Sapphire Sleet’s latest macOS campaign uses crafted .scpt AppleScript lures that pipe curl output directly to osascript, enabling a compact, multi-stage payload chain that executes entirely within Script Editor and evades many built”‘in macOS protections. The infection begins with a socially engineered lure fake SDK or update AppleScript files such as Zoom SDK Update.scpt or […] The post Sapphire Sleet macOS Malware Abuses curl-to-osascript Execution for Multi-Stage Payload Delivery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/sapphire-sleet-macos-malware/
