CSOonline

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic Stealer. ClickFix malware campaigns are evolving again, with threat actors ...
Tidbits

macOS 26.4’s Script Editor Won’t Open Some Older AppleScripts

Shortly after the release of macOS 26.4 Tahoe (see “ OS 26.4 Adds AI-Generated Playlist Playground, Separates Family Sharing Purchases,” 25 March 2026), several TidBITS Talk users began reporting ...

Security Bite: ClickFix malware authors already bypassing Apple’s new Terminal paste warning

Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready ...
Infosecurity-magazine.com

Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings

A malware campaign which targets macOS systems, distributed using a ClickFix attack, has evolved to exploit Script Editor as the execution vector rather than the typical Terminal-based point of ...
Bleeping Computer

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix attack that tricked users into executing commands in Terminal. Script Editor ...

North Korea targets macOS users in latest heist

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...
Tidbits

#1797: OS 26.4 updates, Mac Pro discontinued, Script Editor issues in macOS 26.4, input source-related login failures, US router ban

This week brings endings and beginnings: Adam Engst reports that Apple has discontinued the Mac Pro, while OS 26.4 arrives with Apple Music’s AI-powered Playlist Playground, independent Family Sharing ...
Ars Technica

Opening Chrome with URL via AppleScript works from Script Editor or bash; works only partially from launchd?

I am trying to schedule a refresh of a YouTube Stream Now stream, and the only way I've figured to do it is via reloading a particular YouTube URL*. I have an always-on Mac mini, so I wrote an ...