From ehackingnews.com
As part of further “refinements in its tactics,” a malware notorious for targeting the macOS operating system has been updated to add more elements to its toolset that allow it to accumulate and exfiltrate sensitive data saved in a range of programmes, including apps like Google Chrome and Telegram. This macOS malware can collect login credentials from a variety of apps, allowing its operators to steal accounts.
XCSSET was discovered in August 2020, when it was found to be targeting Mac developers using an unusual method of propagation that entailed injecting a malicious payload into Xcode IDE projects, which is executed when the project files are built in Xcode. XCSSET collects files containing sensitive information from infected computers and delivers them to the command and control (C2) server.