* [Blog](https://www2.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate) * macOS # Palo Alto Networks ## macOS [![New Cortex Detectors for macOS Address Stealers and Malicious AppleScript](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/01/NetSec-Adhoc-Updated-Blog-Image-Resize-1135341681-2.png)](https://www2.paloaltonetworks.com/blog/security-operations/new-cortex-detectors-for-macos-address-stealers-and-malicious-applescript/) [New Cortex Detectors for macOS Address Stealers and Malicious AppleScript \-------------------------------------------------------------------------](https://www2.paloaltonetworks.com/blog/security-operations/new-cortex-detectors-for-macos-address-stealers-and-malicious-applescript/) Cortex releases new detection analytics targeting macOS stealers and malicious applescript [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown) [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) Feb 04, 2025 By [Dan Flaherty](https://www.paloaltonetworks.com/blog/author/dan-flaherty/?ts=markdown "Posts by Dan Flaherty") ## Palo Alto Networks *** ** * ** *** [Announcements](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) *** ** * ** *** [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown) *** ** * ** *** [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) *** ** * ** *** [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) *** ** * ** *** [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) *** ** * ** *** [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) *** ** * ** *** ![Through the Cortex XDR Lens: macOS Pirrit Adware](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2023/07/Head-in-the-Game-2.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Through the Cortex XDR Lens: macOS Pirrit Adware](https://www2.paloaltonetworks.com/blog/security-operations/through-the-cortex-xdr-lens-macos-pirrit-adware/) The blog describes the attack chain of the MacOS Adware Pirrit Jul 13, 2023 By [Tom Fakterman](https://www.paloaltonetworks.com/blog/author/tom-fakterman/?ts=markdown "Posts by Tom Fakterman") ![Battling macOS Malware with Cortex AI](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2023/06/NetSec-Adhoc-Updated-Blog-Image-Resize-508484039-1.png) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Battling macOS Malware with Cortex AI](https://www2.paloaltonetworks.com/blog/security-operations/battling-macos-malware-with-cortex-ai/) In this blog, we will be covering a novel machine learning (ML) model incorporated into our macOS agent that enables detecting evolving macOS malware with unprecedented accuracy. Jul 11, 2023 By [Yinnon Meshi](https://www.paloaltonetworks.com/blog/author/yinnon-meshi/?ts=markdown "Posts by Yinnon Meshi"), [Eran Tamari](https://www.paloaltonetworks.com/blog/author/eran-tamari/?ts=markdown "Posts by Eran Tamari") and [Guy Mazaltrim](https://www.paloaltonetworks.com/blog/author/guy-mazaltrim/?ts=markdown "Posts by Guy Mazaltrim") ![Threat Brief: Meltdown and Spectre Vulnerabilities](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2017/03/Linkedin.jpg) [Threat Brief](https://www.paloaltonetworks.com/blog/category/threat-brief/?ts=markdown) ## [Threat Brief: Meltdown and Spectre Vulnerabilities](https://www2.paloaltonetworks.com/blog/2018/01/threat-brief-meltdown-spectre-vulnerabilities/) Get an overview of the Meltdown and Spectre vulnerabilities including a risk assessment and calls to action. Jan 04, 2018 By [Christopher Budd](https://www.paloaltonetworks.com/blog/author/christopher-budd/?ts=markdown "Posts by Christopher Budd") ![Palo Alto Networks News of the Week – June 24, 2017](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/11/blog-generic-banner-1.jpg) [News of the Week](https://www.paloaltonetworks.com/blog/category/news-of-the-week/?ts=markdown) ## [Palo Alto Networks News of the Week -- June 24, 2017](https://www2.paloaltonetworks.com/blog/2017/06/palo-alto-networks-news-week-june-17-2017-2/) Did you miss any of this week's Palo Alto Networks action? Don't worry -- we've rounded up our top news and views right here: Jun 24, 2017 By [Justin Hall](https://www.paloaltonetworks.com/blog/author/justin-hall/?ts=markdown "Posts by Justin Hall") ![The New and Improved macOS Backdoor from OceanLotus](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg) [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [The New and Improved macOS Backdoor from OceanLotus](https://www2.paloaltonetworks.com/blog/2017/06/unit42-new-improved-macos-backdoor-oceanlotus/) Unit 42 discovers a new version of the OceanLotus backdoor in our WildFire cloud analysis platform which may be one of the more advanced backdoors we have seen on macOS to date. Jun 22, 2017 By [Erye Hernandez](https://www.paloaltonetworks.com/blog/author/erye-hernandez/?ts=markdown "Posts by Erye Hernandez") and [Danny Tsechansky](https://www.paloaltonetworks.com/blog/author/danny-tsechansky/?ts=markdown "Posts by Danny Tsechansky") ![XAgentOSX: Sofacy’s XAgent macOS Tool](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg) [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [XAgentOSX: Sofacy's XAgent macOS Tool](https://www2.paloaltonetworks.com/blog/2017/02/unit42-xagentosx-sofacys-xagent-macos-tool/) Unit 42 analyzes Sofacy's XAgent macOS Tool. Feb 14, 2017 By [Robert Falcone](https://www.paloaltonetworks.com/blog/author/robert-falcone/?ts=markdown "Posts by Robert Falcone") Load more blogs ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language