On the Windows platform, macro-based attacks are well understood (and frankly are rather old news). However on macOS, though such attacks are growing in popularity and are quite en vogue, they have received far less attention from the research and security community. In this talk, we will begin by analyzing recent macro-based attacks that target Apple's desktop OS, highlighting macOS-specific exploit code and payloads. Rather unsurprisingly though, these attacks are unsophisticated, requiring explicit user-approval to run the malicious macro code and remain constrained by Office's constrictive sandbox. Rather lame! However, things could be worse! We'll end the talk by detailing a novel exploit chain (created by yours truly), that starts with CVE-2019-1457, leverages a new sandbox escape and ends with a full bypass of Apple's stringent notarization requirements. Triggered by simply opening a malicious (macro-laced) Office document, no other user interaction required, in order to persistently infect even a fully-patched macOS Catalina system! ...so maybe don't open any Office documents for the time being!? 📝☠️