Jamf Threat Labs has discovered a ClickFix-style macOS attack that abuses the applescript:// URL scheme to launch Script Editor and deliver an Atomic Stealer infostealer payload — bypassing Terminal entirely. Unlike traditional ClickFix campaigns that instruct users to paste commands directly into Terminal, the discovered variant uses a browser-triggered workflow to launch Script Editor. Users […]