ThreatCluster

Hackers Use AppleScript to Disguise macOS Malware as Legitimate Updates

First seen 2 Dec 2025, 18:33 UTC CybersecuritynewsEsecurityplanet 92% similarity 7

Article Content

Browse articles
ThreatCluster

Cybercriminals are leveraging AppleScript files to distribute malware disguised as legitimate updates for applications like Zoom and Microsoft Teams. This new attack vector allows them to bypass Apple's Gatekeeper security mechanisms, posing a risk to macOS users. The technique emerged following Apple's removal of a key security feature in August 2024.

ThreatCluster AI

Community

Browse all →