macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets

Jessica Lyons 2026-04-21T15:50:06+00:00 View Original

Full Report

Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more than 200 extensions.…

Analysis Summary