A phishing campaign targeting macOS users employs a ClickFix technique to deliver the Odyssey Stealer malware. The attack uses a fake CAPTCHA verification page that executes without dropping a binary on the system. When users follow the instructions, they unknowingly execute a malicious AppleScript that collects sensitive data, including crypto wallet information, browser extensions, cookies, saved keychains, usernames, and passwords. The script creates a ZIP archive of the stolen data and exfiltrates it to a command and control server. This sophisticated attack blends phishing and social engineering to bypass traditional detection methods, making it challenging to detect and analyze.