Security · 1h ago
New macOS ClickFix attack mounts DMGs to deploy infostealer
A new macOS ClickFix campaign uses Terminal commands to silently download, mount, and launch info-stealing malware from malicious DMG files. The attack tricks users into running commands that bypass macOS security checks. Once executed, the malware steals credentials and other sensitive data.
Meridian48 take
This attack shows how social engineering continues to bypass macOS's built-in defenses, making user vigilance the last line of protection.
Read the full reporting
New macOS ClickFix attack silently mounts DMGs to push infostealer →
Bleeping Computer
macos-malwareclickfix-attack