cybersecurity

New macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer

, , ,

A new macOS ClickFix attack uses deceptive Terminal commands to silently download, mount, and launch malicious DMG files containing the Atomic macOS Stealer (AMOS) infostealer malware. This malware targets numerous browsers, cryptocurrency wallets, messaging apps, and system keychains to steal sensitive information and uploads the data to attacker-controlled servers. The campaign begins with fake CAPTCHA pages tricking users into running commands that automate the infection process without manual DMG execution.

https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/

Expanding Private Cloud Compute

Apple is expanding its Private Cloud Compute (PCC) technology beyond its own data centers by collaborating with Google and NVIDIA to run Apple Intelligence workloads on Google Cloud Platform. This move extends Apple’s strong privacy and security commitments for AI inference from Apple devices to third-party cloud environments, enabling more complex AI tasks to be handled while maintaining user privacy.

https://security.apple.com/blog/expanding-pcc

StopTheMadness Browser Extension

, , , ,

StopTheMadness Pro is a web browser extension developed by Jeff Johnson of Underpass App Company that prevents common website annoyances and privacy violations, such as blocked copy-paste, disabled contextual menus, keyboard shortcuts, autoplaying videos, and URL tracking parameters. Compatible with Safari on iOS, iPadOS, macOS, and other major browsers, it enhances user control over browsing without functioning as an ad blocker or userscript manager. The extension has received praise from various tech reviewers for restoring typical browser functionalities that many websites try to restrict.

https://underpassapp.com/StopTheMadness/

A Blueprint for Formal Verification of Apple Corecrypto

Apple has released new versions of corecrypto featuring quantum-secure ML-KEM and ML-DSA algorithms, accompanied by mathematical proofs ensuring compliance with FIPS 203 and FIPS 204 standards. Additionally, they have published formal verification libraries and tools designed to provide the strongest known correctness assurances for widely-deployed implementations of these algorithms.

https://security.apple.com/blog/formal-verification-corecrypto

New macOS Stealer Campaign Uses Script Editor in ClickFix Attack

, , , ,

A new campaign delivering the Atomic Stealer malware to macOS users exploits the built-in Script Editor app in a variation of the ClickFix social engineering attack, tricking victims into running malicious scripts without manual Terminal interaction. The attack uses fake Apple-themed sites that launch Script Editor with pre-filled code to download and execute a payload that steals sensitive data like passwords, crypto wallets, and system info. Users are advised to treat Script Editor prompts with caution and rely only on official Apple resources for system troubleshooting.

https://www.bleepingcomputer.com/news/security/new-macos-stealer-campaign-uses-script-editor-in-clickfix-attack/

OpenClaw Gives Users yet Another Reason to Be Freaked Out About Security

, ,

Security researchers have warned users of OpenClaw, a viral AI agentic tool that accesses numerous user resources, due to a recently fixed high-severity vulnerability allowing attackers with minimal permissions to escalate to full administrative control without user interaction. This flaw, rated up to 9.8 out of 10 in severity, enabled silent approval of device pairing requests, potentially compromising thousands of instances, many of which lacked authentication, leading experts to advise users to assume compromise and reconsider using the tool.

https://arstechnica.com/security/2026/04/heres-why-its-prudent-for-openclaw-users-to-assume-compromise/

Scroll to Top