Apple has explained why some Mac users now see warnings when pasting commands into Terminal, after macOS 26.4 added new protections against suspicious command pastes and known malware scripts.
Apple says the “Possible malware, Paste blocked” alert appears when someone who does not regularly use Terminal copies a command from sources such as a website, a chat agent, a messaging app, or an email app. The company says scammers often use these channels to trick users into pasting harmful commands into Terminal, which can damage a Mac or expose private data.
The warning does not mean your Mac has already been harmed. Instead, macOS blocks the paste first and asks you to review what you are trying to run. If you trust the source and understand the command, Apple lets you choose “Paste Anyway,” but it warns that doing so can still put your Mac and privacy at risk.
macOS Blocks Known Malware More Strictly
Apple also explains two stronger alerts, called “Malware Detected, Paste Blocked” and “Malicious Script Blocked.” These appear when macOS detects known malware inside a command or script and blocks it completely.
In these cases, users should not paste the command or run the script, and Apple does not offer the same simple continue option. The company says your Mac has not been harmed when the alert appears, because macOS stopped the command or script before it could run.
Apple adds that users can report an error if they believe macOS blocked a command because a website it tries to access was wrongly marked as deceptive.
This change gives Mac users a clearer warning before Terminal runs risky commands, especially when those commands come from websites, chats, emails, or other places scammers often use.
