A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...

North Korean hackers used AppleScript and ClickFix in recent attacks targeting macOS systems at financial organizations.

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...

Shortly after the release of macOS 26.4 Tahoe (see “ OS 26.4 Adds AI-Generated Playlist Playground, Separates Family Sharing Purchases,” 25 March 2026), several TidBITS Talk users began reporting ...

For nearly a decade, Shell’s petrochemicals plant has been a part of our community. Besides the economic and job growth, Shell continues to be a critical community partner. For example, Shell has ...

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...

Simplified notifications, pushed with a single curl command.

NomShub, a vulnerability chain in Cursor AI, allowed attackers to achieve persistent access to systems via indirect prompt ...

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.