> TritonInfoSec News

Home / Apr 17, 2026 / Story

#5 Dark Reading general April 16, 2026 at 19:42 UTC

North Korea Uses ClickFix to Target macOS Users' Data

By Alexander Culafi

AI Summary

North Korean threat group Sapphire Sleet is using ClickFix attacks targeting macOS users through fake job offers and fraudulent Zoom updates. The campaign steals credentials and sensitive data from Mac systems, expanding North Korea's cyber operations beyond traditional Windows targets.

Read full article → https://www.darkreading.com/application-security/n…

Relevance score: 87.0/100

Sponsored

Protect Your Business

Expert cybersecurity solutions to safeguard your organization from evolving threats.

Get Protected →

# More from April 17

1
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation The Hacker News
2
ZionSiphon malware designed to sabotage water treatment systems BleepingComputer
3
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains BleepingComputer
4
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges BleepingComputer
6
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face BleepingComputer
7
US nationals sentenced for aiding North Korea’s tech worker scheme CyberScoop
8
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic The Hacker News
9
Data breach at edtech giant McGraw Hill affects 13.5 million accounts BleepingComputer
10
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks The Hacker News