An ongoing malware campaign is using Apple's Script Editor instead of the Terminal to inject the Atomic Stealer data thief onto Macs.
Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Lazarus Group may have helped build many top DeFi protocols through long-term infiltration and code contributions. The group ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
ClickFix attacks targeting Mac users now use Script Editor instead of Terminal, a shift that sidesteps Apple's latest ...
Anthropic has given Claude the ability to control a Mac, marking a major step in the AI agent race and raising new questions ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
When a victim clicks an “Execute” button, the site calls the applescript:// URL scheme, prompting the browser to open Script Editor with malicious code already filled in. That removes the need for the ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results