ClickFix Mac Malware: New AppleScript Attack Method

ClickFix Finds a New Way to Infect Macs

ClickFix attackers have adapted their Mac infections by moving away from Terminal commands and instead using the applescript:// URL scheme to open Script Editor with a preloaded script that looks like a harmless cleanup tool.

The fake lure promises to reclaim disk space and even shows a bogus message saying storage was freed, while the script actually pulls down more code and installs Atomic Stealer — a macOS info-stealing malware.

This approach still depends on tricking users into approving the actions themselves, which is why the attack works even without obvious scary commands.

ClickFix was reportedly behind more than half of malware loader activity in 2025 and keeps evolving its methods to avoid user suspicion and security detection.

How to Stay Safe

Slow down before acting on any prompt or instruction from a website.
Avoid running scripts or commands from untrusted websites.
Verify instructions independently before following them.
Keep your Mac and security tools fully up to date.

Recent news

Agentic AI Transforms Hospitality: Real-Time Guest Personalization

Admin2026-04-23T07:02:07+10:00April 23, 2026|Categories: News - General|

Timeshifter Raises $5.3M for AI Jet Lag Solutions

Admin2026-04-23T07:01:46+10:00April 23, 2026|Categories: News - General|

AI Skills Gap in Hospitality: 97% Unprepared

Admin2026-04-23T07:01:21+10:00April 23, 2026|Categories: News - General|

AI Booking Platforms: Reliability Risks & Vetting Tips

Admin2026-04-23T07:00:53+10:00April 23, 2026|Categories: News - General|

AI Booking Channels: SiteMinder’s New Hotel Discovery

Admin2026-04-23T07:00:28+10:00April 23, 2026|Categories: News - General|

Why Big Tech Won’t Stop Online Scams

Admin2026-04-23T06:38:40+10:00April 23, 2026|Categories: News - General|