Hackers Use AppleScript to Disguise macOS Malware as Legitimate Updates
First seen 2 Dec 2025, 18:33 UTC
•
•92% similarity
•7
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Cybercriminals are leveraging AppleScript files to distribute malware disguised as legitimate updates for applications like Zoom and Microsoft Teams. This new attack vector allows them to bypass Apple's Gatekeeper security mechanisms, posing a risk to macOS users. The technique emerged following Apple's removal of a key security feature in August 2024.
ThreatCluster AI