Sapphire Sleet’s latest macOS campaign uses crafted .scpt AppleScript lures that pipe curl output directly to osascript, enabling a compact, multi-stage payload chain that executes entirely within Script Editor and evades many built‑in macOS protections. The infection begins with a socially engineered lure fake SDK or update AppleScript files such as Zoom SDK Update.scpt or […]
The post Sapphire Sleet macOS Malware Abuses curl-to-osascript Execution for Multi-Stage Payload Delivery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: