New macOS Stealer Campaign Uses Script Editor in ClickFix Attack
A new macOS malware campaign delivering the Atomic Stealer exploits the built-in Script Editor app via a variation of the ClickFix attack, tricking users into running malicious scripts without manual Terminal interaction. The attack uses fake Apple-themed websites that launch Script Editor with pre-filled code to download and execute obfuscated payloads, targeting sensitive data such as Keychain items, browser passwords, and cryptocurrency wallets. Mac users are advised to treat Script Editor prompts with caution and rely only on official Apple documentation for system guidance.















