scams

New macOS Stealer Campaign Uses Script Editor in ClickFix Attack

, , , ,

A new campaign delivering the Atomic Stealer malware to macOS users exploits the built-in Script Editor app in a variation of the ClickFix social engineering attack, tricking victims into running malicious scripts without manual Terminal interaction. The attack uses fake Apple-themed sites that launch Script Editor with pre-filled code to download and execute a payload that steals sensitive data like passwords, crypto wallets, and system info. Users are advised to treat Script Editor prompts with caution and rely only on official Apple resources for system troubleshooting.

https://www.bleepingcomputer.com/news/security/new-macos-stealer-campaign-uses-script-editor-in-clickfix-attack/

Gone (Almost) Phishin’

, , ,

Phishing Attack Experience: Matt Mullenweg shares insightful experience with a sophisticated phishing attempt. Fake password reset prompts on his Apple devices led to scammers impersonating him to Apple Support. They created a counterfeit support case, generating realistic emails and even a convincing call from a supposed Apple representative. The scam was revealed when Mullenweg noticed the website was a replica without verification. He warns others to never approve unsolicited password resets, recognize that Apple won’t call first, and always verify URLs to avoid scams.

https://ma.tt/2026/03/gone-almost-phishin/

Kirkville

, , ,

Apple News ads, served by Taboola, are perceived as scams, often appearing repetitive and suspicious. The author refuses to pay for Apple News+ due to persistent ads. Recent AI-generated ads raise concerns, with domains showing recent registrations, suggesting lack of credibility. Examples include fake “going out of business” ads. The author criticizes Apple for allowing such misleading ads in their premium service.

https://kirkville.com/i-now-assume-that-all-ads-on-apple-news-are-scams/

Scroll to Top