Threat actors are running a malware campaign targeting macOS users by impersonating legitimate utility software and tricking them into executing malicious Terminal commands. The campaign, dubbed ClickFix, successfully evades traditional security defenses to steal credentials, cryptocurrency wallets, and other sensitive information from infected systems.

North Korea's Lazarus Group is using a social engineering tactic called ClickFix to compromise Mac-focused organizations, targeting senior leaders to steal data — a notable expansion of the group's attack toolkit to Apple platforms.

The Australian Cyber Security Center (ACSC) is warning organizations of an ongoing malware campaign using the ClickFix social engineering technique to distribute the Vidar Stealer info-stealing malware. [...]