An unpatched vulnerability, discovered in macOS Mojave last month, permits attackers to completely bypass the Gatekeeper security feature. Unfortunately, it's now been exploited by an adware company in what's been called a test in preparation of new Mac malware.
An unpatched vulnerability in macOS Mojave permits attackers to completely bypass the Gatekeeper security feature. Apple was first informed about the flaw on February 22, but last week's macOS 10.14.5 update hasn't fixed the vulnerability even though it was supposed to.
macOS Mojave has several features that tighten security, including an improved Gatekeeper feature that enforces code signing and verifies downloaded apps before allowing them to run. Today, Apple issued a reminder to developers to get their Mac software notarized so customers have increased confidence that it's not known malware.