AppleScript is Apple’s scripting language for automating actions and controlling applications on macOS. It can open apps, move files, click menu items, and pass commands to software that supports scripting. Because it is built into the platform, AppleScript is a normal administration and productivity tool, not malware by itself.
In cyber security, AppleScript matters because attackers can abuse its trust and reach. A common pattern is social engineering: a fake download page or support prompt persuades the user to open Script Editor or run copied AppleScript code. Once executed, the script may launch a payload, download malware, or collect browser and wallet data. Defenders watch for unusual script execution, prompts that ask users to paste code, and suspicious transitions from browsing to local automation tools. The lesson is simple: native macOS automation can be powerful for defenders, but it also gives attackers a legitimate-looking path to user-executed compromise.



