An unpatched vulnerability, discovered in macOS Mojave last month, permits attackers to completely bypass the Gatekeeper security feature. Unfortunately, it's now been exploited by an adware company in what's been called a test in preparation of new Mac malware.
Gatekeeper
An unpatched macOS vulnerability lets malware completely bypass Gatekeeper security
An unpatched vulnerability in macOS Mojave permits attackers to completely bypass the Gatekeeper security feature. Apple was first informed about the flaw on February 22, but last week's macOS 10.14.5 update hasn't fixed the vulnerability even though it was supposed to.
Apple invites developers to get their Mac apps notarized for Mojave’s improved Gatekeeper
macOS Mojave has several features that tighten security, including an improved Gatekeeper feature that enforces code signing and verifies downloaded apps before allowing them to run. Today, Apple issued a reminder to developers to get their Mac software notarized so customers have increased confidence that it's not known malware.