New ClickLock macOS malware traps users into revealing login password
A new macOS information-stealing malware dubbed ClickLock terminates all visible processes to force users into entering their system login password. [...]
macOS is Apple’s desktop operating system, whose vulnerabilities, security updates, and software ecosystem affect device protection and data security.
Search across headline titles and summaries.
Background for this topic.
macOS is the desktop operating system for Mac computers. Its security model combines signed-code checks and notarization through Gatekeeper, built-in malware detection, application sandboxing, System Integrity Protection, and privacy controls that restrict access to files, cameras, microphones, and other sensitive resources. FileVault can encrypt the startup volume, reducing exposure if a device is lost, although it does not protect data from an attacker using an unlocked account.
For security teams, macOS is an endpoint whose risk depends on timely operating-system and application updates, configuration, and user permissions. Vulnerabilities in macOS components, browsers, or widely deployed software can enable code execution or privilege escalation, while malicious or over-permissioned applications may bypass intended isolation through user-approved access. Organizations should track supported versions, enforce updates and disk encryption through device management, limit administrative access, and preserve relevant logs for investigation; security controls and available telemetry can vary by macOS release and Mac hardware.
Weekly headline count for the current query.
A new macOS information-stealing malware dubbed ClickLock terminates all visible processes to force users into entering their system login password. [...]
A new macOS information-stealing malware called CrashStealer pretends to be Apple's crash-reporting tool to steal credentials, keychain data, and crypto wallets. [...]
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. [...]
A newly discovered macOS malware dubbed "Gaslight" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. [...]
Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [...]
A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor. [...]
A malicious Ledger Live app for macOS available from Apple's App Store has drained approximately $9.5 million in cryptocurrency from 50 victims in just a few days this month. [...]
OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack. [...]
A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix attack that tricked users into executing commands in Terminal. [...]
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. [...]
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. [...]
Apple has introduced a security feature in macOS Tahoe 26.4 that blocks pasting and executing potentially harmful commands in Terminal and alerts users to possible risks. [...]
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler. [...]
Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries. [...]
AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the broader stealer-log cybercrime economy. [...]
North Korean hackers are running tailored campaigns using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the cryptocurrency sector. [...]
A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems. [...]
Logitech's Options+ and G Hub apps on macOS stopped working after their code-signing certificate expired, leaving users unable to launch them on Apple systems. [...]
A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver trojanized versions of crypto wallet applications. [...]
The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application. [...]