payloads.
- 9to5MacPrimaryApple @ Work: New macOS ClickFix malware brings a new potential backdoor to your enterprise fleet - 9to5MacBradley C
"Apple @ Work is exclusively brought to you by Mosyle , the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional grade platform all the "
Open original source
Recommended signals
Recommended from Apple topics and recent confidence changes