macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...

Security Bite: ClickFix malware authors already bypassing Apple’s new Terminal paste warning

Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready ...
Yahoo

State-sponsored actors spotted using ClickFix hacking tool developed by criminals

The ClickFix attack technique has gotten so popular that even state-sponsored threat actors are using it, research from Proofpoint claims, having observed at least three groups leveraging the method ...

Mac Script Editor becomes new entry point for ClickFix malware

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...
Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
Infosecurity Magazine

Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings

OS 26.4 update introduced security warnings into Terminal to prevent ClickFix attacks, so attackers have shifted to Script ...
Yahoo Finance

ESET Threat Report: ClickFix fake error surges, spreads ransomware and other malware

“The list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even custom malware from ...
Dark Reading

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward

ClickFix campaigns are gaining steam according to various security researchers, with recent campaigns spotted across the globe from a wide swath of cyberattackers. The increasingly popular tactic ...
WeLiveSecurity

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

“It’s all fun and games until someone gets hurt” could well be the title of the latest ESET Threat Report, as cybercriminals play new mind games with their victims, wage full-on deathmatches among ...
Bleeping Computer

Hackers now testing ClickFix attacks against Linux targets

A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. ClickFix is a social ...