bleepingcomputer.com·Apr 8, 2026
A campaign is targeting macOS users with the Atomic Stealer malware by exploiting the Script Editor in a variation of the ClickFix attack, which deceives users into executing Terminal commands.
A valuable insight for you is to prioritize monitoring and securing macOS environments against the Atomic Stealer malware by implementing controls that detect and block the abuse of Script Editor and Terminal command executions. Encourage your SOC team to develop specific detection rules for this variant of the ClickFix attack to enhance threat intelligence and incident response capabilities.