Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
Blockonomi

Cybercriminals Weaponize Obsidian Plugins in Sophisticated Crypto Malware Campaign

Cybercriminals exploit Obsidian Plugins to deploy PHANTOMPULSE malware, targeting crypto users via LinkedIn and Telegram in ...

Lazarus Group May Have Compromised Multiple Top DeFi Protocols—What We Know So Far

Lazarus Group may have helped build many top DeFi protocols through long-term infiltration and code contributions. The group ...

"ClickFix" attacks on macOS now also via Script Editor

An ongoing malware campaign is using Apple's Script Editor instead of the Terminal to inject the Atomic Stealer data thief onto Macs.

Mac Script Editor becomes new entry point for ClickFix malware

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...

Anthropic’s Claude can now control your Mac, escalating the fight to build AI agents that actually do work

Anthropic has given Claude the ability to control a Mac, marking a major step in the AI agent race and raising new questions ...
Arabian Post

Script Editor becomes Mac malware gateway

When a victim clicks an “Execute” button, the site calls the applescript:// URL scheme, prompting the browser to open Script Editor with malicious code already filled in. That removes the need for the ...
Engadget

Claude Code and Cowork can now use your computer

Anthropic announced today that its Claude Code and Claude Cowork tools are being updated to accomplish tasks using your computer. The latest update will see these AI resources become capable of ...